| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- solve actual findings during tests with kyverno policies
- synchronize headers
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- add kyverno policy fixes for cassandra Operator template
- add new mongodb-init chart
- new parameter in global values to support "NativeSidecar"
which disables the deployment of the sidecar killer in jobs
- update of "killSideCar" function to use the new option
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: If7cafd10a14e9bc6b7843c0c2a62691c4e94ca71
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- deploy 1.14.4 images
- increase AAI chart version to 14.0.1
- change sidecar killer job to use wget instead of curl
Issue-ID: AAI-3926
Change-Id: I405b52169006800b63fc76568482b4347c99c0b4
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- set resourceLimit's for emptyDir volumes
- use non-root group in mongo pods
- make pod filesystem read-only
- bump mongodb chart version from 14.12.2 to 14.12.3
- use new version in portal-ng, nbi, multicloud and dcae-tcagen2
Issue-ID: OOM-3293
Change-Id: Ife7445433337ac97a03f8cd22ad551e8745b9717
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
The configuration of an external MariaDB did not fit with
the template function of _mariadb.tpl and additionally
the template function has a bug in the service information.
Issue-ID: OOM-3290
Change-Id: I92f758647012ebf289549665f7f5c20e94c9ff66
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
As hostPath volumes violate Cluster policies, they are
not allowed within pod definitions.
In our case only the "etc/localtime" is mounted to get
the timezone of the host, which is not required.
Issue-ID: OOM-3287
Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Use the new "service" feature of the readiness image to
resolve startup dependencies.
Issue-ID: OOM-3280
Change-Id: Ia331d51528676744e5e0479d1fd0ca02830c3499
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Move the charts from /common to sdnc/components and simplify
the DB creation.
Issue-ID: OOM-3286
Change-Id: Ib0c53e51b96ad2e1573859b9d938e700c0bea4ac
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some ports need to be excluded from cassandra to support
JMX and Metrics interfaces.
Also some memory settings need to be adjusted.
Issue-ID: OOM-3275
Change-Id: I7530b69d65c7c612bcf54eba64d5a4dd5a20f753
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Update the Mariadb template to support the mariadb-operator
version 0.27.0, which changed the CRD naming and the content
structure.
Temporarily disable istio-sidecar, as problems with init jobs
for MariaDB
Issue-ID: OOM-3281
Change-Id: Ia9563a5074a739e4b879a7840bedb1d73fbc1b54
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Update the ReadinessCheck (13.1.0) to support the "services" feature
of readiness image version 6.0.2 and use the feature in the charts
under common (dgbuilder, etcd-init, mariadb-galera, mariadb-init,
postgres-init)
Additional exclude K8S API port (443) from Istio Sidecar communication
to allow CNI Plugin
Issue-ID: OOM-3280
Change-Id: Ibe030aa9debfc82e88f2ce5e309dd6fa2250f211
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Currently in ONAP the imagePullSecrets is hardcoded to
'onap-docker-registry-key' which is created by the
repository-wrapper component.
With this change the secrets can be configured via setting
global.imagePullSecrets and optionally per image if it is
configured as map (image.pullSecrets)
Issue-ID: OOM-3284
Change-Id: I8644f9b46043b6014219c42928e057b149df43a4
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some settings are still wrongly interpreted (e.g. 0.02Gi)
Therefor they are changed to non-floating numbers (e.g. 20Mi)
Issue-ID: OOM-3273
Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Give different readinessCheck rules depending on the usage
of mariaDB Operator and local/global DB setup
Apply these changes to CDS, NBI, SO, SDNC, Policy
Issue-ID: OOM-3280
Change-Id: I4e6f584558ffebb6ab602db88a73c2f02891902e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Import the latest bitnami mongodb chart and update the
client charts, which use it:
- NBI
- DCAEGEN2/TCAEGEN2 (include Chart.yaml fix)
- MULTICLOUD/K8S
THe new version supports the initial creation of DBs and user
Issue-ID: OOM-3277
Change-Id: I75a475aadb8b84a313527b75f4c69e85624af8ba
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update all resource settings to the kubernetes recommended
normalized form. Fix ReadinessCheck resource limits.
Issue-ID: OOM-3273
Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update cassandra to 4.1.3 and increase the write timeouts
to improve the AAI/SDC stability.
Increase the cql client version in SDC to be compliant with cassandra
Issue-ID: OOM-3275
Change-Id: Ie1b2f4d38e580eecacd416fca4e392b4a8b0c62a
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Add template for the postgres operator instance setup and
modifications to use the postgres instance via Operator
TBD: Update of documentation and fix for clients (DMaaP, CPS)
Issue-ID: OOM-3247
Change-Id: I56c34400dc73c71b936a51260efd231017adaeae
Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
|
|
Update snmptrap-collector to 2.0.8.
Fix outdated configuration library.
Add "protocol" to common.containerPorts.
Update dcae-snmptrap-collector chart version to 13.0.1.
Update dcaegen2-services chart version to 13.0.2.
Issue-ID: DCAEGEN2-3409
Issue-ID: OOM-3251
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: If0ca26e07fdbbebafb442dc0ead3a14d4ea0d4a6
|
|
Using the mariadb-operator version 0.24.0 a backup to
S3 storages is supported and implemented in the
templates and mariadb chart
Add a missing mariadbOperator config for mariadb-init
Issue-ID: OOM-3264
Change-Id: I065053832c226740b2a3b64b065cecc599f28296
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
To avoid "lock" situations all clients of the mariadb-galera
cluster should use the "primary" service, which connects
to the master node.
This service is provided by the mariadb-operator.
Additionally for SO the bugfix for "local" DB configuration
is fixed.
Additionally missing readiness checks added to so-cnfm-lcm and
so-etsi-nfvo-ns-lcm to wait for the DB job to complete
Issue-ID: OOM-3261
Issue-ID: OOM-2697
Change-Id: I3d44f8b6d84d112c0271bfccebc4fa533c4e6aff
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Fix the resource names for db/user in mariadb template for
the mariadb-operator and corrected the resource notation
to work with ArgoCD
Added missing "user" entry for mariadb-galera in NBI and
Etsicatalog values.yaml and missing dbName in SDNC
Issue-ID: OOM-3255
Issue-ID: OOM-3257
Change-Id: Ib11c20ce99bdd7f29415611d2c0795466415eea6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
CDS and CPS use hazelcast, which requires additional
resource read permissions (endpoint, service, node)
Added it to roles-wrapper and ServiceAccount templates
Issue-ID: OOM-3250
Change-Id: I8360ba657054b2468df55dc529beedd9fc79bada
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Add missing entry for customized StorageClass for
the MariaDB-Operator based DB instances
Issue-ID: OOM-3236
Change-Id: I6c65c1553fc01181aa7dbc5fedb3237c110fc172
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
As Reaper startup is failing in many cases the deployment
it should be possible to disable it to stabilize the gating
Change the delay handling in the deploy plugin.
Issue-ID: OOM-3246
Change-Id: Ibf435d30551aacc213d7c9d38bce72198f4f4b3d
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
To support both Operator and non-operator deployments
the service name should be either mariadb-galera-primary or
mariadb-galera
Issue-ID: OOM-3236
Change-Id: Ic7721e08ec6a257b537024cb4a4751d6155ee28c
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Schema creations of Reaper and AAI/SDC can conflict with each
other. Therefor the reaper init script should finish before
AAI and SDC schema init scripts are started
Update jvm options for cassandra instance
Issue-ID: OOM-3246
Change-Id: I16cea161fc8b75e15c76c4cbe4851739782dfb06
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
In the mariadb-operator version 0.21.0 changes to the CRDs
have been done, which require a change in the template.
see: https://github.com/mariadb-operator/mariadb-operator/pull/248
PeerAuthentication depends on galera setting (not know why)
Issue-ID: OOM-3236
Change-Id: Iaf3cd7128e4c9889c1d56b9b83a72a352e60a39d
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
The DISABLE setting for mysql ports lead to failing mysql connections
therefor STRICT is used to fix initial connections
see (https://istio.io/latest/about/faq/#mysql-with-mtls)
Issue-ID: OOM-3236
Change-Id: I56c34400dc73c71b936a51260efd776349adaeae
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update the definitions based on test results to avoid
ArgoCD resyncs.
Issue-ID: OOM-3184
Change-Id: I0e87d0bbea4a45a480fe078e4d9ae7a0f22ff764
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Add template functions for the mariadb-operator resources
and update the mariadb-galera chart to support them
Change the flag to "useOperator" in cassandra to the global setup
and additional labels for cassandra resources
Changed Policy DB users to support the new mariadb User
and fixed db.sh script to wait for the DB user creation
Use the new readiness image 5.0.1 with the "app-name" option
Change the MariaDB-Galera Service to the "primary" to avoid Deadlocks
Fix previous SDNC patch (https://gerrit.onap.org/r/c/oom/+/135308) and
temporary disable MariaDB for SDNR, as it is not compatible to
MariaDB 11
Issue-ID: OOM-3236
Change-Id: Ie63fcc9c6d5fa802d38c592b449e7ff8553c2ab9
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Fix context handling for templates common.nginxIngress and ingress.config.port
Issue-ID: OOM-3237
Change-Id: Idabcdf8ca564d60e2d2471c7fde38412dc478b50
Signed-off-by: demskeq8 <alexander.dehn@highstreet-technologies.com>
|
|
Update to use container with shortened
"X-DMAAP-DR-ON-BEHALF-OF" name for
datarouter provisioning.
Issue-ID: DMAAP-1893
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: I21b043b8709000d2a30ea4e07e3fd0f8693a393c
|
|
To enable the internal syncronization between Cassandra
instances, the ports 7000 and 7001 have to be excluded
in the Envoy Proxy
Issue-ID: OOM-3235
Change-Id: I8355f8e15f1e3796e8f910cba0ac54d4e05c78fd
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Added missing SA definition in values.yaml and changed
location in deployment.yaml
Issue-ID: OOM-3199
Change-Id: I1d488e8d0d65c4cd3cf0ae21d22fa1143c8d64ab
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Remove common charts (cert-wrapper, certInitializer, music)
which are not needed anymore wor unsupported
Issue-ID: OOM-3114
Change-Id: Iec3a49fd4f08b207961ddc572e2de873ee1480d5
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
|
|
Add options to set the Ingress provider and enhanced
settings to provide different resource outputs for
Ingress resurces
Issue-ID: OOM-3184
Change-Id: I3a6ebf17191a558941d6e18fbfe676da0c78e487
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Adding service account for the jobs
Cleanup MSB, ES and other common charts from AAF dependencies
Issue-ID: OOM-3199
Issue-ID: OOM-3114
Issue-ID: OOM-3116
Change-Id: I55bf80876c9fb3b110e538ed1a5504e0dc1d4e1a
Signed-off-by: vladimir turok <vladimir.turok@t-systems.com>
|
Andreas Geissler
Fiete Ostkamp
Lukasz Rajewski
rajesh.kumar
Jack Lucas
demskeq8
Micha? Jagie??o
vladimir turok