Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
The sdnc-portal component is currently disabled due to known security
vulnerabilities. This component is no longer supported - the developer
left the project - and its functionality is not really needed. So, we
are removing this component in Guilin.
Issue-ID: SDNC-1236
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I45c7cad2102011fb25ca9f6707792dfd5c97624f
|
|
Add configuration supporting dealing with CMPv2 certs in K8s plugin.
Remove outputType from global values to allow it be specific for service.
Issue-ID: DCAEGEN2-2252
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Iedb9c3f63a539a386b9abd5d257c54f5ce023662
|
|
This new chart allows to set the same log level accross components in
ONAP.
As other similar templates, default value will be retrieved
(`logConfiguration.logLevel`) but can be overrided:
- globally by setting global.logLevel
- per component basis by setting `logConfiguration.logLevelOverride` per
component basis
Issue-ID: OOM-2515
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I18196b56bb4f8732d42271d7c93c1a0f71bfac58
|
|
Update Cert Service version to 1.2.0 in order to allow creation
not existing subdirectories where certs will be located.
Issue-ID: DCAEGEN2-2252
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I83560e21a6894c8869201205000bb7c41956176a
|
|
Allow use of OUTPUT_TYPE env in certservice client to define desired
certificates format (one of: P12, JKS, PEM)
Issue-ID: AAF-1152
Change-Id: I5065b659ae36d71209d643303896516042fabaa0
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
|
|
|
|
Issue-ID: OOM-2424
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Iee3f9b6e1dc0dd278c9c55d317827f16ac8b3389
|
|
Use a newer readiness check script with better handling of readiness on
statefulsets.
Issue-ID: OOM-2418
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ica7c87e856c193b2ed825a3eb2345262689f2808
|
|
|
|
When upgrading from a version to another, it may be impossible to do it
"simply" because of changes in immutable properties of statefulsets. We
change that here by creating a temporary deployment which will hold the
whole databases during the time the old statefulset gets destroyed and
the new one gets created.
Issue-ID: OOM-2316
Signed-off-by: tringuyen <tri.nguyen@tatacommunications.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I318d72830d5002f50597e23e0753e292f8b47c53
|
|
This new micro service allow retrieval of certificates using CMPv2
protocol and relay the requests to CA server (such as EJBCA provided in
contrib folder).
Issue-ID: AAF-1083
Change-Id: Ib3acba3d071533ad933d043f067147e8406d8fa8
Signed-off-by: EmmettCox <emmett.cox@est.tech>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
|
|
New readiness image proposes several new stuff:
* smaller size
* ability to wait for daemonset
Issue-ID: OOM-2373
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I4af9a09393c5b71214d8f4db2c1a095b260c9fbd
|
|
This aligns with other changes on OOM.
You can either supply a specific password or
have it generated for you based on a master password
Issue-ID: CLAMP-796, OJSI-188
Change-Id: If1b80fc47cf1033e094f8a106746d1e8c556c08b
Signed-off-by: JulienBe <jb379x@att.com>
Co-authored-by: sebdet <sebastien.determe@intl.att.com>
[small updates in common secret template usage]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
|
|
Create onap with minimal component count
Issue-ID: OOM-2385
Change-Id: Idf7b9f517e65274f6a288fde0d0462fd1cd93762
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
|
|
Sniro emulator is not a component which will be part of the release.
As such, we don't start it even in "all" ONAP.
Issue-ID: OOM-2372
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib544f93ca51a42cd0b39637c14555cb9a3ecfda0
|
|
|
|
|
|
|
|
Add three templates:
* one for creating the sidecar
* one for creating the configmap
* one for creating the volumes
Issue-ID: OOM-2370
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I34ac35a30b3ab892622431ee7c70277bc7b1f41d
|
|
|
|
Log is not a component which will be part of the release.
As such, we don't start it even in "all" ONAP.
Issue-ID: OOM-2370
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I0238632a3a62ad7cfeee3656afc74144a6337c46
|
|
Pomba is not a component which will be part of the release.
As such, we don't start it even in "all" ONAP.
Issue-ID: OOM-2371
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I400601dee8e65b1c05948e3ccad99e84eb9c9119
|
|
|
|
Add elasticdb as common chart to oom
Issue-ID: SDNC-1061
Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
Change-Id: Id8c48113b8d4193d7f13991296f0307a29724c01
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
|
|
Issue-ID: OOM-2365
Signed-off-by: zhangqingjie <zhangqingjie@huawei.com>
Change-Id: I18b1c3198c669e7a7bda368f8d9ce8ba5790555b
|
|
EJBCA Server is used to test that CMPv2 Certificate handling is well
done in ONAP.
Issue-ID: AAF-1083
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5e2d25b68b5cd80d3c7bf282ce871dd81e711ff6
|
|
Issue-ID: OOM-2360
Enable NBI Module in 5G Network Slicing use case override file
Signed-off-by: zhangqingjie <zhangqingjie@huawei.com>
Change-Id: I05d53cd82a037b076b0935ad6a629d094415a3dc
|
|
Cleaned up up configs, JDK11 fixes, Hello and Agent works, now a model for Apps
non-root fix
Issue-ID: AAF-1081, AAF-1102
Signed-off-by: Instrumental <jgonap@stl.gathman.org>
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: I4947075029db8abd7d2072b6b82064af8e2daa3e
|
|
"index" function is bad in term of performance in Helm.
Reworked the templates in order to avoid it.
as certificates are retrieved at every boot (and as already present
certs are deleted before), we don't need persistent storage
Also set aafImage as a global variable in order to have a consistent use
accross ONAP
Issue-ID: EXTAPI-375
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie3f5ae5c2a37d816afc42d2c67ebe8e40e749c79
|
|
Use 6.0.0 in preparation for Frankfurt release
Issue-ID: OOM-2320
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
|
|
Issue-ID: DCAEGEN2-1866
Change-Id: I0179e1e75529ad8017b1a5c23747dbd80aa6f625
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Issue-ID: OOM-2329
supply a ONAP installation config file for 5G Network Slicing usecase,
so that the user can easily install a minimum-scope ONAP with as few
resources as possible.
Signed-off-by: zhangqingjie <zhangqingjie@huawei.com>
Change-Id: I728a0229296d62120418f654e4c3f50a2805a69e
|
|
Current service and headlessService templates doesn't handle the fact
that out of cluster ports must be TLS encrypted only.
With a new (backward compatible) DSL, this is now possible.
In values.yaml, all ports in service part with port AND plain_port will
have the ability to be HTTP or HTTPS depending on the context.
Per default, they'll be HTTPS.
TLS choice will be done according this table:
| tlsOverride | global.tlsEnabled | global.serviceMesh.enabled | global.serviceMesh.tls | result |
|-------------|-------------------|----------------------------|------------------------|--------|
| not present | not present | not present | any | true |
| not present | not present | false | any | true |
| not present | not present | true | false | true |
| not present | not present | true | true | false |
| not present | true | any | any | true |
| not present | false | any | any | false |
| true | any | any | any | true |
| false | any | any | any | false |
Service template will create one or two service templates according to this table:
| serviceType | both_tls_and_plain | result |
|---------------|--------------------|--------------|
| ClusterIP | any | one Service |
| Not ClusterIP | not present | one Service |
| Not ClusterIP | false | one Service |
| Not ClusterIP | true | two Services |
If two services are created, one is ClusterIP with both crypted and plain
ports and the other one is NodePort (or LoadBalancer) with crypted port only.
Issue-ID: OOM-1936
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If766dd73132022d1a6e578fd36113c461bb91ea5
|
|
SO can handle keystone v3 but override file must be capable to handle
this.
If openStackKeystoneVersion is set to "KEYSTONE_V3" in
so-catalog-db-adapter config part, SO will be able to use keystone v3
for OpenStack
Issue-ID: OOM-2221
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I14db318d25842a08ef380f6edb708e26dae050ad
|
|
Proposition of common templates to make service declaration and PV
declaration consistent accross OOM.
Propositions of templates for sub parties of resource definitions
such as metadatas, selector and containerPorts.
I've also made an example with cassandra.
Change-Id: I8b8aa8eb61dafba75e89add1979114a0eefce243
Issue-ID: OOM-1971
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
This patch makes heavy use of Orange accomplishments [1][2][3]. This
deployment override will probably succeed "minimal-onap.yaml" used in
e.g. "integration/bootstrap/vagrant-minimal-onap" setup.
Cassandra replicaCount is increased to 3 to allow reaching quorum.
[1] https://gitlab.com/Orange-OpenSource/lfn/onap/onap_oom_automatic_installation
[2] https://wiki.lfnetworking.org/display/LN/Call%20for%20ONAP%20DDF%20Topics%20-%20Prague%202020#CallforONAPDDFTopics-Prague2020-OOM-IntroductionofServicemesh
[3] https://wiki.lfnetworking.org/download/attachments/25364127/OOM%20Service%20Mesh%20Prague.pptx
Issue-ID: ONAPARC-551
Change-Id: Ibaec41f088f11f7fb4e7c476f742d12d29c5740b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: OOM-2266
Change-Id: I0c571c765cb099b1f2e7886bc686e24a436f290e
Signed-off-by: Brian Freeman <bf1936@att.com>
|
|
Deployment of AAI component fails unless Cassandra is enabled in the
cluster [1].
This patch also adds Cassandra to the list of enabled components and
fixes minor typos in the documentation.
[1] https://git.onap.org/aai/oom/tree/requirements.yaml#n23
Issue-ID: INT-1402
Change-Id: I5cb57e1909f749bb8d28fac0e5eeb09f6cfe4b33
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
|
|
|
|
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
I've also aligned the PV creation of the different charts.
I've also aligned the PVC creation of the different charts.
I've removed unused mysql chart and (badly) used nfs-provisioner chart.
I've also make cassandra backup work with dynamic PV (but RWX only for
now).
Change-Id: I0ea3f8c7514ca648d94b6c682684c06b822bbe0a
Issue-ID: OOM-2229
Issue-ID: OOM-2228
Issue-ID: OOM-2227
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Add virtual hosting support to the ingress
common template
Added support for global configuration path
or virtual host based
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
Change-Id: I6b1a0c9cfd0eb5c90a090058d5db70f8ee33731e
Issue-ID: OOM-2125
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
|