Age | Commit message (Collapse) | Author | Files | Lines |
|
- Upgrade OSDF and HAS to new image version
- Intermediate and root ca certs should be added to domain
cert for nginx to serve https requests
- Remove redundant certs and load it as a secret
Issue-ID: OPTFRA-857
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: I51d5f9bf53561acbe5e1df6691e02899de41eed0
|
|
|
|
Change-Id: Ided74384fa71bebcaf5e99a8ebb839c8c8171bd4
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
|
|
Change-Id: I182d3c77a5be3cf220151a0984d44bfe4f25d039
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
|
|
Issue-ID: OPTFRA-804
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: Ic395ce79ae3b9188574bf35375509decdafd5503
|
|
Issue-ID: OPTFRA-850
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: If6ea86e827e7b1da81a1fc17b6301fc0df3d1309
|
|
Remove Hardcoded certificates from OOF
Resturcture OOF charts
Issue-ID: OPTFRA-803
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: Ibe886a44fcbf22bb3443fbb8ec8e37ddc7636ffe
|
|
Add resources field to OOF jobs to set limit
Issue-ID: OPTFRA-840
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: I5fb9a804af9c1a5df440aa61818197028db2c4b6
|
|
|
|
Move mariadb galera config from global to root
Add service name to mariadb-init config
Fix mariadb-init secret to use Additional databases
Create separate users for cmso service and optimizer
Issue-ID: OPTFRA-800
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: I5b91d297d35125ca242f40fe1a6328da0f4daa62
|
|
Add make clean target to ensure that removed dependencies are always
cleaned up properly.
Issue-ID: OPTFRA-803
Change-Id: I2f845c775d5643c7a8b4539b35886fbf79ce889a
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
Readiness container v3.x and up are now present in ONAP main repository.
They're also not using root user anymore and then script path has
changed.
Finally, "job_complete" script has been integrated in main "ready"
script.
As those changes are significant, we must upgrade all the components at
once.
Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0
Issue-ID: OOM-2545
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
|
|
Issue-ID: OOM-2461
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: Ia8f5ff043bb76ec59e8ffdcf9902a14152ca3e6c
|
|
Issue-ID: OPTFRA-794
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: I16547f24ca58a80634ff13a9aeb7a5f595633b44
|
|
Update osdf and has configurations
Change-Id: I900ca5143fea1e5cd38d382abd5fe9b08af1a4de
Signed-off-by: vrvarma <vikas.varma@att.com>
Issue-ID: OPTFRA-760
|
|
|
|
New readiness image proposes several new stuff:
* smaller size
* ability to wait for daemonset
Issue-ID: OOM-2373
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I4af9a09393c5b71214d8f4db2c1a095b260c9fbd
|
|
Set redirect for SSL as backend is HTTPS.
Issue-ID: OOM-2182
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I7dca15d6a381048f8f07c81b2523a1b6ec0ae308
|
|
Removal of tomcat and zookeeper as per latest music version..
Replaced with cassandra only and spring boot version of music,
adding support for https and running the music container under
a non-root user
Update oof-has music-api configuration, use https
Switch to music-api-springboot for all the ready.py
Issue-ID: MUSIC-572
Signed-off-by: Tschaen, Brendan <ctschaen@att.com>
Change-Id: Idbfac29cb5e9808787b5994e2575f055c292a146
Signed-off-by: vrvarma <vikas.varma@att.com>
|
|
Adding the Ingresses to HAS API service.
Issue-ID: OOM-2182
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6cfe4d014a18e693344e24f14c00f4108d9c15c9
|
|
Fixing the configuration based on comments
Updating osdf common_config.yaml
Separating cmso configuration to a new review
Creating secrets app_key and add substution routine
Fix a typo in has-xx deployment.yaml files
Adding secret.yaml files for all has deployments
Fixing certificates for oof
Helm chart cleanup and unification.
Fixing pdx url and mount path
Unsetting appkey and removing secrets
Change-Id: I6fbdbd7532c73dffeb9fac65d50d3900c85cd87a
Signed-off-by: vrvarma <vikas.varma@att.com>
Issue-ID: OPTFRA-720
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
The log locaitons that the processes write to should be a common place
so that a non-root that starts the process can be setup to manage the writes
to that location. Chaning all log locations to /var/log where user 'onap'
has been given write access to.
Issue-ID: OPTFRA-711
Signed-off-by: Ikramullah, Ikram <ikram@research.att.com>
Change-Id: I524534179b98c29acaf697dabdddd63b213199ba
|
|
Making the charts consistent based on comments
Fixing oom gating issue related to busyBoxImage value not found
Moving and fixing cmso certs to this checkin
Adding oof-cmso to the hardcoded certificates list
Change-Id: Id48903ef7c38d69fcd8da5e067c2031359c94b56
Signed-off-by: vrvarma <vikas.varma@att.com>
Issue-ID: OPTFRA-720
|
|
Use 6.0.0 in preparation for Frankfurt release
Issue-ID: OOM-2320
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
|
|
Issue-ID: OOM-2051
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ib25f38d3fed05608adfeaf4a4ef1898cf66e12b1
|
|
Also, the last patch seems to have required the server_url attribute in section [sdnc]
to be avaiable. This is why instead of 'removing', I'm replacing the unused/unwanted URL
Issue-ID: OPTFRA-699
Signed-off-by: Ikramullah, Ikram <ikram@research.att.com>
Change-Id: I2365439ae013b7b4331741cd26b66e9b59f4d864
|
|
Remove all hardcoded credentials for mariadb and depend on common
secret template to generate all passwords at the deployment time.
Issue-ID: OOM-2292
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I54e57b317a8852469bcc11aabf6ddf0040ff5eb3
|
|
It looks like AAF issues masked my real mistakes of letting
some of oof services failing because of bad secret names.
Let's fix that quickly by just setting them to the corrent names
temporarly as later oof will be ported to use common secret template
anyway.
Issue-ID: OOM-2053
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I9de1804dbd5399df25a3ef98354f41d39d073bf7
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
I've also aligned the PV creation of the different charts.
I've also aligned the PVC creation of the different charts.
I've removed unused mysql chart and (badly) used nfs-provisioner chart.
I've also make cassandra backup work with dynamic PV (but RWX only for
now).
Change-Id: I0ea3f8c7514ca648d94b6c682684c06b822bbe0a
Issue-ID: OOM-2229
Issue-ID: OOM-2228
Issue-ID: OOM-2227
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Issue-ID: OOM-2182
Change-Id: I69ea7e5dbc30981ec840373dc030f26696ed32db
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
|
|
|
|
Issue-ID: OPTFRA-509
Change-Id: I2549e396311ad9582b898493e6bce311141a3b95
Signed-off-by: Jerry Flood <jflood@att.com>
|
|
Issue-ID: OPTFRA-561
Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
Change-Id: I132dcb2adaed78a97822c4fae77026eddfb51df9
|
|
Change-Id: I72b709b78e052704a816408159a08b36f2d6c83e
Signed-off-by: vrvarma <vv8305@att.com>
Issue-ID: OPTFRA-561
|
|
Updating all helm chart versions to 5.0.0 for the El Alto release.
Merge will be co-ordinated with the merge of a separate aai/oom patch.
Please do not merge until this coordination has completed.
Issue-ID: OOM-1980
Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
Change-Id: I31daaebeacea33565f13affd2fa28fb15fe948ba
|
|
Change-Id: I1af39fc90d420f5dffcc6713f09913ce9c6ce538
Signed-off-by: Shankar Narayanan <snarayanan@research.att.com>
Issue-ID: OPTFRA-508
|
|
Switching the policy scope we use to fetch
policies to OSDF_DUBLIN
Issue-ID: OPTFRA-498
Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
Change-Id: Id2dc6f1ef7e86d776c1bb7b3c7747dbb537e8ca3
|
|
The oof-osdf SAN was not in the aaf certificates
Change-Id: I6be4e56e0ceb29c2c53ca43a6b6bbd20076bc074
Signed-off-by: vrvarma <vv8305@att.com>
Issue-ID: OPTFRA-499
|
|
Issue-ID: OPTFRA-500
Change-Id: I7efe976b06ce68e7b136d026a0a2d27ff2a38301
Signed-off-by: Jerry Flood <jflood@att.com>
|
|
Change-Id: Id5244f15d4e8b08babc19309398419394a95e5f0
Signed-off-by: Shankar Narayanan <snarayanan@research.att.com>
Issue-ID: OPTFRA-491
|
|
|
|
Add common_config.yaml file to enable SSL
Add the cert and key files
Modify the deployment to mount the cert files
Increment the docker image version
Securing HAS api with https
Modifying the health check protocol to https and credentials
Updating certs to add has hostnames
Change-Id: I860a0c436234b31d675ca0447fa92d511be0b140
Signed-off-by: vrvarma <vv8305@att.com>
Issue-ID: OPTFRA-293
|
|
Issue-ID: OPTFRA-403
Change-Id: I403ea53eaeb8b3cc90ba3f20804fb1c6e7d0f675
Signed-off-by: Jerry Flood <jflood@att.com>
|
|
|
|
Fixes OPTFRA-484 and OPTFRA-390
Issue-ID: OPTFRA-391
Change-Id: I2b65743e38464aac8dbc8cf81419e9ce36769b7d
Signed-off-by: Jerry Flood <jflood@att.com>
|
|
update oof certificates to add has hostnames
updating oof certs to the latest generated date
Change-Id: Ib9191d66eb491975f74062ee5e28b762d9cce9c1
Issue-ID: OPTFRA-461
Signed-off-by: Ikramullah, Ikram <ikram@research.att.com>
Signed-off-by: Shankar Narayanan <snarayanan@research.att.com>
|
|
|
|
|