Age | Commit message (Collapse) | Author | Files | Lines |
|
Auto SSL certificates generation through certInitializer template for SDC
Refactor to components
Issue-ID: SDC-3172
Change-Id: I2c895a8d8e7c25e11a2a1e997735d2e7b2d258aa
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
|
|
Readiness container v3.x and up are now present in ONAP main repository.
They're also not using root user anymore and then script path has
changed.
Finally, "job_complete" script has been integrated in main "ready"
script.
As those changes are significant, we must upgrade all the components at
once.
Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0
Issue-ID: OOM-2545
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
|
|
Issue-ID: OOM-2465
Signed-off-by: Katarzyna Wasiel <katarzyna.wasiel@nokia.com>
Change-Id: Iaddbc40c44c3ad7e306ec16926874ff41eaf5319
|
|
Update the sdc images for frankfurt maintenance release, moving to 1.6.
Issue-ID: SDC-3189
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
Change-Id: I1f7ea5f6aee0def6d9711e9c93496e00024f7e26
|
|
Set the workflow-designer to frankfurt version for now, as guilin has not been released yet (not rc0)
Issue-ID: SDC-3176
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
Change-Id: I163bd35e1ac4427f052edf60cf5f765e013ac1f0
|
|
Change-Id: I6d14baf950e413caa9d672a96d4a194bccb507f9
Issue-ID: SDC-2948
Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
|
|
|
|
|
|
Change-Id: I0e1e7ee475b57179b8580b610d5b74cdecd59859
Issue-ID: SDC-2942
Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
|
|
Set redirect for SSL when backend is HTTPS
Issue-ID: OOM-2187
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2c1e9acfdaf427e85b78accaf2d26be48eed5f73
|
|
|
|
Change ingress host to the required hostnames
Change-Id: Ic78c8821e2e23e00943d8abdf7b2183b4d940c72
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
Issue-ID: OOM-2391
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
|
|
Related to https://gerrit.onap.org/r/c/sdc/sdc-workflow-designer/+/102754
Issue-ID: SDC-2334
Issue-ID: SDC-2335
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: Id976e039a2779af6d7d95c13935da3dd3dc1141f
|
|
Set the permissions of files in the sdc onboarding backend persistent volume for package certs to enable access by the process in the pod which now runs as non-root user (since SDC-2798)
Signed-off-by: MichaelMorris <michael.morris@est.tech>
Issue-ID: SDC-2981
Change-Id: I6113f14ca9933e2fec2b565768ed5afbe3c18f21
|
|
Use 6.0.0 in preparation for Frankfurt release
Issue-ID: OOM-2320
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
|
|
|
|
Updated truststore/keystore password for sdc cert.
Added truststore/keystore password to chef AUTO.json.
Updated deployment.yaml files to mount the cert files.
Issue-ID: SDC-2855
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: Ifd0d45cc591a0624005f86d2e67e3c0bc490efd3
|
|
Keep HTTP port reachable from inside the server.
Issue-ID: OJSI-101
Change-Id: I0468697d8f3d0192a5d8e102501db0d14633fa86
Signed-off-by: gummar <raj.gumma@est.tech>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Issue-ID: OOM-2347
Signed-off-by: Fuss, Areli (af732p) <areli.fuss@intl.att.com>
Change-Id: I7977425c72bb4d1bc75b2781e38ccc9c254fff4c
|
|
Change-Id: Id8626c02f4c8bf3e1da406920169c0ed6bee457f
Issue-ID: SDC-2798
Signed-off-by: MichaelMorris <michael.morris@est.tech>
|
|
Add a flag that can be used inside the charts and in the AUTO.json file with the http enabled status
Issue-ID: OJSI-102
Signed-off-by: IlanaP <ilanap@amdocs.com>
Signed-off-by: IlanaP <ilanap@amdocs.com>
Change-Id: Ieee2a4b4dea49d7a55eed0811ea29145dd17556a
|
|
Change-Id: I769e4f0c4cdaf5b3f2737128654e4650a9d9ab29
Issue-ID: SDC-2799
Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
|
|
Move OOM to use SDC cassandra 3
Issue-ID: SDC-2595
Signed-off-by: shrek2000 <oren.kleks@amdocs.com>
Change-Id: Ie58f3420cad70fbed7931656a98951e69a4b7b4b
Signed-off-by: shrek2000 <oren.kleks@amdocs.com>
|
|
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
sdc-onboarding-be PVC is currently using ReadOnlyMany mode. Unfortunately,
this mode is not well supported.
As this PVC is used only by sdc-onboarding-be pod, we can move to
ReadWriteOnce, which is well supported
Issue-ID: SDC-2549
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Icc33d5d04cbdec846dbb1d609d52f0426b91483e
|
|
|
|
Remove not longer suported and incompatibile option from
the SDC nginx ingress configuration
Issue-ID: OOM-2187
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
Change-Id: I5bddbc8400569cc8a58c48cd15ca00991336e1c8
|
|
Update of the workflow fe and be charts to secure the communications and to start the backend server is https mode with a secured connection to SDC
Issue-ID: OOM-1954
Signed-off-by: IlanaP <ilanap@amdocs.com>
Change-Id: Ia3c4c714e317b8f8b6b4ee9245daa50eea50275f
Signed-off-by: IlanaP <ilanap@amdocs.com>
|
|
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
Change-Id: Ic34dcbc609edaa79109aacb83bbc019b55e6d02e
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Issue-ID: OOM-2187
Change-Id: I2ae6b0f2482641b3f482121354596574b684b2d1
Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
|
|
|
|
-Enabled HTTPS for frontend and backend
-Updated paths and passwords for a certificates
Issue-ID: SDC-2479
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: Ic4b379bc2eb73a984221fa06ddc0fe8f0fa2116b
|
|
Issue-ID: OOM-2059
Change-Id: I02bbdd5b06e7194434d761bcf1aebbd749c6f1d7
Signed-off-by: Brian Freeman <bf1936@att.com>
|
|
Proper configuration for HTTPS in the sdc:
-configured the livenessProbe/readinessProbe ports
-changed mount path for dcea-be components
-updated dcea component images
-updated VID and Portal to talk with the SDC
Change-Id: Ibdece8f095aaa79e326cb9c4510e8227a7856b15
Issue-ID: SDC-2548
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
|
|
|
|
|
|
|
|
|
|
|
|
Removed exposed port 7001 by JDWP in sdc-wfd-be
Issue-ID: OJSI-79
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Change-Id: I5ccad4c0d5330bd7e0bffa2cca6b7e3d8ef18f6a
(cherry picked from commit 09dca2aef073f493e63f11198f44246008567597)
|
|
Removed exposed port 4001 by JDWP in sdc-onboarding-be
Issue-ID: OJSI-78
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Change-Id: Ied6cb6bd08358a03a44213545d3fb1928f7d008d
(cherry picked from commit 45d7963968e8d4a3be9c5f4d5df4224116804080)
|
|
Removed exposed port 6000 by JDWP in sdc-fe
Issue-ID: OJSI-77
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Change-Id: I9bfad007983510a8b877731fd35bffcf16590086
(cherry picked from commit fce96df6504488b7de1a71b75ecfd1d9272dfdfd)
|
|
Removed exposed port 7000 by JDWP in sdc-wfd-fe
Issue-ID: OJSI-80
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Change-Id: I356452da25b641e2e1c0ecf4cd8de69ffe4cd77d
(cherry picked from commit 3339ae164f3e3c7a4e8b0f45ebfc1c59826f9870)
|
|
Removed exposed port 4000 by JDWP in sdc-wfd-be
Issue-ID: OJSI-76
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Change-Id: I9e9caa59623c58d1deebd3320cdfce9f73c83ebc
(cherry picked from commit 674916aa2b762a45e4a394ea6ea1198cf8965c8c)
|
|
Today when deploying SDC with OOM, the PersistentVolumeClaim needs the
"ReadWriteMany" (or "RWX") capability.
According to Kubernetes Documentation (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes),
ReadWriteMany stands for "the volume can be mounted as read-write by many nodes".
That means that a particular PVC needs to be read and written from many pods.
That also means that your code takes that into account and do the work to avoid
write at the same place at the same time.
An issue on RWX mode is that most "official" storage driver from Kubernetes doesn't
support it (13 over the 19 drivers doesn't support it, espacially OpenStack, Amazon
and Google storage classes).
SDC PVC for ES is used only for one POD.
Thus we don't need RWX.
The other values are not used as of today but changing them to RWO seems
better if they're reused again
Change-Id: I3dabbce120a14d19499330b51e808c5725588e0c
Issue-ID: SDC-2549
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Change-Id: Icc7eaff6798367f717680c051b146fa5a4860278
Issue-ID: SDC-2521
Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
(cherry picked from commit d7b6ac82af6349f96910c059aa50432c1c04b5e8)
|
|
Change-Id: I699863544bb2b4dc8ff8f7597bcf61e02646de45
Issue-ID: SDC-2478
Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
(cherry picked from commit 710166391ca301f9c9fcdbb1ddcd1c2a4882ec1e)
|
|
Issue-ID: TEST-185
Change-Id: I2bce2a44aa540a846933c548dd0ab67f3e53e679
Signed-off-by: Brian Freeman <bf1936@att.com>
|