aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc
AgeCommit message (Collapse)AuthorFilesLines
2020-09-09[SDC] use of certInitializer templateChrisC103-328/+898
Auto SSL certificates generation through certInitializer template for SDC Refactor to components Issue-ID: SDC-3172 Change-Id: I2c895a8d8e7c25e11a2a1e997735d2e7b2d258aa Signed-off-by: ChrisC <christophe.closset@intl.att.com>
2020-09-04[GENERAL] Use readiness container v3.0.1Sylvain Desbureaux24-56/+46
Readiness container v3.x and up are now present in ONAP main repository. They're also not using root user anymore and then script path has changed. Finally, "job_complete" script has been integrated in main "ready" script. As those changes are significant, we must upgrade all the components at once. Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0 Issue-ID: OOM-2545 Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com> Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
2020-07-23[SDC] Make SDC compatible with Kubernetes v1.17kwasiel8-9/+33
Issue-ID: OOM-2465 Signed-off-by: Katarzyna Wasiel <katarzyna.wasiel@nokia.com> Change-Id: Iaddbc40c44c3ad7e306ec16926874ff41eaf5319
2020-07-08[SDC] Update sdc images for Frankfurtsebdet4-7/+7
Update the sdc images for frankfurt maintenance release, moving to 1.6. Issue-ID: SDC-3189 Signed-off-by: sebdet <sebastien.determe@intl.att.com> Change-Id: I1f7ea5f6aee0def6d9711e9c93496e00024f7e26
2020-07-06Reset workflow-designer to frankfurtsebdet2-3/+3
Set the workflow-designer to frankfurt version for now, as guilin has not been released yet (not rc0) Issue-ID: SDC-3176 Signed-off-by: sebdet <sebastien.determe@intl.att.com> Change-Id: I163bd35e1ac4427f052edf60cf5f765e013ac1f0
2020-05-29Use SDC 1.6.6 containersOfir Sonsino4-7/+7
Change-Id: I6d14baf950e413caa9d672a96d4a194bccb507f9 Issue-ID: SDC-2948 Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
2020-05-08Merge "Fix name convention issue (SDC-WORKFLOW)"Krzysztof Opasiak2-3/+3
2020-05-07Merge "Use SDC 1.6.5 containers"Krzysztof Opasiak4-7/+7
2020-05-06Use SDC 1.6.5 containersOfir Sonsino4-7/+7
Change-Id: I0e1e7ee475b57179b8580b610d5b74cdecd59859 Issue-ID: SDC-2942 Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
2020-05-06[SDC] Fix Ingress configurationSylvain Desbureaux2-5/+2
Set redirect for SSL when backend is HTTPS Issue-ID: OOM-2187 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2c1e9acfdaf427e85b78accaf2d26be48eed5f73
2020-05-04Merge "Change ingress hosnames for exposed services"Sylvain Desbureaux3-2/+8
2020-04-29Change ingress hosnames for exposed servicesLucjan Bryndza3-2/+8
Change ingress host to the required hostnames Change-Id: Ic78c8821e2e23e00943d8abdf7b2183b4d940c72 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Issue-ID: OOM-2391 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
2020-04-29Fix name convention issue (SDC-WORKFLOW)vasraz2-3/+3
Related to https://gerrit.onap.org/r/c/sdc/sdc-workflow-designer/+/102754 Issue-ID: SDC-2334 Issue-ID: SDC-2335 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Id976e039a2779af6d7d95c13935da3dd3dc1141f
2020-04-29Set sdc onboarding volume mount permissionsMichaelMorris3-0/+18
Set the permissions of files in the sdc onboarding backend persistent volume for package certs to enable access by the process in the pod which now runs as non-root user (since SDC-2798) Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-2981 Change-Id: I6113f14ca9933e2fec2b565768ed5afbe3c18f21
2020-04-02Bump chart versionSylvain Desbureaux12-13/+13
Use 6.0.0 in preparation for Frankfurt release Issue-ID: OOM-2320 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
2020-04-02Merge "Updated sdc cert."Sylvain Desbureaux22-29/+277
2020-04-02Updated sdc cert.k.kedron22-29/+277
Updated truststore/keystore password for sdc cert. Added truststore/keystore password to chef AUTO.json. Updated deployment.yaml files to mount the cert files. Issue-ID: SDC-2855 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: Ifd0d45cc591a0624005f86d2e67e3c0bc490efd3
2020-04-01[SDC BE] Remove HTTP node port 30205gummar4-87/+37
Keep HTTP port reachable from inside the server. Issue-ID: OJSI-101 Change-Id: I0468697d8f3d0192a5d8e102501db0d14633fa86 Signed-off-by: gummar <raj.gumma@est.tech> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2020-04-01Remove all http nodeports from DCAE-DSFuss, Areli (af732p)6-31/+8
Issue-ID: OOM-2347 Signed-off-by: Fuss, Areli (af732p) <areli.fuss@intl.att.com> Change-Id: I7977425c72bb4d1bc75b2781e38ccc9c254fff4c
2020-03-22Run SDC pods as non-rootMichaelMorris21-33/+37
Change-Id: Id8626c02f4c8bf3e1da406920169c0ed6bee457f Issue-ID: SDC-2798 Signed-off-by: MichaelMorris <michael.morris@est.tech>
2020-03-16Add flag to values for disableHttpIlanaP3-5/+13
Add a flag that can be used inside the charts and in the AUTO.json file with the http enabled status Issue-ID: OJSI-102 Signed-off-by: IlanaP <ilanap@amdocs.com> Signed-off-by: IlanaP <ilanap@amdocs.com> Change-Id: Ieee2a4b4dea49d7a55eed0811ea29145dd17556a
2020-03-13SDC/Portal interface to HTTPSOfir Sonsino5-9/+9
Change-Id: I769e4f0c4cdaf5b3f2737128654e4650a9d9ab29 Issue-ID: SDC-2799 Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
2020-02-26Cassandra 3 Upgradeshrek200026-826/+35
Move OOM to use SDC cassandra 3 Issue-ID: SDC-2595 Signed-off-by: shrek2000 <oren.kleks@amdocs.com> Change-Id: Ie58f3420cad70fbed7931656a98951e69a4b7b4b Signed-off-by: shrek2000 <oren.kleks@amdocs.com>
2020-02-18Merge "[SDC] Change default access mode for cert PVC"Krzysztof Opasiak1-1/+1
2020-02-04[COMMON] Create templates for services and PVSylvain Desbureaux1-1/+1
Proposition of common templates to make service declaration and PV declaration consistent accross OOM. Propositions of templates for sub parties of resource definitions such as metadatas, selector and containerPorts. I've also made an example with cassandra. Change-Id: I8b8aa8eb61dafba75e89add1979114a0eefce243 Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2020-02-01[ONAP-wide] Replace .Release.Name with common.releaseKrzysztof Opasiak40-124/+124
ONAP is too big to be deployed using helm install so we need to use a custom helm plugin helm deploy. This script deloys onap component by component instead of deploying evrything at once. Unfortunately this script also modifies the helm release by appending component name to it. As a result of this behavior our objects are called for example: onap-mariadb-galera-mariadb-galera-0 instead of just being called onap-mariadb-galera-0. This patch simplifies this naming convention by replacing all direct usages of .Release.Name with common.release macro which strips the component specific part from the release name. Issue-ID: OOM-2275 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
2020-01-23[SDC] Change default access mode for cert PVCSylvain Desbureaux1-1/+1
sdc-onboarding-be PVC is currently using ReadOnlyMany mode. Unfortunately, this mode is not well supported. As this PVC is used only by sdc-onboarding-be pod, we can move to ReadWriteOnce, which is well supported Issue-ID: SDC-2549 Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Icc33d5d04cbdec846dbb1d609d52f0426b91483e
2019-12-17Merge "Secure FE communications to the workflow backend"Sylvain Desbureaux11-87/+71
2019-12-17Remove old nginx configurtion from the SDCLucjan Bryndza1-1/+0
Remove not longer suported and incompatibile option from the SDC nginx ingress configuration Issue-ID: OOM-2187 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Change-Id: I5bddbc8400569cc8a58c48cd15ca00991336e1c8
2019-12-17Secure FE communications to the workflow backendIlanaP11-87/+71
Update of the workflow fe and be charts to secure the communications and to start the backend server is https mode with a secured connection to SDC Issue-ID: OOM-1954 Signed-off-by: IlanaP <ilanap@amdocs.com> Change-Id: Ia3c4c714e317b8f8b6b4ee9245daa50eea50275f Signed-off-by: IlanaP <ilanap@amdocs.com>
2019-12-11Merge "[SDC] Use global storage templates for PVC"Borislav Glozman4-24/+12
2019-12-09[SDC] Use global storage templates for PVCSylvain Desbureaux4-24/+12
OOM has now templates in order to create the needed PVC, using: * a PV with a specific class when using a common nfs mount path between nodes (sames as today use) --> is the default behavior today * or a storage class if we want to use dynamic PV. On this case, we use (in order of priority): - persistence.storageClassOverride if set on the chart - global.persistence.storageClass if set globally - persistence.storageClass if set on the chart Change-Id: Ic34dcbc609edaa79109aacb83bbc019b55e6d02e Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-11-28Add ingress controler support to SDCLucjan Bryndza12-65/+50
Issue-ID: OOM-2187 Change-Id: I2ae6b0f2482641b3f482121354596574b684b2d1 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
2019-10-29Merge "Enabled HTTPS for sdc-workflow-designer"Borislav Glozman4-43/+16
2019-10-28Enabled HTTPS for sdc-workflow-designerr.bogacki4-43/+16
-Enabled HTTPS for frontend and backend -Updated paths and passwords for a certificates Issue-ID: SDC-2479 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: Ic4b379bc2eb73a984221fa06ddc0fe8f0fa2116b
2019-10-02Increase liness/readiness timeout and periodBrian Freeman4-6/+14
Issue-ID: OOM-2059 Change-Id: I02bbdd5b06e7194434d761bcf1aebbd749c6f1d7 Signed-off-by: Brian Freeman <bf1936@att.com>
2019-09-18HTTPS calls for sdck.kedron19-41/+44
Proper configuration for HTTPS in the sdc: -configured the livenessProbe/readinessProbe ports -changed mount path for dcea-be components -updated dcea component images -updated VID and Portal to talk with the SDC Change-Id: Ibdece8f095aaa79e326cb9c4510e8227a7856b15 Issue-ID: SDC-2548 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
2019-09-05Merge "Removed exposed debug port 4000 in SDC"Mike Elliott1-1/+1
2019-09-05Merge "Removed exposed debug port 7001 in SDC"Sylvain Desbureaux1-1/+1
2019-09-04Merge "Move SDC Storage to RWO"Mike Elliott3-3/+3
2019-09-04Merge "Removed exposed debug port 6000 in SDC"Mike Elliott1-1/+1
2019-09-04Merge "Removed exposed debug port 4001 in SDC"Mike Elliott1-1/+1
2019-09-04Removed exposed debug port 7001 in SDCr.bogacki1-1/+1
Removed exposed port 7001 by JDWP in sdc-wfd-be Issue-ID: OJSI-79 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: I5ccad4c0d5330bd7e0bffa2cca6b7e3d8ef18f6a (cherry picked from commit 09dca2aef073f493e63f11198f44246008567597)
2019-09-04Removed exposed debug port 4001 in SDCr.bogacki1-1/+1
Removed exposed port 4001 by JDWP in sdc-onboarding-be Issue-ID: OJSI-78 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ied6cb6bd08358a03a44213545d3fb1928f7d008d (cherry picked from commit 45d7963968e8d4a3be9c5f4d5df4224116804080)
2019-09-04Removed exposed debug port 6000 in SDCr.bogacki1-1/+1
Removed exposed port 6000 by JDWP in sdc-fe Issue-ID: OJSI-77 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: I9bfad007983510a8b877731fd35bffcf16590086 (cherry picked from commit fce96df6504488b7de1a71b75ecfd1d9272dfdfd)
2019-09-04Removed exposed debug port 7000 in SDCr.bogacki1-1/+1
Removed exposed port 7000 by JDWP in sdc-wfd-fe Issue-ID: OJSI-80 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: I356452da25b641e2e1c0ecf4cd8de69ffe4cd77d (cherry picked from commit 3339ae164f3e3c7a4e8b0f45ebfc1c59826f9870)
2019-09-04Removed exposed debug port 4000 in SDCr.bogacki1-1/+1
Removed exposed port 4000 by JDWP in sdc-wfd-be Issue-ID: OJSI-76 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: I9e9caa59623c58d1deebd3320cdfce9f73c83ebc (cherry picked from commit 674916aa2b762a45e4a394ea6ea1198cf8965c8c)
2019-09-02Move SDC Storage to RWOSylvain Desbureaux3-3/+3
Today when deploying SDC with OOM, the PersistentVolumeClaim needs the "ReadWriteMany" (or "RWX") capability. According to Kubernetes Documentation (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes), ReadWriteMany stands for "the volume can be mounted as read-write by many nodes". That means that a particular PVC needs to be read and written from many pods. That also means that your code takes that into account and do the work to avoid write at the same place at the same time. An issue on RWX mode is that most "official" storage driver from Kubernetes doesn't support it (13 over the 19 drivers doesn't support it, espacially OpenStack, Amazon and Google storage classes). SDC PVC for ES is used only for one POD. Thus we don't need RWX. The other values are not used as of today but changing them to RWO seems better if they're reused again Change-Id: I3dabbce120a14d19499330b51e808c5725588e0c Issue-ID: SDC-2549 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-08-20WF-D revert to Dublin until stabilizedOfir Sonsino2-3/+3
Change-Id: Icc7eaff6798367f717680c051b146fa5a4860278 Issue-ID: SDC-2521 Signed-off-by: Ofir Sonsino <os0695@intl.att.com> (cherry picked from commit d7b6ac82af6349f96910c059aa50432c1c04b5e8)
2019-08-07Update SDC DCAE-DS chartsOfir Sonsino4-5/+5
Change-Id: I699863544bb2b4dc8ff8f7597bcf61e02646de45 Issue-ID: SDC-2478 Signed-off-by: Ofir Sonsino <os0695@intl.att.com> (cherry picked from commit 710166391ca301f9c9fcdbb1ddcd1c2a4882ec1e)