summaryrefslogtreecommitdiffstats
path: root/kubernetes
AgeCommit message (Collapse)AuthorFilesLines
2020-03-10[COMMON] Allow special characters in postgress passwordsKrzysztof Opasiak3-3/+80
Postgres image that we are currently using uses sed to replace passwords placeholders with their actual values at startup time. This apprach is very fragile and leads to issues if & happens to be a part of password as it has a special meaning in sed. To fix this issue let's just extract the setup.sql file from the container and process it on our own in init container using envsubst and then mount it to the main container to be used. Issue-ID: OOM-2317 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ifd51d8f0af0099958caa209185fb7a87a0480bd2
2020-03-10Merge "5.1.0 policy-handler - policy-updates from new PDP"Krzysztof Opasiak2-9/+16
2020-03-10Merge "4.3.0/6.1.0 deploy-handler - policyVersion as str"Krzysztof Opasiak1-1/+1
2020-03-10Merge "Remove CBS NodePort assignments"Krzysztof Opasiak1-1/+1
2020-03-10Merge "Update VFC release version in oom"Krzysztof Opasiak17-17/+17
2020-03-10Update VFC release version in oomyangyan17-17/+17
Change-Id: I57b66de5d562b5170b841c5615f84f14f75ce16a Issue-ID: VFC-1644 Signed-off-by: yangyan <yangyanyj@chinamobile.com>
2020-03-10Merge "Migrate to HTTPS from HTTP - VNFSDK"Sylvain Desbureaux1-1/+1
2020-03-09CDS SDC listener crashingSebastien Premont-Tendland1-3/+3
The environment specification for AUTO in sdc defines the UEB endpoints with the namespace appended to message-router "message-router.onap". In CDS configuration we were only specifying the hostname "message-router" causing SDC to not find a suitable environment and returning an error. Modified the sdc listener configuration in CDS to append the namespace to the configuration. Issue-ID: CCSDK-2160 Signed-off-by: Sebastien Premont-Tendland <sebastien.premont@bell.ca> Change-Id: I7afabb91e43948118490455bdc6ba6a53c28a217
2020-03-09Merge "add yaml for 5G Network Slicing usecase"Krzysztof Opasiak1-0/+172
2020-03-09Merge "Reverting to AAF deployer@people.osaaf.org for cert distribution"Krzysztof Opasiak2-2/+2
2020-03-09Remove CBS NodePort assignmentsJack Lucas1-1/+1
Exposing NodePorts is needed only for multi-site installations. Issue-ID: OJSI-195 Issue-ID: DCAEGEN2-2129 Change-Id: I1d6731d95a6c058f5b2e08708c153f31e2065476 Signed-off-by: Jack Lucas <jflucas@research.att.com>
2020-03-09Merge "[COMMON] Add a template for PV"Krzysztof Opasiak1-1/+55
2020-03-09Merge "[DMaaP MR] Use HTTPS only for external traffic"Krzysztof Opasiak5-276/+228
2020-03-094.3.0/6.1.0 deploy-handler - policyVersion as strAlex Shatov1-1/+1
- external version 4.3.0 - internal version 6.1.0 for code change - no API change Change-Id: I9093184da29b7ef9ac3e6e48cc6e53743ecb5c9e Signed-off-by: Alex Shatov <alexs@att.com> Issue-ID: DCAEGEN2-2085
2020-03-09Merge "[VFC] Use common secret template for DB root password"Sylvain Desbureaux17-42/+266
2020-03-095.1.0 policy-handler - policy-updates from new PDPAlex Shatov2-9/+16
- need help with url to DMaaP MR and info on policy-update topic plus the subscriber info DCAEGEN2-1851: - policy-handler now supports the policy-update notification from the new policy-engine thru DMaaP MR - integration testing is requested DCAEGEN2-1976: - policy-handler is enhanced to get user/password from env vars for PDP and DMaaP MR clients and overwriting the Authorization field in https headers received from the discoverable config = to override the Authorization value on policy_engine, set the environment vars $PDP_USER and $PDP_PWD in policy-handler container = to override the Authorization value on dmaap_mr, if using https and user-password authentication, set the environment vars $DMAAP_MR_USER and $DMAAP_MR_PWD in policy-handler container - Fixed service definition external port to 80 Change-Id: I8c1089542ed00408614da0720653221d475293e6 Signed-off-by: Alex Shatov <alexs@att.com> Issue-ID: DCAEGEN2-1851 Issue-ID: DCAEGEN2-1976 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
2020-03-09Merge "Use released version of ESR"Sylvain Desbureaux1-1/+1
2020-03-09Merge "[COMMON] Allow to attach annotations to secrets"Sylvain Desbureaux1-1/+8
2020-03-09Merge "[SO] Support LCM API of SDNC"Sylvain Desbureaux2-0/+16
2020-03-09Merge "DCAE R6 updates"Krzysztof Opasiak8-11/+15
2020-03-09[VFC] Use common secret template for DB root passwordKrzysztof Opasiak17-42/+266
Issue-ID: VFC-1600 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I9f83c6f6eaace60c3e974218810e5943c5758c06
2020-03-09add yaml for 5G Network Slicing usecasezhangqingjie1-0/+172
Issue-ID: OOM-2329 supply a ONAP installation config file for 5G Network Slicing usecase, so that the user can easily install a minimum-scope ONAP with as few resources as possible. Signed-off-by: zhangqingjie <zhangqingjie@huawei.com> Change-Id: I728a0229296d62120418f654e4c3f50a2805a69e
2020-03-06[COMMON] Add a template for PVSylvain Desbureaux1-1/+55
Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia885d54fbb9a9fe1ea8a0dec311f63b11cc028c6
2020-03-06Use released version of ESRForsyth, James (jf2512)1-1/+1
Issue-ID: AAI-2734 Change-Id: I9479f62bfc1baab2d3a72602f6c6fa704ef01962 Signed-off-by: Forsyth, James (jf2512) <jf2512@att.com>
2020-03-06Reverting to AAF deployer@people.osaaf.org for cert distributionefiacor2-2/+2
Change-Id: I4882750ff11343b387dde0452f7bf65a4f612f80 Signed-off-by: efiacor <fiachra.corcoran@est.tech> Issue-ID: DMAAP-1405
2020-03-06Bump DMaaP DR versionefiacor2-2/+2
Change-Id: I7a37ab9a69fdb3232f68b908ea97a788fbab55a1 Signed-off-by: efiacor <fiachra.corcoran@est.tech> Issue-ID: DMAAP-1404
2020-03-06Merge "[SO] Use common secret template in so-catalog-db-adapter"Krzysztof Opasiak3-16/+46
2020-03-06[COMMON] Allow to attach annotations to secretsKrzysztof Opasiak1-1/+8
SO adds some annotations to one of its secres so let's extend the common secret template with the ability to add annotations. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I4c33d87724b2296852d62e2ddf9061ff4e235157
2020-03-06Update git submodulesefiacor1-0/+0
* Update kubernetes/robot from branch 'master' to c854b484ebbd5e0c1be1e6a032a79beeb4cab6ff - Removing http for DMaaP DR Signed-off-by: efiacor <fiachra.corcoran@est.tech> Issue-ID: DMAAP-1400 Change-Id: Ifd0502283d4efe0c14aeb1e77bfa85779596cfec
2020-03-06Merge "[COMMON] Handle TLS/Non-TLS for Service"Krzysztof Opasiak5-26/+779
2020-03-06Merge "Removed external access on unsecure port for ↵Sylvain Desbureaux1-2/+1
cds-blueprints-processor-http"
2020-03-06[DMaaP MR] Use HTTPS only for external trafficSylvain Desbureaux5-276/+228
Use the new template features to create two services for DMaaP Message Router: * One of ClusterIP type with HTTP AND HTTPS port, with the same name as before. * Another of NodePort type with HTTPS only port, with a new name (this one should be used only for external traffic) I've also replaced `tabs` iby spaces in two resources files so it's easier to read the configmap. Issue-ID: DMAAP-1400 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I394e0b5327ffe2605f0c4c8b134e49553b06232c
2020-03-06[COMMON] Handle TLS/Non-TLS for ServiceSylvain Desbureaux5-26/+779
Current service and headlessService templates doesn't handle the fact that out of cluster ports must be TLS encrypted only. With a new (backward compatible) DSL, this is now possible. In values.yaml, all ports in service part with port AND plain_port will have the ability to be HTTP or HTTPS depending on the context. Per default, they'll be HTTPS. TLS choice will be done according this table: | tlsOverride | global.tlsEnabled | global.serviceMesh.enabled | global.serviceMesh.tls | result | |-------------|-------------------|----------------------------|------------------------|--------| | not present | not present | not present | any | true | | not present | not present | false | any | true | | not present | not present | true | false | true | | not present | not present | true | true | false | | not present | true | any | any | true | | not present | false | any | any | false | | true | any | any | any | true | | false | any | any | any | false | Service template will create one or two service templates according to this table: | serviceType | both_tls_and_plain | result | |---------------|--------------------|--------------| | ClusterIP | any | one Service | | Not ClusterIP | not present | one Service | | Not ClusterIP | false | one Service | | Not ClusterIP | true | two Services | If two services are created, one is ClusterIP with both crypted and plain ports and the other one is NodePort (or LoadBalancer) with crypted port only. Issue-ID: OOM-1936 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If766dd73132022d1a6e578fd36113c461bb91ea5
2020-03-05Merge "Disabling http ports on DMaaP"Krzysztof Opasiak2-3/+1
2020-03-05Removed external access on unsecure port for cds-blueprints-processor-httpgummar1-2/+1
Issue-ID: CCSDK-2147 Signed-off-by: gummar <raj.gumma@est.tech> Change-Id: I7701616ec9732225cf2be07d67dad7af0953bccb
2020-03-05Merge "[SDNC] Use common secret template in sdnc"Krzysztof Opasiak15-196/+322
2020-03-05DCAE R6 updatesJack Lucas8-11/+15
Helm chart updates to pull in latest version of components: bootstrap loads blueprints into DCAE inventory bootstrap configures k8splugin for JKS CA store inventory uses generated CA cert cloudify manager loads type file to synch clamp and dcae policy plugins dashboard skips bad blueprints from inventory bootstrap loads latest pgaas and sshkeyshare plugins bootstrap runs as non-root user Issue-ID: DCAEGEN2-2049 Issue-ID: DCAEGEN2-1938 Issue-ID: DCAEGEN2-2097 Issue-ID: DCAEGEN2-2120 Issue-ID: DCAEGEN2-2072 Signed-off-by: Jack Lucas <jflucas@research.att.com> Change-Id: I12f37ccc85ebfefba10e7ec1113da6474927ba57
2020-03-05Merge "HTTPS/AAF auto cert gen for Portal SDK"Krzysztof Opasiak6-10/+298
2020-03-05Merge "[UUI] UUI Server is a core eater"Krzysztof Opasiak1-6/+6
2020-03-05Update git submodulesVenkata Harish Kajur1-0/+0
* Update kubernetes/aai from branch 'master' to 4f4d14ab45a2225953961136220041189d566015 - Merge "Update logback.xml" - Update logback.xml Issue-ID: AAI-2824 Signed-off-by: Jimmy Forsyth <jf2512@att.com> Change-Id: I9034b283a2cd47770a30db9e1eecf3ef5ad58d47
2020-03-05Merge "readd so filebeat sidecar ELK endpoint"Sylvain Desbureaux11-0/+187
2020-03-05Merge "[SO] Use common secret template in so-bpmn-infra"Sylvain Desbureaux3-17/+47
2020-03-05Merge "Add parameter http scheme for multicloud adapter"Sylvain Desbureaux1-1/+2
2020-03-05[UUI] UUI Server is a core eaterSylvain Desbureaux1-6/+6
And thus needs bigger limits/requests Issue-ID: USECASEUI-403 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ide23f95af16f9ed9615bcb26e67e40cd1145670f
2020-03-05Update git submodulesHarish Venkata Kajur1-0/+0
* Update kubernetes/aai from branch 'master' to c9fad710ea31ae6695c3914429266621d37ce8b8 - Fix the graphadmin logback issue Issue-ID: AAI-2751 Change-Id: Icce232aab798c2c1d2a072a5cbf040403879a48b Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2020-03-05[SO] Support LCM API of SDNCEnbo Wang2-0/+16
Issue-ID: SO-2588 Signed-off-by: Enbo Wang <wangenbo@huawei.com> Change-Id: I809336bcc7528e4196ddb59a9c25939fd891b502
2020-03-05Migrate to HTTPS from HTTP - VNFSDKKanagaraj Manickam1-1/+1
Issue-ID: OJSI-154 Signed-off-by: Kanagaraj Manickam <kanagaraj.manickam@hauwei.com> Change-Id: I7d3d3faa5e17d68051b0816fa5834b88817c3cf1 Signed-off-by: Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
2020-03-05HTTPS/AAF auto cert gen for Portal SDKChrisC6-10/+298
integrate portal-sdk with AAF agent init container. add pv to store init-container certs generated at startup. add aafEnabled flag to switch on/off aaf integration. modify tomcat startup to load p12 and enable HTTPS based on flag. Issue-ID: PORTAL-261 Signed-off-by: ChrisC <christophe.closset@intl.att.com> Change-Id: Ia2b05b8661bf9e0c03a60467212e80d1c9d02bac
2020-03-05Merge "Use Frankfurt release of dmaap-bc"Sylvain Desbureaux1-1/+1
2020-03-04[SO] Use common secret template in so-catalog-db-adapterKrzysztof Opasiak3-16/+46
Use common secret template in so-catalog-db-adapter component. For now passwords are stil hardcoded but this will be removed in further commits. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I2ac98729b47d15ab4c360c3bb8c759370d6ec7d2