From a6889979459185d6873695ab9c4c74dbeed6daee Mon Sep 17 00:00:00 2001 From: Fiete Ostkamp Date: Wed, 4 Sep 2024 16:55:56 +0200 Subject: [AAI] 14.0.3 Oslo release with Java 11 - [resources,traversal,graphadmin] use 1.14.7 release images that are based on Java 11 - [babel] add metrics and tracing - [babel] allow remote profiling and debugging - [graphadmin] make graphadmin chart Kyverno compliant - [graphadmin] replace fixed initialDelaySeconds wait invertal with dynamic startup probe - [graphadmin] use actuator endpoint for liveness and readiness probe. Actuator still uses the old echo probe in the background - [graphadmin] remove janusgraph-cached.properties since it effectively cannot be used - [graphadmin] clean up janusgraph-realtime.properties - [graphadmin] use common functions for readiness probe - [graphadmin] remove LOCAL_USER_ID and LOCAL_GROUP_ID environment variables since they are not used (anymore) - [modelloader] add metrics monitoring via prometheus - [modelloader] allow remote profiling and debugging - [sparky-be] use latest release image (2.0.5) Other - [sdc-be] declare ServiceMonitor to enable metrics monitoring via Prometheus Issue-ID: AAI-3986 Change-Id: Ifbd52d0d019d34596f6f824aa940e9b7993336ab Signed-off-by: Fiete Ostkamp --- kubernetes/aai/Chart.yaml | 2 +- kubernetes/aai/components/aai-babel/Chart.yaml | 2 +- .../resources/config/application.properties | 4 +- .../components/aai-babel/templates/deployment.yaml | 29 +++++- .../aai-babel/templates/servicemonitor.yaml | 3 + kubernetes/aai/components/aai-babel/values.yaml | 37 +++++++- .../aai/components/aai-graphadmin/Chart.yaml | 3 + .../resources/config/application.properties | 6 +- .../resources/config/janusgraph-cached.properties | 99 -------------------- .../config/janusgraph-realtime.properties | 30 +++--- .../aai-graphadmin/templates/configmap.yaml | 1 - .../aai-graphadmin/templates/deployment.yaml | 102 ++++++++++----------- .../templates/job-copy-db-backup.yaml | 9 +- .../aai-graphadmin/templates/job-create-db.yaml | 45 +++------ .../aai-graphadmin/templates/job-migration.yaml | 23 +---- .../aai-graphadmin/templates/service.yaml | 10 +- .../aai/components/aai-graphadmin/values.yaml | 54 +++++++---- .../aai-modelloader/templates/deployment.yaml | 23 +++++ .../aai-modelloader/templates/podmonitor.yaml | 34 +++++++ .../aai/components/aai-modelloader/values.yaml | 30 +++++- .../aai/components/aai-resources/values.yaml | 2 +- .../aai/components/aai-sparky-be/values.yaml | 2 +- .../aai/components/aai-traversal/values.yaml | 2 +- .../sdc-be/templates/servicemonitor.yaml | 3 + kubernetes/sdc/components/sdc-be/values.yaml | 8 ++ 25 files changed, 297 insertions(+), 266 deletions(-) create mode 100644 kubernetes/aai/components/aai-babel/templates/servicemonitor.yaml delete mode 100644 kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-cached.properties create mode 100644 kubernetes/aai/components/aai-modelloader/templates/podmonitor.yaml create mode 100644 kubernetes/sdc/components/sdc-be/templates/servicemonitor.yaml diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml index 05287b99d6..b06609a0c4 100644 --- a/kubernetes/aai/Chart.yaml +++ b/kubernetes/aai/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP Active and Available Inventory name: aai -version: 14.0.2 +version: 14.0.3 dependencies: - name: common diff --git a/kubernetes/aai/components/aai-babel/Chart.yaml b/kubernetes/aai/components/aai-babel/Chart.yaml index f305a2287e..50a7c24ee0 100644 --- a/kubernetes/aai/components/aai-babel/Chart.yaml +++ b/kubernetes/aai/components/aai-babel/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: Babel microservice name: aai-babel -version: 14.0.1 +version: 14.0.2 dependencies: - name: common diff --git a/kubernetes/aai/components/aai-babel/resources/config/application.properties b/kubernetes/aai/components/aai-babel/resources/config/application.properties index 96f1a3eb89..56560d5cb2 100644 --- a/kubernetes/aai/components/aai-babel/resources/config/application.properties +++ b/kubernetes/aai/components/aai-babel/resources/config/application.properties @@ -1,7 +1,7 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # Copyright © 2021 Orange -# Modifications Copyright © 2023 Nordix Foundation +# Modifications Copyright � 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,3 +23,5 @@ spring.main.allow-bean-definition-overriding=true server.servlet.context-path=/services/babel-service logging.config=${CONFIG_HOME}/logback.xml tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json + +management.endpoints.web.exposure.include=* diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml index cb40883365..f3fc04c00c 100644 --- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml @@ -22,7 +22,11 @@ kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: {{- include "common.selectors" . | nindent 4 }} + {{- if .Values.debug.enabled }} + replicas: 1 + {{- else }} replicas: {{ .Values.replicaCount }} + {{- end }} revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} strategy: type: {{ .Values.updateStrategy.type }} @@ -38,10 +42,19 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: {{ include "common.containerPorts" . | nindent 12 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} + ports: + {{- if .Values.debug.enabled }} + - containerPort: {{ .Values.debug.port }} + name: {{ .Values.debug.portName }} + {{- end }} + {{- if .Values.profiling.enabled }} + - containerPort: {{ .Values.profiling.port }} + name: {{ .Values.profiling.portName }} + {{- end }} + {{ include "common.containerPorts" . | nindent 12 }} + # disable liveness probe when + # debugging.enabled=true or profiling.enabled=true + {{- if and .Values.liveness.enabled (not (or .Values.debug.enabled .Values.profiling.enabled)) }} livenessProbe: tcpSocket: port: {{ .Values.service.internalPort }} @@ -58,6 +71,14 @@ spec: value: NotUsed - name: CONFIG_HOME value: /opt/app/babel/config + {{- if .Values.profiling.enabled }} + - name: JVM_OPTS + value: '{{ join " " .Values.profiling.args }}' + {{- end }} + {{- if .Values.debug.enabled }} + - name: JVM_OPTS + value: {{ .Values.debug.args | quote }} + {{- end }} volumeMounts: - mountPath: /opt/app/babel/config/application.properties name: config diff --git a/kubernetes/aai/components/aai-babel/templates/servicemonitor.yaml b/kubernetes/aai/components/aai-babel/templates/servicemonitor.yaml new file mode 100644 index 0000000000..dc706029bf --- /dev/null +++ b/kubernetes/aai/components/aai-babel/templates/servicemonitor.yaml @@ -0,0 +1,3 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }} diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index 21cc72291d..54f8c5ea98 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -25,7 +25,7 @@ global: {} ################################################################# # application image -image: onap/babel:1.13.2 +image: onap/babel:1.13.3 flavor: small flavorOverride: small @@ -98,6 +98,41 @@ resources: memory: "2Gi" unlimited: {} +tracing: + collector: + baseUrl: http://jaeger-collector.istio-system:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) + +# adds jvm args for remote debugging the application +debug: + enabled: false + args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005" + port: 5005 + portName: debug + +# adds jvm args for remote profiling the application +profiling: + enabled: false + args: + - "-Dcom.sun.management.jmxremote" + - "-Dcom.sun.management.jmxremote.ssl=false" + - "-Dcom.sun.management.jmxremote.authenticate=false" + - "-Dcom.sun.management.jmxremote.local.only=false" + - "-Dcom.sun.management.jmxremote.port=9999" + - "-Dcom.sun.management.jmxremote.rmi.port=9999" + - "-Djava.rmi.server.hostname=127.0.0.1" + port: 9999 + portName: jmx + +metrics: + serviceMonitor: + enabled: true + targetPort: 9516 + path: /services/babel-service/actuator/prometheus + basicAuth: + enabled: false + #Pods Service Account serviceAccount: nameOverride: aai-babel diff --git a/kubernetes/aai/components/aai-graphadmin/Chart.yaml b/kubernetes/aai/components/aai-graphadmin/Chart.yaml index c0bcbfd074..7c86fed9dd 100644 --- a/kubernetes/aai/components/aai-graphadmin/Chart.yaml +++ b/kubernetes/aai/components/aai-graphadmin/Chart.yaml @@ -34,3 +34,6 @@ dependencies: - name: serviceAccount version: ~13.x-0 repository: '@local' + - name: readinessCheck + version: ~13.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties index 83689da093..d124f63141 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties @@ -55,7 +55,6 @@ server.ssl.enabled=false # JMS bind address host port jms.bind.address=tcp://localhost:61649 - # dmaap is deprecated now kafka is used spring.kafka.producer.bootstrap-servers=${BOOTSTRAP_SERVERS} spring.kafka.producer.properties.security.protocol=SASL_PLAINTEXT @@ -110,8 +109,7 @@ aperture.service.base.url=http://localhost:8457/aai/aperture aperture.service.timeout-in-milliseconds=300000 #To Expose the Prometheus scraping endpoint -management.server.port=8448 +management.server.port={{ .Values.service.actuatorPort }} management.endpoints.enabled-by-default=true management.endpoints.web.exposure.include=info,health,prometheus -endpoints.enabled=false -management.security.enabled=false \ No newline at end of file +management.security.enabled=false diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-cached.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-cached.properties deleted file mode 100644 index 5962ebd6fc..0000000000 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-cached.properties +++ /dev/null @@ -1,99 +0,0 @@ -{{/* -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -storage.backend=cql -storage.hostname={{.Values.global.cassandra.serviceName}} -storage.cql.keyspace=aaigraph -storage.username={{.Values.global.cassandra.username}} -storage.password={{.Values.global.cassandra.password}} - -storage.cql.read-consistency-level=LOCAL_QUORUM -storage.cql.write-consistency-level=LOCAL_QUORUM -storage.cql.replication-factor={{.Values.global.cassandra.replicas}} -storage.cql.only-use-local-consistency-for-system-operations=true - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -#caching on -cache.db-cache = true -cache.db-cache-clean-wait = 20 -cache.db-cache-time = 180000 -cache.db-cache-size = 0.3 - -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-realtime.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-realtime.properties index 72c35e6603..d1797a407e 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-realtime.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/janusgraph-realtime.properties @@ -20,7 +20,7 @@ query.fast-property=true query.smart-limit=false -{{ if .Values.global.config.cluster.cassandra.dynamic }} +{{- if .Values.global.config.cluster.cassandra.dynamic }} storage.backend=cql storage.hostname={{.Values.global.cassandra.serviceName}} @@ -34,25 +34,25 @@ storage.cql.write-consistency-level=LOCAL_QUORUM storage.cql.replication-factor={{.Values.global.cassandra.replicas}} storage.cql.only-use-local-consistency-for-system-operations=true -{{ if .Values.global.cassandra.partitionerName }} +{{- if .Values.global.cassandra.partitionerName }} storage.cql.partitioner-name={{ .Values.global.cassandra.partitionerName }} -{{ end }} +{{- end }} {{- if .Values.config.janusgraph.cassandraDriver }} storage.cql.internal.string-configuration = datastax-java-driver { {{ .Values.config.janusgraph.cassandraDriver.configuration }} } {{- end }} -{{ else }} +{{- else -}} -{{ if .Values.global.config.storage }} +{{- if .Values.global.config.storage }} storage.backend={{ .Values.global.config.storage.backend }} -{{ if eq .Values.global.config.storage.backend "cql" }} +{{- if eq .Values.global.config.storage.backend "cql" }} storage.hostname={{ .Values.global.config.storage.hostname }} storage.cql.keyspace={{ .Values.global.config.storage.name }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} +storage.cql.local-datacenter={{ .Values.global.cassandra.localDataCenter }} storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} @@ -60,13 +60,13 @@ storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationF storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} +storage.cql.local-datacenter={{ .Values.global.cassandra.localDataCenter }} storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} -{{ else if eq .Values.global.config.storage.backend "hbase" }} +{{- else if eq .Values.global.config.storage.backend "hbase" }} storage.hostname={{ .Values.global.config.storage.hostname }} storage.hbase.table={{ .Values.global.config.storage.name }} @@ -75,11 +75,9 @@ storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} -{{ end }} - -{{ end }} - -{{ end }} +{{- end }} +{{- end }} +{{- end }} storage.lock.wait-time=300 # Setting db-cache to false ensure the fastest propagation of changes across servers @@ -87,6 +85,6 @@ cache.db-cache=false #load graphson file on startup load.snapshot.file=false -{{ if .Values.config.janusgraph.allowUpgrade }} +{{- if .Values.config.janusgraph.allowUpgrade }} graph.allow-upgrade=true -{{ end }} +{{- end }} diff --git a/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml b/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml index 8eb4a4a781..ddf752b480 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml @@ -40,7 +40,6 @@ data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} --- apiVersion: v1 diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml index 01dc44123c..6ac078b756 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml @@ -38,7 +38,11 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: + {{- if .Values.config.debug.enabled }} + replicas: 1 + {{- else }} replicas: {{ .Values.replicaCount }} + {{- end }} revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} minReadySeconds: {{ .Values.minReadySeconds }} strategy: @@ -66,59 +70,36 @@ spec: spec: hostname: aai-graphadmin terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} - {{ if .Values.global.initContainers.enabled }} + {{- if .Values.global.initContainers.enabled }} initContainers: - - command: - {{ if .Values.global.jobs.migration.enabled }} - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-aai-graphadmin-migration - {{ else if .Values.global.jobs.createSchema.enabled }} - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-aai-graphadmin-create-db-schema - {{ else }} - - /app/ready.py - args: - - --service-name - - {{ .Values.global.cassandra.serviceName }} - - --service-name - - aai-schema-service - {{ end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - resources: - limits: - cpu: "100m" - memory: "500Mi" - requests: - cpu: "3m" - memory: "20Mi" - {{ end }} + {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForWithCreateSchemaDisabled ) | indent 6 | trim}} + {{- end }} + {{ include "common.podSecurityContext" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 8 | trim }} env: - - name: LOCAL_USER_ID - value: {{ .Values.securityContext.user_id | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.securityContext.group_id | quote }} + {{- if .Values.config.env }} + {{- range $key,$value := .Values.config.env }} + - name: {{ $key | upper | quote}} + value: {{ $value | quote}} + {{- end }} + {{- end }} + {{- if eq .Values.flavor "small" }} + - name: MAX_HEAP_SIZE + value: {{ .Values.small.maxHeapSize | quote }} + {{- else if eq .Values.flavor "large" }} + - name: MAX_HEAP_SIZE + value: {{ .Values.large.maxHeapSize | quote }} + {{- end }} - name: INTERNAL_PORT_1 value: {{ .Values.service.appPort | quote }} - name: INTERNAL_PORT_2 value: {{ .Values.service.debugPort | quote }} - name: INTERNAL_PORT_3 - value: {{ .Values.service.internalPort3 | quote }} + value: {{ .Values.service.actuatorPort | quote }} - name: BOOTSTRAP_SERVERS value: {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 - name: JAAS_CONFIG @@ -138,14 +119,13 @@ spec: - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties name: config subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: config - subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties name: properties subPath: aaiconfig.properties - mountPath: /opt/aai/logroot/AAI-RES name: logs + - mountPath: /opt/app/aai-graphadmin/logs + name: script-logs - mountPath: /opt/app/aai-graphadmin/resources/logback.xml name: config subPath: logback.xml @@ -158,6 +138,8 @@ spec: - mountPath: /opt/app/aai-graphadmin/resources/application.properties name: properties subPath: application.properties + - mountPath: /tmp + name: tmp-volume ports: - containerPort: {{ .Values.service.appPort }} name: {{ .Values.service.appPortName }} @@ -169,8 +151,8 @@ spec: - containerPort: {{ .Values.service.profilingPort }} name: {{ .Values.service.profilingPortName }} {{- end }} - - containerPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} + - containerPort: {{ .Values.service.actuatorPort }} + name: {{ .Values.service.actuatorPortName }} lifecycle: # wait for active requests (long-running tasks) to be finished # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod. @@ -188,16 +170,28 @@ spec: # debugging.enabled=true or profiling.enabled=true {{- if and .Values.liveness.enabled (not (or .Values.config.debug.enabled .Values.config.profiling.enabled)) }} livenessProbe: - tcpSocket: - port: {{ .Values.service.appPort }} + httpGet: + port: {{ .Values.service.actuatorPort }} + path: {{ .Values.liveness.path }} + {{- if .Values.liveness.initialDelaySeconds }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + {{- end }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} + {{- end }} readinessProbe: - tcpSocket: - port: {{ .Values.service.appPort }} + httpGet: + port: {{ .Values.service.actuatorPort }} + path: {{ .Values.readiness.path }} + {{- if .Values.readiness.initialDelaySeconds }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + {{- end }} periodSeconds: {{ .Values.readiness.periodSeconds }} + startupProbe: + httpGet: + port: {{ .Values.service.actuatorPort }} + path: {{ .Values.startup.path }} + failureThreshold: {{ .Values.startup.failureThreshold }} + periodSeconds: {{ .Values.startup.periodSeconds }} resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: @@ -212,8 +206,12 @@ spec: {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: + - name: tmp-volume + emptyDir: {} - name: logs emptyDir: {} + - name: script-logs + emptyDir: {} {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - name: config configMap: diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml index f1178a0a6e..3f0c4e11e5 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml @@ -60,7 +60,7 @@ spec: name: {{ include "common.name" . }} spec: initContainers: - {{ if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} + {{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} - command: - /bin/bash - -c @@ -93,13 +93,8 @@ spec: - | {{- if include "common.onServiceMesh" . }} echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} - sh docker-entrypoint.sh dataSnapshot.sh; + bash docker-entrypoint.sh dataSnapshot.sh; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} - env: - - name: LOCAL_USER_ID - value: {{ .Values.securityContext.user_id | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.securityContext.group_id | quote }} volumeMounts: - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots name: snapshots diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml index 3f5c1d3d19..e67479a1d5 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml @@ -55,33 +55,13 @@ spec: name: {{ include "common.name" . }} spec: initContainers: - - command: - - /app/ready.py - args: - - --service-name - - {{ .Values.global.cassandra.serviceName }} - - --service-name - - aai-schema-service - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - resources: - limits: - cpu: "100m" - memory: "500Mi" - requests: - cpu: "3m" - memory: "20Mi" + {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForWithCreateSchemaDisabled) | indent 6 | trim }} + {{ include "common.podSecurityContext" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }}-job image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 8 | trim }} command: - sh args: @@ -92,17 +72,19 @@ spec: sh docker-entrypoint.sh createDBSchema.sh; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: - - name: LOCAL_USER_ID - value: {{ .Values.securityContext.user_id | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.securityContext.group_id | quote }} + {{- if .Values.config.debug.enabled }} + - name: JVM_OPTS + value: {{ .Values.config.debug.args | quote }} + {{- end }} + ports: + {{- if .Values.config.debug.enabled }} + - containerPort: {{ .Values.service.debugPort }} + name: {{ .Values.service.debugPortName }} + {{- end }} volumeMounts: - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties name: config subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: config - subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties name: properties subPath: aaiconfig.properties @@ -128,7 +110,8 @@ spec: volumes: {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - name: logs - emptyDir: {} + emptyDir: + sizeLimit: 64Mi - name: config configMap: name: {{ include "common.fullname" . }} diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml index df62d4169c..4ec2306eca 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml @@ -89,20 +89,12 @@ spec: - -c - | sh docker-entrypoint.sh dataRestoreFromSnapshot.sh `ls -t /opt/app/aai-graphadmin/logs/data/dataSnapshots|head -1|awk -F".P" '{ print $1 }'` - env: - - name: LOCAL_USER_ID - value: {{ .Values.securityContext.user_id | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.securityContext.group_id | quote }} volumeMounts: - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties name: config subPath: janusgraph-realtime.properties - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots name: snapshots - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: config - subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties name: properties subPath: aaiconfig.properties @@ -133,18 +125,10 @@ spec: echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} sh docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges ; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} - env: - - name: LOCAL_USER_ID - value: {{ .Values.securityContext.user_id | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.securityContext.group_id | quote }} volumeMounts: - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties name: config subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: config - subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties name: properties subPath: aaiconfig.properties @@ -207,7 +191,7 @@ spec: name: {{ include "common.name" . }} spec: initContainers: - {{ if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} + {{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} - command: - /bin/bash - -c @@ -242,11 +226,6 @@ spec: echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} sh docker-entrypoint.sh dataSnapshot.sh {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} - env: - - name: LOCAL_USER_ID - value: {{ .Values.securityContext.user_id | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.securityContext.group_id | quote }} volumeMounts: - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots name: snapshots diff --git a/kubernetes/aai/components/aai-graphadmin/templates/service.yaml b/kubernetes/aai/components/aai-graphadmin/templates/service.yaml index 68f1cda815..16924e9d5c 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/service.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/service.yaml @@ -43,10 +43,10 @@ spec: nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} name: {{ .Values.service.debugPortName }} targetPort: {{ .Values.service.debugPortName }} - - port: {{ .Values.service.internalPort3 }} + - port: {{ .Values.service.actuatorPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName3 }} - targetPort: {{ .Values.service.portName3 }} + name: {{ .Values.service.actuatorPortName }} + targetPort: {{ .Values.service.actuatorPortName }} {{- else -}} - port: {{ .Values.service.appPort }} name: {{ .Values.service.appPortName }} @@ -54,8 +54,8 @@ spec: - port: {{ .Values.service.debugPort }} name: {{ .Values.service.debugPortName }} targetPort: {{ .Values.service.debugPortName }} - - port: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} + - port: {{ .Values.service.actuatorPort }} + name: {{ .Values.service.actuatorPortName }} targetPort: {{ .Values.service.appPort }} {{- end}} selector: diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index acc1ba22f7..dd95c8b67a 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -103,11 +103,11 @@ global: # global defaults clients: SDNC,-1|MSO,-1|SO,-1|robot-ete,-1 # application image -image: onap/aai-graphadmin:1.14.6 +image: onap/aai-graphadmin:1.14.7 pullPolicy: Always restartPolicy: Always flavor: small -flavorOverride: small + # default number of instances replicaCount: 1 @@ -141,7 +141,8 @@ config: # config override for the cassandra driver # see: https://docs.janusgraph.org/master/configs/configuration-reference/#storagecqlinternal cassandraDriver: - configuration: advanced.metadata.schema.debouncer.window = 1 second # Default maximum records to fix for the data grooming and dupeTool + configuration: advanced.metadata.schema.debouncer.window = 1 second + # Default maximum records to fix for the data grooming and dupeTool maxFix: dataGrooming: 150 dupeTool: 25 @@ -200,16 +201,28 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 - periodSeconds: 60 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false + enabled: true + path: /actuator/health/liveness + periodSeconds: 10 readiness: - initialDelaySeconds: 60 + path: /actuator/health/readiness periodSeconds: 10 +startup: + path: /actuator/health/liveness + failureThreshold: 60 + periodSeconds: 5 + +readinessCheck: + waitForWithCreateSchemaEnabled: + jobs: + - '{{ include "common.release" . }}-aai-graphadmin-create-db-schema' + waitForWithCreateSchemaDisabled: + services: + - '{{ .Values.global.cassandra.serviceName }}' + - aai-schema-service + service: type: ClusterIP # REST API port for the graphadmin microservice @@ -219,8 +232,8 @@ service: debugPort: 5005 profilingPortName: jxm-9999 profilingPort: 9999 - portName3: http-graphadmin - internalPort3: 8448 + actuatorPortName: http-graphadmin + actuatorPort: 8448 terminationGracePeriodSeconds: 45 ingress: @@ -279,12 +292,19 @@ resources: memory: "8Gi" requests: cpu: "1" - memory: "3.2Gi" + memory: "4Gi" unlimited: {} +# define the heap size for the JVM +# according to the resource flavor +small: + maxHeapSize: "1g" +large: + maxHeapSize: "5g" + metrics: serviceMonitor: - enabled: false + enabled: true targetPort: 8448 path: /actuator/prometheus basicAuth: @@ -302,8 +322,8 @@ metrics: # Not fully used for now securityContext: - user_id: 1000 - group_id: 1000 + user_id: 65534 + group_id: 65534 #Pods Service Account serviceAccount: @@ -314,8 +334,8 @@ serviceAccount: log: path: /var/log/onap level: - root: DEBUG - base: DEBUG + root: INFO + base: INFO logConfigMapNamePrefix: '{{ include "common.fullname" . }}' #DupeTool cronjob parameters diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml index c7d7cbe2fa..486ffbaa49 100644 --- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml @@ -34,7 +34,11 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: + {{- if .Values.debug.enabled }} + replicas: 1 + {{- else }} replicas: {{ .Values.replicaCount }} + {{- end }} revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} strategy: type: {{ .Values.updateStrategy.type }} @@ -77,6 +81,25 @@ spec: secretKeyRef: name: {{ include "common.name" . }}-ku key: sasl.jaas.config + {{- if .Values.profiling.enabled }} + - name: JVM_ARGS + value: '{{ join " " .Values.profiling.args }}' + {{- end }} + {{- if .Values.debug.enabled }} + - name: JVM_ARGS + value: {{ .Values.debug.args | quote }} + {{- end }} + ports: + - containerPort: 9500 + name: http + {{- if .Values.debug.enabled }} + - containerPort: {{ .Values.debug.port }} + name: {{ .Values.debug.portName }} + {{- end }} + {{- if .Values.profiling.enabled }} + - containerPort: {{ .Values.profiling.port }} + name: {{ .Values.profiling.portName }} + {{- end }} volumeMounts: - mountPath: /opt/app/model-loader/config/model-loader.properties subPath: model-loader.properties diff --git a/kubernetes/aai/components/aai-modelloader/templates/podmonitor.yaml b/kubernetes/aai/components/aai-modelloader/templates/podmonitor.yaml new file mode 100644 index 0000000000..1eb564ed72 --- /dev/null +++ b/kubernetes/aai/components/aai-modelloader/templates/podmonitor.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2024 Deutsche Telekom +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.metrics.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: {{ include "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + podMetricsEndpoints: + - port: {{ .Values.metrics.podMonitor.port }} + path: {{ .Values.metrics.podMonitor.path }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 14b7ccaf13..b28989c78f 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -21,7 +21,7 @@ global: # global defaults nodePortPrefix: 302 # application image -image: onap/model-loader:1.14.1 +image: onap/model-loader:1.14.2 pullPolicy: Always restartPolicy: Always flavor: small @@ -49,6 +49,28 @@ updateStrategy: maxUnavailable: 0 maxSurge: 1 +# adds jvm args for remote debugging the application +debug: + enabled: false + args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005" + port: 5005 + portName: debug + +# adds jvm args for remote profiling the application +profiling: + enabled: false + args: + - "-Dcom.sun.management.jmxremote" + - "-Dcom.sun.management.jmxremote.ssl=false" + - "-Dcom.sun.management.jmxremote.authenticate=false" + - "-Dcom.sun.management.jmxremote.local.only=false" + - "-Dcom.sun.management.jmxremote.port=9999" + - "-Dcom.sun.management.jmxremote.rmi.port=9999" + - "-Djava.rmi.server.hostname=127.0.0.1" + port: 9999 + portName: jmx + + nodeSelector: {} affinity: {} @@ -91,6 +113,12 @@ tracing: ignorePatterns: - /aai/util.* +metrics: + podMonitor: + enabled: true + port: http + path: /actuator/prometheus + #Pods Service Account serviceAccount: nameOverride: aai-modelloader diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 14ae2debbc..630c88a244 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -134,7 +134,7 @@ aai_enpoints: url: external-system # application image -image: onap/aai-resources:1.14.6 +image: onap/aai-resources:1.14.7 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index 4bb6d4163e..e017032b03 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -29,7 +29,7 @@ global: # global defaults serviceName: aai-search-data # application image -image: onap/sparky-be:2.0.3 +image: onap/sparky-be:2.0.5 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 036a3c96f2..6b268cae42 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -111,7 +111,7 @@ global: # global defaults someConfig: random # application image -image: onap/aai-traversal:1.14.6 +image: onap/aai-traversal:1.14.7 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/sdc/components/sdc-be/templates/servicemonitor.yaml b/kubernetes/sdc/components/sdc-be/templates/servicemonitor.yaml new file mode 100644 index 0000000000..c0d9f212b4 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/templates/servicemonitor.yaml @@ -0,0 +1,3 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index 7f914d4bdf..752fc2cc15 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -169,6 +169,14 @@ resources: memory: "6Gi" unlimited: {} +metrics: + serviceMonitor: + enabled: true + targetPort: 8080 + path: /sdc2/rest/actuator/prometheus + basicAuth: + enabled: false + #Pods Service Account serviceAccount: nameOverride: sdc-be -- cgit 1.2.3-korg