From cf70098d182c07c4091fd83b3a704a249a4eac7e Mon Sep 17 00:00:00 2001 From: Andreas Geissler Date: Mon, 14 Oct 2024 15:10:37 +0200 Subject: [ETCD] Add kyverno policy fixes Add securityContext settings to resolve kyverno policy violations Fix Jira Links in all release notes. Issue-ID: OOM-3314 Change-Id: Ief20d42f2e4825754bf8d1a142665c7dd176a1d9 Signed-off-by: Andreas Geissler --- .../infra_guides/oom_infra_base_config_setup.rst | 4 +- .../release_notes/release-notes-amsterdam.rst | 6 +- .../release_notes/release-notes-beijing.rst | 744 ++++++++++----------- .../release_notes/release-notes-casablanca.rst | 6 +- .../release_notes/release-notes-dublin.rst | 6 +- .../release_notes/release-notes-elalto.rst | 24 +- .../release_notes/release-notes-frankfurt.rst | 46 +- .../release_notes/release-notes-guilin.rst | 34 +- .../release_notes/release-notes-honolulu.rst | 28 +- .../release_notes/release-notes-istanbul.rst | 4 +- .../release_notes/release-notes-jakarta.rst | 4 +- docs/sections/release_notes/release-notes-kohn.rst | 4 +- .../release_notes/release-notes-london.rst | 10 +- .../release_notes/release-notes-montreal.rst | 2 +- docs/sections/release_notes/release-notes.rst | 2 +- kubernetes/common/etcd/Chart.yaml | 3 +- kubernetes/common/etcd/templates/statefulset.yaml | 3 + kubernetes/common/etcd/values.yaml | 5 + 18 files changed, 472 insertions(+), 463 deletions(-) diff --git a/docs/sections/guides/infra_guides/oom_infra_base_config_setup.rst b/docs/sections/guides/infra_guides/oom_infra_base_config_setup.rst index db8d37ddff..e5ca289aff 100644 --- a/docs/sections/guides/infra_guides/oom_infra_base_config_setup.rst +++ b/docs/sections/guides/infra_guides/oom_infra_base_config_setup.rst @@ -11,7 +11,7 @@ .. _Cert-Manager Installation documentation: https://cert-manager.io/docs/installation/kubernetes/ .. _Cert-Manager kubectl plugin documentation: https://cert-manager.io/docs/usage/kubectl-plugin/ .. _Strimzi Apache Kafka Operator helm Installation documentation: https://strimzi.io/docs/operators/in-development/deploying.html#deploying-cluster-operator-helm-chart-str -.. _ONAP Next Generation Security & Logging Structure: https://wiki.onap.org/pages/viewpage.action?pageId=103417456 +.. _ONAP Next Generation Security & Logging Architecture: https://lf-onap.atlassian.net/wiki/x/bVn7 .. _Istio setup guide: https://istio.io/latest/docs/setup/install/helm/ .. _Gateway-API: https://gateway-api.sigs.k8s.io/ .. _Istio-Gateway: https://istio.io/latest/docs/reference/config/networking/gateway/ @@ -213,7 +213,7 @@ Istio Service Mesh .. note:: The ONAP deployment supports the - `ONAP Next Generation Security & Logging Structure`_ + `ONAP Next Generation Security & Logging Architecture`_ ONAP is currenty supporting Istio as default ServiceMesh platform. Therefor the following instructions describe the setup of Istio and required tools. diff --git a/docs/sections/release_notes/release-notes-amsterdam.rst b/docs/sections/release_notes/release-notes-amsterdam.rst index 6fc229696c..262291fc17 100644 --- a/docs/sections/release_notes/release-notes-amsterdam.rst +++ b/docs/sections/release_notes/release-notes-amsterdam.rst @@ -33,7 +33,7 @@ The main goal of the Amsterdam release was to: **Bug Fixes** The full list of implemented user stories and epics is available on - `JIRA `_ + `JIRA `_ This is the first release of OOM, the defects fixed in this release were raised during the course of the release. Anything not closed is captured below under Known Issues. If you want to @@ -41,14 +41,14 @@ The main goal of the Amsterdam release was to: above. **Known Issues** - - `OOM-6 `_ Automated platform deployment on Docker/Kubernetes + - `OOM-6 `_ Automated platform deployment on Docker/Kubernetes VFC, AAF, MSB minor issues. Workaround: Manual configuration changes - however the reference vFirewall use case does not currently require these components. - - `OOM-10 `_ Platform configuration management. + - `OOM-10 `_ Platform configuration management. OOM ONAP Configuration Management - Handling of Secrets. diff --git a/docs/sections/release_notes/release-notes-beijing.rst b/docs/sections/release_notes/release-notes-beijing.rst index 84f86c100d..c7bcf95da3 100644 --- a/docs/sections/release_notes/release-notes-beijing.rst +++ b/docs/sections/release_notes/release-notes-beijing.rst @@ -23,394 +23,394 @@ Previous Release Notes Epic **** -* [`OOM-6 `_] - Automated platform deployment on Docker/Kubernetes -* [`OOM-7 `_] - Platform monitoring and auto-healing -* [`OOM-8 `_] - Automated platform scalability -* [`OOM-9 `_] - Platform upgradability & rollbacks -* [`OOM-10 `_] - Platform configuration management -* [`OOM-46 `_] - Platform infrastructure deployment with TOSCA -* [`OOM-109 `_] - Platform Centralized Logging -* [`OOM-138 `_] - Using Optimization framework -* [`OOM-346 `_] - Platform Resiliency (including Recoverability, High-Availability, Backup/Restore, Geo-Redundancy) -* [`OOM-376 `_] - ONAP deployment options standardization -* [`OOM-486 `_] - HELM upgrade from 2.3 to 2.8.0 -* [`OOM-535 `_] - Upgrade Kubernetes from 1.8.6 to 1.9.2 -* [`OOM-590 `_] - OOM Wiki documentation of deployment options +* [`OOM-6 `_] - Automated platform deployment on Docker/Kubernetes +* [`OOM-7 `_] - Platform monitoring and auto-healing +* [`OOM-8 `_] - Automated platform scalability +* [`OOM-9 `_] - Platform upgradability & rollbacks +* [`OOM-10 `_] - Platform configuration management +* [`OOM-46 `_] - Platform infrastructure deployment with TOSCA +* [`OOM-109 `_] - Platform Centralized Logging +* [`OOM-138 `_] - Using Optimization framework +* [`OOM-346 `_] - Platform Resiliency (including Recoverability, High-Availability, Backup/Restore, Geo-Redundancy) +* [`OOM-376 `_] - ONAP deployment options standardization +* [`OOM-486 `_] - HELM upgrade from 2.3 to 2.8.0 +* [`OOM-535 `_] - Upgrade Kubernetes from 1.8.6 to 1.9.2 +* [`OOM-590 `_] - OOM Wiki documentation of deployment options Story ***** -* [`OOM-11 `_] - Add AAF containers to ONAP Kubernetes -* [`OOM-13 `_] - Add CLI containers to ONAP Kubernetes -* [`OOM-15 `_] - Add DMAAP containers to ONAP Kubernetes -* [`OOM-20 `_] - State Monitoring: MSO/mso -* [`OOM-21 `_] - State Monitoring: A&AI/aai-service -* [`OOM-22 `_] - State Monitoring: SDNC/sdc-be -* [`OOM-24 `_] - State Monitoring: message-router -* [`OOM-25 `_] - State Monitoring: MSB -* [`OOM-29 `_] - State Monitoring: VID -* [`OOM-31 `_] - State Monitoring: APPC/dbhost -* [`OOM-32 `_] - State Monitoring: VFC -* [`OOM-33 `_] - State Monitoring: Multi-VIM -* [`OOM-34 `_] - Auto-Restart on failure: ... -* [`OOM-35 `_] - State Monitoring: A&AI/hbase -* [`OOM-36 `_] - State Monitoring: A&AI/model-loader-service -* [`OOM-37 `_] - State Monitoring: APPC/dgbuilder -* [`OOM-38 `_] - State Monitoring: APPC/sdnctldb01 -* [`OOM-39 `_] - State Monitoring: APPC/sdnctldb02 -* [`OOM-40 `_] - State Monitoring: APPC/sdnhost -* [`OOM-41 `_] - State Monitoring: MSO/mariadb -* [`OOM-42 `_] - State Monitoring: SDNC/dbhost -* [`OOM-43 `_] - State Monitoring: SDNC/sdnc-dgbuilder -* [`OOM-44 `_] - State Monitoring: SDNC/sdnc-portal -* [`OOM-45 `_] - State Monitoring: SDNC/sdnctldb01 -* [`OOM-51 `_] - OOM ONAP Configuration Management - Externalize hardwired values -* [`OOM-52 `_] - OOM ONAP Configuration Management - Parameterization of docker images -* [`OOM-53 `_] - OOM ONAP Configuration Management - Parameterization for Sizing -* [`OOM-63 `_] - Kubernetes cluster created by TOSCA description -* [`OOM-85 `_] - Test the code in the "Lab" project environment -* [`OOM-86 `_] - Monitoring the health status of ONAP components -* [`OOM-87 `_] - Configure TOSCA description via dashboard -* [`OOM-88 `_] - Deploy Holmes on K8S cluster by TOSCA description -* [`OOM-89 `_] - Deploy CLAMP on K8S cluster by TOSCA description -* [`OOM-91 `_] - Deploy MSB on K8S cluster by TOSCA description -* [`OOM-92 `_] - Deploy AAF on K8S cluster by TOSCA description -* [`OOM-93 `_] - Deploy VF-C on K8S cluster by TOSCA description -* [`OOM-94 `_] - Deploy Multi-VIM on K8S cluster by TOSCA description -* [`OOM-95 `_] - Deploy DCAEGen2 on K8S cluster by TOSCA description -* [`OOM-96 `_] - Deploy AAI on K8S cluster by TOSCA description -* [`OOM-97 `_] - Deploy APPC on K8S cluster by TOSCA description -* [`OOM-98 `_] - Deploy MSO on K8S cluster by TOSCA description -* [`OOM-99 `_] - Deploy Policy on K8S cluster by TOSCA description -* [`OOM-100 `_] - Deploy SDC on K8S cluster by TOSCA description -* [`OOM-102 `_] - Deploy VID on K8S cluster by TOSCA description -* [`OOM-110 `_] - OOM ONAP Logging - Elastic Stack components deployment -* [`OOM-111 `_] - OOM ONAP Logging - FileBeat deployment aside ONAP components -* [`OOM-112 `_] - OOM ONAP Logging - Configuration of all ONAP components to emit canonical logs -* [`OOM-116 `_] - ignore intellj files -* [`OOM-145 `_] - update directory path from dockerdata-nfs to configured directory name (make it configurable) -* [`OOM-235 `_] - Service endpoint annotation for Usecase UI -* [`OOM-242 `_] - Modify DCAE seed for Helm -* [`OOM-262 `_] - Remove "oneclick" kubectl scripts. -* [`OOM-265 `_] - Top level helm chart for ONAP -* [`OOM-268 `_] - Persist and externalize database directories via persistent volumes -* [`OOM-271 `_] - Copy app config files from source -* [`OOM-272 `_] - Set application environment variables from source -* [`OOM-277 `_] - add automatic ONAP config parameter substitution -* [`OOM-280 `_] - MSB automatically re-synch service data on restart. -* [`OOM-292 `_] - Expose LOG Volume via /dockerdata-nfs -* [`OOM-293 `_] - OOM ONAP Configuration Management - Handling of Secrets -* [`OOM-298 `_] - Provide script to cleanup configuration data created by createConfig.sh -* [`OOM-322 `_] - Clean-up config files that are generated at system startup -* [`OOM-341 `_] - Provide an example of a partial deployment of ONAP components (e.g. no VFC) -* [`OOM-342 `_] - Add pointer to Wiki page on the readme file. -* [`OOM-344 `_] - Break the configuration tarball per appplication -* [`OOM-345 `_] - Re-validate # of containers and configuration for DCAEgen2 -* [`OOM-356 `_] - Add 'Usecase UI' containers to ONAP Kubernetes -* [`OOM-359 `_] - SDC logback chef failure -* [`OOM-375 `_] - F2F: ONAP/OOM for Developers -* [`OOM-382 `_] - Robot Version 1.1 OpenO tests -* [`OOM-406 `_] - In Kubernetes 1.8, the annotations are no longer supported and must be converted to the PodSpec field. -* [`OOM-457 `_] - In Kubernetes 1.8, init-container annotations to be converted to PodSpec field for aaf, clamp and vfc -* [`OOM-460 `_] - Segregating configuration of ONAP components -* [`OOM-476 `_] - Parameterize values.yaml docker image repos into global config variables -* [`OOM-528 `_] - Confirm k8s context with a prompt for deleteAll.bash -* [`OOM-534 `_] - Need to provide support for creating different sized OOM deployments -* [`OOM-546 `_] - Provide option to collect ONAP env details for issue investigations -* [`OOM-569 `_] - Investigate containerizing Cloudify Manager -* [`OOM-579 `_] - Document a Cloudify deployment of OOM Beijing -* [`OOM-633 `_] - Provide direct access to ONAP Portal without the need to use VNC -* [`OOM-677 `_] - Update all source code files with the Apache 2 License header -* [`OOM-678 `_] - Enforce MSB dockers dependencies using init-container -* [`OOM-681 `_] - updating docker images/components to latest code -* [`OOM-682 `_] - deployment of sdc workflow designer -* [`OOM-695 `_] - Improve Readiness-check prob -* [`OOM-722 `_] - OOM - Run all ONAP components in one namespace -* [`OOM-725 `_] - Use Blueprint to install Helm and k8s dashboard while creating k8s cluster -* [`OOM-727 `_] - Add Standardized Configuration to SO -* [`OOM-728 `_] - Add Standardized Configuration to ROBOT -* [`OOM-729 `_] - Add Standardized Configuration to VID -* [`OOM-730 `_] - Add Standardized Configuration to Consul -* [`OOM-731 `_] - Add Standardized Configuration to DMaaP Message Router -* [`OOM-732 `_] - Add Standardized Configuration to AAF -* [`OOM-733 `_] - Add Standardized Configuration to APPC -* [`OOM-734 `_] - Add Standardized Configuration to AAI -* [`OOM-735 `_] - Add Standardized Configuration to CLAMP -* [`OOM-736 `_] - Add Standardized Configuration to CLI -* [`OOM-737 `_] - Add Standardized Configuration to DCAEGEN2 -* [`OOM-738 `_] - Add Standardized Configuration to ESR -* [`OOM-739 `_] - Add Standardized Configuration to KUBE2MSB -* [`OOM-740 `_] - Add Standardized Configuration to LOG -* [`OOM-742 `_] - Add Standardized Configuration to MSB -* [`OOM-743 `_] - Replace deprecated MSO Helm Chart with Standardized SO Helm Chart -* [`OOM-744 `_] - Add Standardized Configuration to MULTICLOUD -* [`OOM-746 `_] - Add Standardized Configuration to PORTAL -* [`OOM-747 `_] - Add Standardized Configuration to SDC -* [`OOM-748 `_] - Add Standardized Configuration to SDNC -* [`OOM-749 `_] - Add Standardized Configuration to UUI -* [`OOM-750 `_] - Add Standardized Configuration to VFC -* [`OOM-751 `_] - Add Standardized Configuration to VNFSDK -* [`OOM-758 `_] - Common Mariadb Galera Helm Chart to be reused by many applications -* [`OOM-771 `_] - OOM - update master with new policy db deployment -* [`OOM-777 `_] - Add Standardized Configuration Helm Starter Chart -* [`OOM-779 `_] - OOM APPC ODL (MDSAL) persistent storage -* [`OOM-780 `_] - Update MSO to latest working version. -* [`OOM-786 `_] - Re-add support for multiple instances of ONAP -* [`OOM-788 `_] - Abstract docker secrets -* [`OOM-789 `_] - Abstract cluster role binding -* [`OOM-811 `_] - Make kube2msb use secret instead of passing token as environment variable -* [`OOM-822 `_] - Update Documentation for the Beijing Release -* [`OOM-823 `_] - Add CDT image to APPC chart -* [`OOM-827 `_] - Add quick start documentation README -* [`OOM-828 `_] - Remove oneclick scripts -* [`OOM-857 `_] - kube2msb fails to start -* [`OOM-914 `_] - Add LOG component robot healthcheck -* [`OOM-960 `_] - OOM Healthcheck lockdown - currently 32/39 : 20180421 -* [`OOM-979 `_] - Enhance OOM TOSCA solution to support standardized Helm Chart -* [`OOM-1006 `_] - VNFSDK healthcheck fails -* [`OOM-1073 `_] - Change the Repository location in the image oomk8s/config-init:2.0.0-SNAPSHOT -* [`OOM-1078 `_] - Update Kubectl, docker, helm version +* [`OOM-11 `_] - Add AAF containers to ONAP Kubernetes +* [`OOM-13 `_] - Add CLI containers to ONAP Kubernetes +* [`OOM-15 `_] - Add DMAAP containers to ONAP Kubernetes +* [`OOM-20 `_] - State Monitoring: MSO/mso +* [`OOM-21 `_] - State Monitoring: A&AI/aai-service +* [`OOM-22 `_] - State Monitoring: SDNC/sdc-be +* [`OOM-24 `_] - State Monitoring: message-router +* [`OOM-25 `_] - State Monitoring: MSB +* [`OOM-29 `_] - State Monitoring: VID +* [`OOM-31 `_] - State Monitoring: APPC/dbhost +* [`OOM-32 `_] - State Monitoring: VFC +* [`OOM-33 `_] - State Monitoring: Multi-VIM +* [`OOM-34 `_] - Auto-Restart on failure: ... +* [`OOM-35 `_] - State Monitoring: A&AI/hbase +* [`OOM-36 `_] - State Monitoring: A&AI/model-loader-service +* [`OOM-37 `_] - State Monitoring: APPC/dgbuilder +* [`OOM-38 `_] - State Monitoring: APPC/sdnctldb01 +* [`OOM-39 `_] - State Monitoring: APPC/sdnctldb02 +* [`OOM-40 `_] - State Monitoring: APPC/sdnhost +* [`OOM-41 `_] - State Monitoring: MSO/mariadb +* [`OOM-42 `_] - State Monitoring: SDNC/dbhost +* [`OOM-43 `_] - State Monitoring: SDNC/sdnc-dgbuilder +* [`OOM-44 `_] - State Monitoring: SDNC/sdnc-portal +* [`OOM-45 `_] - State Monitoring: SDNC/sdnctldb01 +* [`OOM-51 `_] - OOM ONAP Configuration Management - Externalize hardwired values +* [`OOM-52 `_] - OOM ONAP Configuration Management - Parameterization of docker images +* [`OOM-53 `_] - OOM ONAP Configuration Management - Parameterization for Sizing +* [`OOM-63 `_] - Kubernetes cluster created by TOSCA description +* [`OOM-85 `_] - Test the code in the "Lab" project environment +* [`OOM-86 `_] - Monitoring the health status of ONAP components +* [`OOM-87 `_] - Configure TOSCA description via dashboard +* [`OOM-88 `_] - Deploy Holmes on K8S cluster by TOSCA description +* [`OOM-89 `_] - Deploy CLAMP on K8S cluster by TOSCA description +* [`OOM-91 `_] - Deploy MSB on K8S cluster by TOSCA description +* [`OOM-92 `_] - Deploy AAF on K8S cluster by TOSCA description +* [`OOM-93 `_] - Deploy VF-C on K8S cluster by TOSCA description +* [`OOM-94 `_] - Deploy Multi-VIM on K8S cluster by TOSCA description +* [`OOM-95 `_] - Deploy DCAEGen2 on K8S cluster by TOSCA description +* [`OOM-96 `_] - Deploy AAI on K8S cluster by TOSCA description +* [`OOM-97 `_] - Deploy APPC on K8S cluster by TOSCA description +* [`OOM-98 `_] - Deploy MSO on K8S cluster by TOSCA description +* [`OOM-99 `_] - Deploy Policy on K8S cluster by TOSCA description +* [`OOM-100 `_] - Deploy SDC on K8S cluster by TOSCA description +* [`OOM-102 `_] - Deploy VID on K8S cluster by TOSCA description +* [`OOM-110 `_] - OOM ONAP Logging - Elastic Stack components deployment +* [`OOM-111 `_] - OOM ONAP Logging - FileBeat deployment aside ONAP components +* [`OOM-112 `_] - OOM ONAP Logging - Configuration of all ONAP components to emit canonical logs +* [`OOM-116 `_] - ignore intellj files +* [`OOM-145 `_] - update directory path from dockerdata-nfs to configured directory name (make it configurable) +* [`OOM-235 `_] - Service endpoint annotation for Usecase UI +* [`OOM-242 `_] - Modify DCAE seed for Helm +* [`OOM-262 `_] - Remove "oneclick" kubectl scripts. +* [`OOM-265 `_] - Top level helm chart for ONAP +* [`OOM-268 `_] - Persist and externalize database directories via persistent volumes +* [`OOM-271 `_] - Copy app config files from source +* [`OOM-272 `_] - Set application environment variables from source +* [`OOM-277 `_] - add automatic ONAP config parameter substitution +* [`OOM-280 `_] - MSB automatically re-synch service data on restart. +* [`OOM-292 `_] - Expose LOG Volume via /dockerdata-nfs +* [`OOM-293 `_] - OOM ONAP Configuration Management - Handling of Secrets +* [`OOM-298 `_] - Provide script to cleanup configuration data created by createConfig.sh +* [`OOM-322 `_] - Clean-up config files that are generated at system startup +* [`OOM-341 `_] - Provide an example of a partial deployment of ONAP components (e.g. no VFC) +* [`OOM-342 `_] - Add pointer to Wiki page on the readme file. +* [`OOM-344 `_] - Break the configuration tarball per appplication +* [`OOM-345 `_] - Re-validate # of containers and configuration for DCAEgen2 +* [`OOM-356 `_] - Add 'Usecase UI' containers to ONAP Kubernetes +* [`OOM-359 `_] - SDC logback chef failure +* [`OOM-375 `_] - F2F: ONAP/OOM for Developers +* [`OOM-382 `_] - Robot Version 1.1 OpenO tests +* [`OOM-406 `_] - In Kubernetes 1.8, the annotations are no longer supported and must be converted to the PodSpec field. +* [`OOM-457 `_] - In Kubernetes 1.8, init-container annotations to be converted to PodSpec field for aaf, clamp and vfc +* [`OOM-460 `_] - Segregating configuration of ONAP components +* [`OOM-476 `_] - Parameterize values.yaml docker image repos into global config variables +* [`OOM-528 `_] - Confirm k8s context with a prompt for deleteAll.bash +* [`OOM-534 `_] - Need to provide support for creating different sized OOM deployments +* [`OOM-546 `_] - Provide option to collect ONAP env details for issue investigations +* [`OOM-569 `_] - Investigate containerizing Cloudify Manager +* [`OOM-579 `_] - Document a Cloudify deployment of OOM Beijing +* [`OOM-633 `_] - Provide direct access to ONAP Portal without the need to use VNC +* [`OOM-677 `_] - Update all source code files with the Apache 2 License header +* [`OOM-678 `_] - Enforce MSB dockers dependencies using init-container +* [`OOM-681 `_] - updating docker images/components to latest code +* [`OOM-682 `_] - deployment of sdc workflow designer +* [`OOM-695 `_] - Improve Readiness-check prob +* [`OOM-722 `_] - OOM - Run all ONAP components in one namespace +* [`OOM-725 `_] - Use Blueprint to install Helm and k8s dashboard while creating k8s cluster +* [`OOM-727 `_] - Add Standardized Configuration to SO +* [`OOM-728 `_] - Add Standardized Configuration to ROBOT +* [`OOM-729 `_] - Add Standardized Configuration to VID +* [`OOM-730 `_] - Add Standardized Configuration to Consul +* [`OOM-731 `_] - Add Standardized Configuration to DMaaP Message Router +* [`OOM-732 `_] - Add Standardized Configuration to AAF +* [`OOM-733 `_] - Add Standardized Configuration to APPC +* [`OOM-734 `_] - Add Standardized Configuration to AAI +* [`OOM-735 `_] - Add Standardized Configuration to CLAMP +* [`OOM-736 `_] - Add Standardized Configuration to CLI +* [`OOM-737 `_] - Add Standardized Configuration to DCAEGEN2 +* [`OOM-738 `_] - Add Standardized Configuration to ESR +* [`OOM-739 `_] - Add Standardized Configuration to KUBE2MSB +* [`OOM-740 `_] - Add Standardized Configuration to LOG +* [`OOM-742 `_] - Add Standardized Configuration to MSB +* [`OOM-743 `_] - Replace deprecated MSO Helm Chart with Standardized SO Helm Chart +* [`OOM-744 `_] - Add Standardized Configuration to MULTICLOUD +* [`OOM-746 `_] - Add Standardized Configuration to PORTAL +* [`OOM-747 `_] - Add Standardized Configuration to SDC +* [`OOM-748 `_] - Add Standardized Configuration to SDNC +* [`OOM-749 `_] - Add Standardized Configuration to UUI +* [`OOM-750 `_] - Add Standardized Configuration to VFC +* [`OOM-751 `_] - Add Standardized Configuration to VNFSDK +* [`OOM-758 `_] - Common Mariadb Galera Helm Chart to be reused by many applications +* [`OOM-771 `_] - OOM - update master with new policy db deployment +* [`OOM-777 `_] - Add Standardized Configuration Helm Starter Chart +* [`OOM-779 `_] - OOM APPC ODL (MDSAL) persistent storage +* [`OOM-780 `_] - Update MSO to latest working version. +* [`OOM-786 `_] - Re-add support for multiple instances of ONAP +* [`OOM-788 `_] - Abstract docker secrets +* [`OOM-789 `_] - Abstract cluster role binding +* [`OOM-811 `_] - Make kube2msb use secret instead of passing token as environment variable +* [`OOM-822 `_] - Update Documentation for the Beijing Release +* [`OOM-823 `_] - Add CDT image to APPC chart +* [`OOM-827 `_] - Add quick start documentation README +* [`OOM-828 `_] - Remove oneclick scripts +* [`OOM-857 `_] - kube2msb fails to start +* [`OOM-914 `_] - Add LOG component robot healthcheck +* [`OOM-960 `_] - OOM Healthcheck lockdown - currently 32/39 : 20180421 +* [`OOM-979 `_] - Enhance OOM TOSCA solution to support standardized Helm Chart +* [`OOM-1006 `_] - VNFSDK healthcheck fails +* [`OOM-1073 `_] - Change the Repository location in the image oomk8s/config-init:2.0.0-SNAPSHOT +* [`OOM-1078 `_] - Update Kubectl, docker, helm version Task **** -* [`OOM-57 `_] - Agree on configuration contract/YAML with each of the project teams -* [`OOM-105 `_] - TOSCA based orchestration demo -* [`OOM-257 `_] - DevOps: OOM config reset procedure for new /dockerdata-nfs content -* [`OOM-305 `_] - Rename MSO to SO in OOM -* [`OOM-332 `_] - Add AAI filebeat container - blocked by LOG-67 -* [`OOM-428 `_] - Add log container healthcheck to mark failed creations - see OOM-427 -* [`OOM-429 `_] - DOC: Document HELM server version 2.7.2 required for tpl usage -* [`OOM-489 `_] - Update values.yaml files for tag name changes for docker images and versions. -* [`OOM-543 `_] - SDNC adjust docker pullPolicy to IfNotPresent to speed up initial deployment slowdown introduced by SDNC-163 -* [`OOM-604 `_] - Update OOM and HEAT AAI sparky master from v1.1.0 to v1.1.1 - match INT-288 -* [`OOM-614 `_] - SDC, SDNC, AAI Healthcheck failures last 12 hours 20180124:1100EST -* [`OOM-624 `_] - CII security badging: cleartext password for keystone and docker repo creds -* [`OOM-726 `_] - Mirror AAI docker version changes into OOM from AAI-791 -* [`OOM-772 `_] - Remove old DCAE from Release -* [`OOM-801 `_] - Policy docker images rename - key off new name in POLICY-674 -* [`OOM-810 `_] - Improve emsdriver code -* [`OOM-819 `_] - expose log/logstash 5044 as nodeport for external log producers outside of the kubernetes cluster -* [`OOM-820 `_] - Bypass vnc-portal for ONAP portal access -* [`OOM-943 `_] - Upgrade prepull_docker.sh to work with new helm based master refactor - post OOM-328 -* [`OOM-947 `_] - Update AAI to latest images -* [`OOM-975 `_] - Notes are missing in multicloud -* [`OOM-1031 `_] - Config Changes for consul to make vid, so, log health checks pass -* [`OOM-1032 `_] - Making consul Stateful -* [`OOM-1122 `_] - Update APPC OOM chart to use Beijing release artifacts +* [`OOM-57 `_] - Agree on configuration contract/YAML with each of the project teams +* [`OOM-105 `_] - TOSCA based orchestration demo +* [`OOM-257 `_] - DevOps: OOM config reset procedure for new /dockerdata-nfs content +* [`OOM-305 `_] - Rename MSO to SO in OOM +* [`OOM-332 `_] - Add AAI filebeat container - blocked by LOG-67 +* [`OOM-428 `_] - Add log container healthcheck to mark failed creations - see OOM-427 +* [`OOM-429 `_] - DOC: Document HELM server version 2.7.2 required for tpl usage +* [`OOM-489 `_] - Update values.yaml files for tag name changes for docker images and versions. +* [`OOM-543 `_] - SDNC adjust docker pullPolicy to IfNotPresent to speed up initial deployment slowdown introduced by SDNC-163 +* [`OOM-604 `_] - Update OOM and HEAT AAI sparky master from v1.1.0 to v1.1.1 - match INT-288 +* [`OOM-614 `_] - SDC, SDNC, AAI Healthcheck failures last 12 hours 20180124:1100EST +* [`OOM-624 `_] - CII security badging: cleartext password for keystone and docker repo creds +* [`OOM-726 `_] - Mirror AAI docker version changes into OOM from AAI-791 +* [`OOM-772 `_] - Remove old DCAE from Release +* [`OOM-801 `_] - Policy docker images rename - key off new name in POLICY-674 +* [`OOM-810 `_] - Improve emsdriver code +* [`OOM-819 `_] - expose log/logstash 5044 as nodeport for external log producers outside of the kubernetes cluster +* [`OOM-820 `_] - Bypass vnc-portal for ONAP portal access +* [`OOM-943 `_] - Upgrade prepull_docker.sh to work with new helm based master refactor - post OOM-328 +* [`OOM-947 `_] - Update AAI to latest images +* [`OOM-975 `_] - Notes are missing in multicloud +* [`OOM-1031 `_] - Config Changes for consul to make vid, so, log health checks pass +* [`OOM-1032 `_] - Making consul Stateful +* [`OOM-1122 `_] - Update APPC OOM chart to use Beijing release artifacts Bug *** -* [`OOM-4 `_] - deleteAll.bash fails to properly delete services and ports -* [`OOM-153 `_] - test - Sample Bug -* [`OOM-212 `_] - deleteAll script does not have an option to delete the services -* [`OOM-215 `_] - configure_app for helm apps is not correct -* [`OOM-218 `_] - createConfig.sh needs a chmod 755 in release-1.0.0 only -* [`OOM-239 `_] - mso.tar created in dockerdatanfs -* [`OOM-258 `_] - AAI logs are not being written outside the pods -* [`OOM-282 `_] - vnc-portal requires /etc/hosts url fix for SDC sdc.ui should be sdc.api -* [`OOM-283 `_] - No longer able to deploy instances in specified namespace -* [`OOM-290 `_] - config_init pod fails when /dockerdata-nfs is nfs-mounted -* [`OOM-300 `_] - cat: /config-init/onap/mso/mso/encryption.key: No such file or directory -* [`OOM-333 `_] - vfc-workflow fails [VFC BUG] - fixed - 20180117 vfc-ztevnfmdriver has docker pull issue -* [`OOM-334 `_] - Change kubernetes startup user -* [`OOM-351 `_] - Apply standard convention across the "template deployment YML" file -* [`OOM-352 `_] - failed to start VFC containers -* [`OOM-363 `_] - DCAE tests NOK with Robot E2E tests -* [`OOM-366 `_] - certificates in consul agent config are not in the right directory -* [`OOM-389 `_] - sdc-be and sdc-fe do not initialize correctly on latest master -* [`OOM-409 `_] - Update Vid yaml file to point to the ONAPPORTAL URL -* [`OOM-413 `_] - In portal VNC pod refresh /etc/hosts entries -* [`OOM-414 `_] - MSB Healtcheck failure on $*_ENDPOINT variables -* [`OOM-424 `_] - DCAE installation is not possible today -* [`OOM-430 `_] - Portal healthcheck passing on vnc-portal down -* [`OOM-467 `_] - Optimize config-init process -* [`OOM-493 `_] - Kubernetes infrastructure for ESR -* [`OOM-496 `_] - Readiness check is marking full availability of some components like SDC and SDNC before they would pass healthcheck -* [`OOM-514 `_] - Readiness prob fails sometimes even though the relevant pods are running -* [`OOM-539 `_] - Kube2MSB registrator doesn't support https REST service registration -* [`OOM-570 `_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable -* [`OOM-574 `_] - OOM configuration for robot does not copy heat templatese in dockerdata-nfs -* [`OOM-577 `_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml) -* [`OOM-578 `_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file -* [`OOM-589 `_] - Can not acces CLI in vnc-portal -* [`OOM-598 `_] - createAll.bash base64: invalid option -- d -* [`OOM-600 `_] - Unable to open CLI by clicking CLI application icon -* [`OOM-630 `_] - Red herring config pod deletion error on deleteAll - after we started deleting onap-config automatically -* [`OOM-645 `_] - Kube2MSB RBAC security issues -* [`OOM-653 `_] - sdnc-dbhost-0 deletion failure -* [`OOM-657 `_] - Look into DCAEGEN2 failure on duplicate servicePort -* [`OOM-672 `_] - hardcoded clusterIP for aai breaks auto installation -* [`OOM-680 `_] - ONAP Failure install with kubernetes 1.8+ -* [`OOM-687 `_] - Typo in README_HELM -* [`OOM-724 `_] - License Update in TOSCA -* [`OOM-767 `_] - data-router-logs and elasticsearch-data mapped to same folder -* [`OOM-768 `_] - Hardcoded onap in config files -* [`OOM-769 `_] - sdc-es data mapping in sdc-be and sdc-fe redundant -* [`OOM-783 `_] - UUI health check is failing -* [`OOM-784 `_] - make new so chart one namespace compatible -* [`OOM-791 `_] - After OOM-722 merge - docker pulls are timing out - switch to pullPolicy IfNotPresent -* [`OOM-794 `_] - demo-k8s.sh name not modified in the usage string -* [`OOM-795 `_] - HEAT templates for robot instantiateVFW missing -* [`OOM-796 `_] - robot asdc/sdngc interface in synch for Master -* [`OOM-797 `_] - GLOBAL_INJECTED_SCRIPT_VERSION missing from vm_properties.py -* [`OOM-804 `_] - VFC vfc-ztevnfmdriver container failure -* [`OOM-815 `_] - OOM Robot container helm failure after OOM-728 35909 merge -* [`OOM-829 `_] - Can not make multicloud helm chart -* [`OOM-830 `_] - Fix OOM build dependencies -* [`OOM-835 `_] - CLAMP mariadb pv is pointing to a wrong location -* [`OOM-836 `_] - champ and gizmo yaml validation issue -* [`OOM-845 `_] - Global repository should not be set by default -* [`OOM-846 `_] - Add liveness enabled fix to helm starter -* [`OOM-847 `_] - log-elasticsearch external ports are not externally accessible -* [`OOM-848 `_] - log-logstash logstash pipeline fails to start after oom standard config changes -* [`OOM-851 `_] - sdc chart validation error -* [`OOM-856 `_] - appc mysql fails deployment -* [`OOM-858 `_] - Fail to deploy onap chart due to config map size -* [`OOM-870 `_] - Missing CLAMP configuration -* [`OOM-871 `_] - log kibana container fails to start after oom standard config changes -* [`OOM-872 `_] - APPC-helm Still need config pod -* [`OOM-873 `_] - OOM doc typo -* [`OOM-874 `_] - Inconsistent repository references in ONAP charts -* [`OOM-875 `_] - Cannot retrieve robot logs -* [`OOM-876 `_] - Some containers ignore the repository setting -* [`OOM-878 `_] - MySQL slave nodes don't deploy when mysql.replicaCount > 1 -* [`OOM-881 `_] - SDN-C Portal pod fails to come up -* [`OOM-882 `_] - Some SDNC service names should be prefixed with the helm release name -* [`OOM-884 `_] - VID-VID mariadb pv is pointing to a wrong location -* [`OOM-885 `_] - Beijing oom component log messages missing in Elasticsearch -* [`OOM-886 `_] - kube2msb not starting up -* [`OOM-887 `_] - SDN-C db schema and sdnctl db user not reliably being created -* [`OOM-888 `_] - aaf-cs mapping wrong -* [`OOM-889 `_] - restore pv&pvc for mysql when NFS provisioner is disabled -* [`OOM-898 `_] - Multicloud-framework config file is not volume-mounted -* [`OOM-899 `_] - SDNC main pod does not come up -* [`OOM-900 `_] - portal-cassandra missing pv and pvc -* [`OOM-904 `_] - OOM problems bringing up components and passing healthchecks -* [`OOM-905 `_] - Charts use nsPrefix instead of release namespace -* [`OOM-906 `_] - Make all services independent of helm Release.Name -* [`OOM-907 `_] - Make all persistent volume to be mapped to a location defined by helm Release.Name -* [`OOM-908 `_] - Job portal-db-config fails due to missing image config -* [`OOM-909 `_] - SO Health Check fails -* [`OOM-910 `_] - VID Health Check fails -* [`OOM-911 `_] - VFC Health Check fails for 9 components -* [`OOM-912 `_] - Multicloud Health Check fails for 1 of its components -* [`OOM-913 `_] - Consul agent pod is failing -* [`OOM-916 `_] - Used to fix testing issues related to usability -* [`OOM-918 `_] - Policy - incorrect configmap mount causes base.conf to disappear -* [`OOM-920 `_] - Issue with CLAMP configuration -* [`OOM-921 `_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs -* [`OOM-926 `_] - Disable clustering for APP-C out-of-the-box -* [`OOM-927 `_] - Need a production grade configuration override file of ONAP deployment -* [`OOM-928 `_] - Some charts use /dockerdata-nfs by default -* [`OOM-929 `_] - DMaaP message router docker image fails to pull -* [`OOM-930 `_] - New AAF Helm Charts required -* [`OOM-931 `_] - Reintroduce VNC pod into OOM -* [`OOM-932 `_] - Unblock integration testing -* [`OOM-935 `_] - sdc-cassandra pod fails to delete using helm delete - forced kubectl delete -* [`OOM-936 `_] - Readiness-check prob version is inconsistent across components -* [`OOM-937 `_] - Portal Cassandra config map points to wrong directory -* [`OOM-938 `_] - Can't install aai alone using helm -* [`OOM-945 `_] - SDNC some bundles failing to start cleanly -* [`OOM-948 `_] - make vfc got an error -* [`OOM-951 `_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL -* [`OOM-953 `_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3 -* [`OOM-958 `_] - SDC-be deployment missing environment parameter -* [`OOM-964 `_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down -* [`OOM-968 `_] - warning on default deployment values.yaml -* [`OOM-969 `_] - oomk8s images have no Dockerfile's -* [`OOM-971 `_] - Common service name template should allow for chart name override -* [`OOM-974 `_] - Cassandra bootstrap is done incorrectly -* [`OOM-977 `_] - The esr-gui annotations should include a "path" param when register to MSB -* [`OOM-985 `_] - DMAAP Redis fails to start -* [`OOM-986 `_] - SDC BE and FE logs are missing -* [`OOM-989 `_] - Sync ete-k8.sh and ete.sh for new log file numbering -* [`OOM-990 `_] - AUTO.json in SDC has unreachable addresses -* [`OOM-993 `_] - AAI model-loader.properties not in sync with project file -* [`OOM-994 `_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0 -* [`OOM-1003 `_] - dcae-cloudify-manager chart references obsolete image version -* [`OOM-1004 `_] - aai-resources constantly fails due to cassandra hostname -* [`OOM-1005 `_] - AAI Widgets not loading due to duplicate volumes -* [`OOM-1007 `_] - Update dcae robot health check config -* [`OOM-1008 `_] - Set default consul server replica count to 1 -* [`OOM-1010 `_] - Fix broken property names in DCAE input files -* [`OOM-1011 `_] - Policy config correction after Service Name changes because of OOM-906 -* [`OOM-1013 `_] - Update DCAE container versions -* [`OOM-1014 `_] - Portal login not working due to inconsistent zookeeper naming -* [`OOM-1015 `_] - Champ fails to start -* [`OOM-1016 `_] - DOC-OPS Review: Helm install command is wrong on oom_user_guide - missing namespace -* [`OOM-1017 `_] - DOC-OPS review: Docker/Kubernetes versions wrong for master in oom_cloud_setup_guide -* [`OOM-1018 `_] - DOC-OPS review: global repo override does not match git in oom quick start guide -* [`OOM-1019 `_] - DOC-OPS review: Add Ubuntu 16.04 reference to oom_user_guide to avoid 14/16 confusion -* [`OOM-1021 `_] - Update APPC resources for Nitrogen ODL -* [`OOM-1022 `_] - Fix SDC startup dependencies -* [`OOM-1023 `_] - "spring.datasource.cldsdb.url" in clamp has wrong clampdb name -* [`OOM-1024 `_] - Cassandra data not persisted -* [`OOM-1033 `_] - helm error during deployment 20180501:1900 - all builds under 2.7.2 -* [`OOM-1034 `_] - VID Ports incorrect in deployment.yaml -* [`OOM-1037 `_] - Enable CLI health check -* [`OOM-1039 `_] - Service distribution to SO fails -* [`OOM-1041 `_] - aai-service was renamed, but old references remain -* [`OOM-1042 `_] - portalapps service was renamed, but old references remain -* [`OOM-1045 `_] - top level values.yaml missing entry for dmaap chart -* [`OOM-1049 `_] - SDNC_UEB_LISTENER db -* [`OOM-1050 `_] - Impossible to deploy consul using cache docker registry -* [`OOM-1051 `_] - Fix aaf deployment -* [`OOM-1052 `_] - SO cloud config file points to Rackspace cloud -* [`OOM-1054 `_] - Portal LoadBalancer Ingress IP is on the wrong network -* [`OOM-1060 `_] - Incorrect MR Kafka references prevent aai champ from starting -* [`OOM-1061 `_] - ConfigMap size limit exceeded -* [`OOM-1064 `_] - Improve docker registry secret management -* [`OOM-1066 `_] - Updating TOSCA blueprint to sync up with helm configuration changes (add dmaap and oof/delete message-router) -* [`OOM-1068 `_] - Update SO with new AAI cert -* [`OOM-1076 `_] - some charts still using readiness check image from amsterdam 1.x -* [`OOM-1077 `_] - AAI resources and traversal deployment failure on non-rancher envs -* [`OOM-1079 `_] - Robot charts do not allow over ride of pub_key, dcae_collector_ip and dcae_collector_port -* [`OOM-1081 `_] - Remove component 'mock' from TOSCA deployment -* [`OOM-1082 `_] - Wrong pv location of dcae postgres -* [`OOM-1085 `_] - appc hostname is incorrect in url -* [`OOM-1086 `_] - clamp deployment changes /dockerdata-nfs/ReleaseName dir permissions -* [`OOM-1088 `_] - APPC returns error for vCPE restart message from Policy -* [`OOM-1089 `_] - DCAE pods are not getting purged -* [`OOM-1093 `_] - Line wrapping issue in redis-cluster-config.sh script -* [`OOM-1094 `_] - Fix postgres startup -* [`OOM-1095 `_] - common makefile builds out of order -* [`OOM-1096 `_] - node port conflict SDNC (Geo enabled) & other charts -* [`OOM-1097 `_] - Nbi needs dep-nbi - crash on make all -* [`OOM-1099 `_] - Add External Interface NBI project into OOM TOSCA -* [`OOM-1102 `_] - Incorrect AAI services -* [`OOM-1103 `_] - Cannot disable NBI -* [`OOM-1104 `_] - Policy DROOLS configuration across container restarts -* [`OOM-1110 `_] - Clamp issue when connecting Policy -* [`OOM-1111 `_] - Please revert to using VNFSDK Postgres container -* [`OOM-1114 `_] - APPC is broken in latest helm chart -* [`OOM-1115 `_] - SDNC DGBuilder cant operate on DGs in database - need NodePort -* [`OOM-1116 `_] - Correct values needed by NBI chart -* [`OOM-1124 `_] - Update OOM APPC chart to enhance AAF support -* [`OOM-1126 `_] - Incorrect Port mapping between CDT Application and APPC main application -* [`OOM-1127 `_] - SO fails healthcheck -* [`OOM-1128 `_] - AAF CS fails to start in OpenLab +* [`OOM-4 `_] - deleteAll.bash fails to properly delete services and ports +* [`OOM-153 `_] - test - Sample Bug +* [`OOM-212 `_] - deleteAll script does not have an option to delete the services +* [`OOM-215 `_] - configure_app for helm apps is not correct +* [`OOM-218 `_] - createConfig.sh needs a chmod 755 in release-1.0.0 only +* [`OOM-239 `_] - mso.tar created in dockerdatanfs +* [`OOM-258 `_] - AAI logs are not being written outside the pods +* [`OOM-282 `_] - vnc-portal requires /etc/hosts url fix for SDC sdc.ui should be sdc.api +* [`OOM-283 `_] - No longer able to deploy instances in specified namespace +* [`OOM-290 `_] - config_init pod fails when /dockerdata-nfs is nfs-mounted +* [`OOM-300 `_] - cat: /config-init/onap/mso/mso/encryption.key: No such file or directory +* [`OOM-333 `_] - vfc-workflow fails [VFC BUG] - fixed - 20180117 vfc-ztevnfmdriver has docker pull issue +* [`OOM-334 `_] - Change kubernetes startup user +* [`OOM-351 `_] - Apply standard convention across the "template deployment YML" file +* [`OOM-352 `_] - failed to start VFC containers +* [`OOM-363 `_] - DCAE tests NOK with Robot E2E tests +* [`OOM-366 `_] - certificates in consul agent config are not in the right directory +* [`OOM-389 `_] - sdc-be and sdc-fe do not initialize correctly on latest master +* [`OOM-409 `_] - Update Vid yaml file to point to the ONAPPORTAL URL +* [`OOM-413 `_] - In portal VNC pod refresh /etc/hosts entries +* [`OOM-414 `_] - MSB Healtcheck failure on $*_ENDPOINT variables +* [`OOM-424 `_] - DCAE installation is not possible today +* [`OOM-430 `_] - Portal healthcheck passing on vnc-portal down +* [`OOM-467 `_] - Optimize config-init process +* [`OOM-493 `_] - Kubernetes infrastructure for ESR +* [`OOM-496 `_] - Readiness check is marking full availability of some components like SDC and SDNC before they would pass healthcheck +* [`OOM-514 `_] - Readiness prob fails sometimes even though the relevant pods are running +* [`OOM-539 `_] - Kube2MSB registrator doesn't support https REST service registration +* [`OOM-570 `_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable +* [`OOM-574 `_] - OOM configuration for robot does not copy heat templatese in dockerdata-nfs +* [`OOM-577 `_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml) +* [`OOM-578 `_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file +* [`OOM-589 `_] - Can not acces CLI in vnc-portal +* [`OOM-598 `_] - createAll.bash base64: invalid option -- d +* [`OOM-600 `_] - Unable to open CLI by clicking CLI application icon +* [`OOM-630 `_] - Red herring config pod deletion error on deleteAll - after we started deleting onap-config automatically +* [`OOM-645 `_] - Kube2MSB RBAC security issues +* [`OOM-653 `_] - sdnc-dbhost-0 deletion failure +* [`OOM-657 `_] - Look into DCAEGEN2 failure on duplicate servicePort +* [`OOM-672 `_] - hardcoded clusterIP for aai breaks auto installation +* [`OOM-680 `_] - ONAP Failure install with kubernetes 1.8+ +* [`OOM-687 `_] - Typo in README_HELM +* [`OOM-724 `_] - License Update in TOSCA +* [`OOM-767 `_] - data-router-logs and elasticsearch-data mapped to same folder +* [`OOM-768 `_] - Hardcoded onap in config files +* [`OOM-769 `_] - sdc-es data mapping in sdc-be and sdc-fe redundant +* [`OOM-783 `_] - UUI health check is failing +* [`OOM-784 `_] - make new so chart one namespace compatible +* [`OOM-791 `_] - After OOM-722 merge - docker pulls are timing out - switch to pullPolicy IfNotPresent +* [`OOM-794 `_] - demo-k8s.sh name not modified in the usage string +* [`OOM-795 `_] - HEAT templates for robot instantiateVFW missing +* [`OOM-796 `_] - robot asdc/sdngc interface in synch for Master +* [`OOM-797 `_] - GLOBAL_INJECTED_SCRIPT_VERSION missing from vm_properties.py +* [`OOM-804 `_] - VFC vfc-ztevnfmdriver container failure +* [`OOM-815 `_] - OOM Robot container helm failure after OOM-728 35909 merge +* [`OOM-829 `_] - Can not make multicloud helm chart +* [`OOM-830 `_] - Fix OOM build dependencies +* [`OOM-835 `_] - CLAMP mariadb pv is pointing to a wrong location +* [`OOM-836 `_] - champ and gizmo yaml validation issue +* [`OOM-845 `_] - Global repository should not be set by default +* [`OOM-846 `_] - Add liveness enabled fix to helm starter +* [`OOM-847 `_] - log-elasticsearch external ports are not externally accessible +* [`OOM-848 `_] - log-logstash logstash pipeline fails to start after oom standard config changes +* [`OOM-851 `_] - sdc chart validation error +* [`OOM-856 `_] - appc mysql fails deployment +* [`OOM-858 `_] - Fail to deploy onap chart due to config map size +* [`OOM-870 `_] - Missing CLAMP configuration +* [`OOM-871 `_] - log kibana container fails to start after oom standard config changes +* [`OOM-872 `_] - APPC-helm Still need config pod +* [`OOM-873 `_] - OOM doc typo +* [`OOM-874 `_] - Inconsistent repository references in ONAP charts +* [`OOM-875 `_] - Cannot retrieve robot logs +* [`OOM-876 `_] - Some containers ignore the repository setting +* [`OOM-878 `_] - MySQL slave nodes don't deploy when mysql.replicaCount > 1 +* [`OOM-881 `_] - SDN-C Portal pod fails to come up +* [`OOM-882 `_] - Some SDNC service names should be prefixed with the helm release name +* [`OOM-884 `_] - VID-VID mariadb pv is pointing to a wrong location +* [`OOM-885 `_] - Beijing oom component log messages missing in Elasticsearch +* [`OOM-886 `_] - kube2msb not starting up +* [`OOM-887 `_] - SDN-C db schema and sdnctl db user not reliably being created +* [`OOM-888 `_] - aaf-cs mapping wrong +* [`OOM-889 `_] - restore pv&pvc for mysql when NFS provisioner is disabled +* [`OOM-898 `_] - Multicloud-framework config file is not volume-mounted +* [`OOM-899 `_] - SDNC main pod does not come up +* [`OOM-900 `_] - portal-cassandra missing pv and pvc +* [`OOM-904 `_] - OOM problems bringing up components and passing healthchecks +* [`OOM-905 `_] - Charts use nsPrefix instead of release namespace +* [`OOM-906 `_] - Make all services independent of helm Release.Name +* [`OOM-907 `_] - Make all persistent volume to be mapped to a location defined by helm Release.Name +* [`OOM-908 `_] - Job portal-db-config fails due to missing image config +* [`OOM-909 `_] - SO Health Check fails +* [`OOM-910 `_] - VID Health Check fails +* [`OOM-911 `_] - VFC Health Check fails for 9 components +* [`OOM-912 `_] - Multicloud Health Check fails for 1 of its components +* [`OOM-913 `_] - Consul agent pod is failing +* [`OOM-916 `_] - Used to fix testing issues related to usability +* [`OOM-918 `_] - Policy - incorrect configmap mount causes base.conf to disappear +* [`OOM-920 `_] - Issue with CLAMP configuration +* [`OOM-921 `_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs +* [`OOM-926 `_] - Disable clustering for APP-C out-of-the-box +* [`OOM-927 `_] - Need a production grade configuration override file of ONAP deployment +* [`OOM-928 `_] - Some charts use /dockerdata-nfs by default +* [`OOM-929 `_] - DMaaP message router docker image fails to pull +* [`OOM-930 `_] - New AAF Helm Charts required +* [`OOM-931 `_] - Reintroduce VNC pod into OOM +* [`OOM-932 `_] - Unblock integration testing +* [`OOM-935 `_] - sdc-cassandra pod fails to delete using helm delete - forced kubectl delete +* [`OOM-936 `_] - Readiness-check prob version is inconsistent across components +* [`OOM-937 `_] - Portal Cassandra config map points to wrong directory +* [`OOM-938 `_] - Can't install aai alone using helm +* [`OOM-945 `_] - SDNC some bundles failing to start cleanly +* [`OOM-948 `_] - make vfc got an error +* [`OOM-951 `_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL +* [`OOM-953 `_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3 +* [`OOM-958 `_] - SDC-be deployment missing environment parameter +* [`OOM-964 `_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down +* [`OOM-968 `_] - warning on default deployment values.yaml +* [`OOM-969 `_] - oomk8s images have no Dockerfile's +* [`OOM-971 `_] - Common service name template should allow for chart name override +* [`OOM-974 `_] - Cassandra bootstrap is done incorrectly +* [`OOM-977 `_] - The esr-gui annotations should include a "path" param when register to MSB +* [`OOM-985 `_] - DMAAP Redis fails to start +* [`OOM-986 `_] - SDC BE and FE logs are missing +* [`OOM-989 `_] - Sync ete-k8.sh and ete.sh for new log file numbering +* [`OOM-990 `_] - AUTO.json in SDC has unreachable addresses +* [`OOM-993 `_] - AAI model-loader.properties not in sync with project file +* [`OOM-994 `_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0 +* [`OOM-1003 `_] - dcae-cloudify-manager chart references obsolete image version +* [`OOM-1004 `_] - aai-resources constantly fails due to cassandra hostname +* [`OOM-1005 `_] - AAI Widgets not loading due to duplicate volumes +* [`OOM-1007 `_] - Update dcae robot health check config +* [`OOM-1008 `_] - Set default consul server replica count to 1 +* [`OOM-1010 `_] - Fix broken property names in DCAE input files +* [`OOM-1011 `_] - Policy config correction after Service Name changes because of OOM-906 +* [`OOM-1013 `_] - Update DCAE container versions +* [`OOM-1014 `_] - Portal login not working due to inconsistent zookeeper naming +* [`OOM-1015 `_] - Champ fails to start +* [`OOM-1016 `_] - DOC-OPS Review: Helm install command is wrong on oom_user_guide - missing namespace +* [`OOM-1017 `_] - DOC-OPS review: Docker/Kubernetes versions wrong for master in oom_cloud_setup_guide +* [`OOM-1018 `_] - DOC-OPS review: global repo override does not match git in oom quick start guide +* [`OOM-1019 `_] - DOC-OPS review: Add Ubuntu 16.04 reference to oom_user_guide to avoid 14/16 confusion +* [`OOM-1021 `_] - Update APPC resources for Nitrogen ODL +* [`OOM-1022 `_] - Fix SDC startup dependencies +* [`OOM-1023 `_] - "spring.datasource.cldsdb.url" in clamp has wrong clampdb name +* [`OOM-1024 `_] - Cassandra data not persisted +* [`OOM-1033 `_] - helm error during deployment 20180501:1900 - all builds under 2.7.2 +* [`OOM-1034 `_] - VID Ports incorrect in deployment.yaml +* [`OOM-1037 `_] - Enable CLI health check +* [`OOM-1039 `_] - Service distribution to SO fails +* [`OOM-1041 `_] - aai-service was renamed, but old references remain +* [`OOM-1042 `_] - portalapps service was renamed, but old references remain +* [`OOM-1045 `_] - top level values.yaml missing entry for dmaap chart +* [`OOM-1049 `_] - SDNC_UEB_LISTENER db +* [`OOM-1050 `_] - Impossible to deploy consul using cache docker registry +* [`OOM-1051 `_] - Fix aaf deployment +* [`OOM-1052 `_] - SO cloud config file points to Rackspace cloud +* [`OOM-1054 `_] - Portal LoadBalancer Ingress IP is on the wrong network +* [`OOM-1060 `_] - Incorrect MR Kafka references prevent aai champ from starting +* [`OOM-1061 `_] - ConfigMap size limit exceeded +* [`OOM-1064 `_] - Improve docker registry secret management +* [`OOM-1066 `_] - Updating TOSCA blueprint to sync up with helm configuration changes (add dmaap and oof/delete message-router) +* [`OOM-1068 `_] - Update SO with new AAI cert +* [`OOM-1076 `_] - some charts still using readiness check image from amsterdam 1.x +* [`OOM-1077 `_] - AAI resources and traversal deployment failure on non-rancher envs +* [`OOM-1079 `_] - Robot charts do not allow over ride of pub_key, dcae_collector_ip and dcae_collector_port +* [`OOM-1081 `_] - Remove component 'mock' from TOSCA deployment +* [`OOM-1082 `_] - Wrong pv location of dcae postgres +* [`OOM-1085 `_] - appc hostname is incorrect in url +* [`OOM-1086 `_] - clamp deployment changes /dockerdata-nfs/ReleaseName dir permissions +* [`OOM-1088 `_] - APPC returns error for vCPE restart message from Policy +* [`OOM-1089 `_] - DCAE pods are not getting purged +* [`OOM-1093 `_] - Line wrapping issue in redis-cluster-config.sh script +* [`OOM-1094 `_] - Fix postgres startup +* [`OOM-1095 `_] - common makefile builds out of order +* [`OOM-1096 `_] - node port conflict SDNC (Geo enabled) & other charts +* [`OOM-1097 `_] - Nbi needs dep-nbi - crash on make all +* [`OOM-1099 `_] - Add External Interface NBI project into OOM TOSCA +* [`OOM-1102 `_] - Incorrect AAI services +* [`OOM-1103 `_] - Cannot disable NBI +* [`OOM-1104 `_] - Policy DROOLS configuration across container restarts +* [`OOM-1110 `_] - Clamp issue when connecting Policy +* [`OOM-1111 `_] - Please revert to using VNFSDK Postgres container +* [`OOM-1114 `_] - APPC is broken in latest helm chart +* [`OOM-1115 `_] - SDNC DGBuilder cant operate on DGs in database - need NodePort +* [`OOM-1116 `_] - Correct values needed by NBI chart +* [`OOM-1124 `_] - Update OOM APPC chart to enhance AAF support +* [`OOM-1126 `_] - Incorrect Port mapping between CDT Application and APPC main application +* [`OOM-1127 `_] - SO fails healthcheck +* [`OOM-1128 `_] - AAF CS fails to start in OpenLab Sub-task ******** -* [`OOM-304 `_] - Service endpoint annotation for Data Router -* [`OOM-306 `_] - Handle mariadb secrets -* [`OOM-510 `_] - Increase vm.max_map_count to 262144 when running Rancher 1.6.11+ via helm 2.6+ - for elasticsearch log mem failure -* [`OOM-512 `_] - Push the reviewed and merged ReadMe content to RTD -* [`OOM-641 `_] - Segregating of configuration for SDNC-UEB component -* [`OOM-655 `_] - Create alternate prepull script which provides more user feedback and logging -* [`OOM-753 `_] - Create Helm Sub-Chart for SO's embedded mariadb -* [`OOM-754 `_] - Create Helm Chart for SO -* [`OOM-774 `_] - Create Helm Sub-Chart for APPC's embedded mySQL database -* [`OOM-775 `_] - Create Helm Chart for APPC -* [`OOM-778 `_] - Replace NFS Provisioner with configurable PV storage solution -* [`OOM-825 `_] - Apache 2 License updation for All sqls and .js file -* [`OOM-849 `_] - Policy Nexus component needs persistent volume for /sonatype-work -* [`OOM-991 `_] - Adjust SDC-BE init job timing from 10 to 30s to avoid restarts on single node systems -* [`OOM-1036 `_] - update helm from 2.7.2 to 2.8.2 wiki/rtd -* [`OOM-1063 `_] - Document Portal LoadBalancer Ingress IP Settings +* [`OOM-304 `_] - Service endpoint annotation for Data Router +* [`OOM-306 `_] - Handle mariadb secrets +* [`OOM-510 `_] - Increase vm.max_map_count to 262144 when running Rancher 1.6.11+ via helm 2.6+ - for elasticsearch log mem failure +* [`OOM-512 `_] - Push the reviewed and merged ReadMe content to RTD +* [`OOM-641 `_] - Segregating of configuration for SDNC-UEB component +* [`OOM-655 `_] - Create alternate prepull script which provides more user feedback and logging +* [`OOM-753 `_] - Create Helm Sub-Chart for SO's embedded mariadb +* [`OOM-754 `_] - Create Helm Chart for SO +* [`OOM-774 `_] - Create Helm Sub-Chart for APPC's embedded mySQL database +* [`OOM-775 `_] - Create Helm Chart for APPC +* [`OOM-778 `_] - Replace NFS Provisioner with configurable PV storage solution +* [`OOM-825 `_] - Apache 2 License updation for All sqls and .js file +* [`OOM-849 `_] - Policy Nexus component needs persistent volume for /sonatype-work +* [`OOM-991 `_] - Adjust SDC-BE init job timing from 10 to 30s to avoid restarts on single node systems +* [`OOM-1036 `_] - update helm from 2.7.2 to 2.8.2 wiki/rtd +* [`OOM-1063 `_] - Document Portal LoadBalancer Ingress IP Settings **Security Notes** diff --git a/docs/sections/release_notes/release-notes-casablanca.rst b/docs/sections/release_notes/release-notes-casablanca.rst index 6b857309aa..4c8b8d4cbd 100644 --- a/docs/sections/release_notes/release-notes-casablanca.rst +++ b/docs/sections/release_notes/release-notes-casablanca.rst @@ -71,8 +71,8 @@ Quick Links: Kubernetes version (1.12) - `K8S Bug Report `_ - - `OOM-1532 `_ - - `OOM-1516 `_ - - `OOM-1520 `_ + - `OOM-1532 `_ + - `OOM-1516 `_ + - `OOM-1520 `_ End of Release Notes diff --git a/docs/sections/release_notes/release-notes-dublin.rst b/docs/sections/release_notes/release-notes-dublin.rst index 7a32297210..718f34a8cb 100644 --- a/docs/sections/release_notes/release-notes-dublin.rst +++ b/docs/sections/release_notes/release-notes-dublin.rst @@ -62,9 +62,9 @@ Summary *Known Security Issues* -* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] -* Hard coded password used for all oom deployments [`OJSI-188 `_] -* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] +* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] +* Hard coded password used for all oom deployments [`OJSI-188 `_] +* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] *Known Vulnerabilities in Used Modules* diff --git a/docs/sections/release_notes/release-notes-elalto.rst b/docs/sections/release_notes/release-notes-elalto.rst index b4059028e5..d237df515d 100644 --- a/docs/sections/release_notes/release-notes-elalto.rst +++ b/docs/sections/release_notes/release-notes-elalto.rst @@ -28,7 +28,7 @@ Summary The focus of this release was on maintenance and as such no new features were delivered. -A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726 +A list of issues resolved in this release can be found here: https://lf-onap.atlassian.net/projects/OOM/versions/10726 **New Features** @@ -40,14 +40,14 @@ A list of issues resolved in this release can be found here: https://jira.onap.o The following known issues will be addressed in a future release: -* [`OOM-1480 `_] - postgres chart does not set root password when installing on an existing database instances -* [`OOM-1966 `_] - ONAP on HA Kubernetes Cluster - Documentation update -* [`OOM-1995 `_] - Mariadb Galera cluster pods keep failing -* [`OOM-2061 `_] - Details Missing for installing the kubectl section -* [`OOM-2075 `_] - Invalid MTU for Canal CNI interfaces -* [`OOM-2080 `_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes? -* [`OOM-2091 `_] - incorrect release deployed -* [`OOM-2132 `_] - Common Galera server.cnf does not contain Camunda required settings +* [`OOM-1480 `_] - postgres chart does not set root password when installing on an existing database instances +* [`OOM-1966 `_] - ONAP on HA Kubernetes Cluster - Documentation update +* [`OOM-1995 `_] - Mariadb Galera cluster pods keep failing +* [`OOM-2061 `_] - Details Missing for installing the kubectl section +* [`OOM-2075 `_] - Invalid MTU for Canal CNI interfaces +* [`OOM-2080 `_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes? +* [`OOM-2091 `_] - incorrect release deployed +* [`OOM-2132 `_] - Common Galera server.cnf does not contain Camunda required settings **Security Notes** @@ -55,9 +55,9 @@ The following known issues will be addressed in a future release: *Known Security Issues* -* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] -* Hard coded password used for all oom deployments [`OJSI-188 `_] -* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] +* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] +* Hard coded password used for all oom deployments [`OJSI-188 `_] +* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] *Known Vulnerabilities in Used Modules* diff --git a/docs/sections/release_notes/release-notes-frankfurt.rst b/docs/sections/release_notes/release-notes-frankfurt.rst index c0374a6dd8..ff1e9f18ce 100644 --- a/docs/sections/release_notes/release-notes-frankfurt.rst +++ b/docs/sections/release_notes/release-notes-frankfurt.rst @@ -55,36 +55,36 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/10826 +https://lf-onap.atlassian.net/projects/OOM/versions/10826 **Known Issues** -- `OOM-1237 `_ Source Helm Charts from +- `OOM-1237 `_ Source Helm Charts from ONAP Repo. Having helm charts repo is not possible for Frankfurt release. -- `OOM-1720 `_ galera container is +- `OOM-1720 `_ galera container is outdated. containers used for mariadb are outdated and not supported anymore. -- `OOM-1817 `_ Use of global.repository +- `OOM-1817 `_ Use of global.repository inconsistent across Helm Charts. it's then may be hard to retrieve some containers when deploying in constrained environment. -- `OOM-2075 `_ Invalid MTU for Canal CNI +- `OOM-2075 `_ Invalid MTU for Canal CNI interfaces -- `OOM-2227 `_ Cassandra Backup Mechanism +- `OOM-2227 `_ Cassandra Backup Mechanism works only on "static PV" mode. -- `OOM-2230 `_ Missing requests/limits +- `OOM-2230 `_ Missing requests/limits for some PODS. This can lead to "memory bombing" so cautious monitoring of Kubernetes resources usage must be set up. -- `OOM-2279 `_ OOM El Alto and master +- `OOM-2279 `_ OOM El Alto and master clamp mariadb resources doesn't match chart. -- `OOM-2285 `_ deploy.sh does not work +- `OOM-2285 `_ deploy.sh does not work for mariadb-galera. deploy script doesn't behave well with "-" in the component name. -- `OOM-2369 `_ DMAAP Helm install takes +- `OOM-2369 `_ DMAAP Helm install takes too long and often fails. -- `OOM-2418 `_ Readiness-check 2.0.2 not +- `OOM-2418 `_ Readiness-check 2.0.2 not working properly for stateful set. -- `OOM-2421 `_ OOM NBI chart deployment +- `OOM-2421 `_ OOM NBI chart deployment error. In some case, NBI deployment fails. -- `OOM-2422 `_ Portal App is unreachable +- `OOM-2422 `_ Portal App is unreachable when deploying without HTTPs @@ -107,21 +107,21 @@ Known Vulnerabilities Workarounds ----------- -- `OOM-1237 `_ Workaround is to generate +- `OOM-1237 `_ Workaround is to generate them as explained in documentation. -- `OOM-1817 `_ Workaround is to use +- `OOM-1817 `_ Workaround is to use offline installer if needed. -- `OOM-2227 `_ Workaround is to stick to +- `OOM-2227 `_ Workaround is to stick to "static PV" (so, not using storage class) if backup is needed. -- `OOM-2285 `_ Workaround is to use +- `OOM-2285 `_ Workaround is to use directly helm upgrade if needed. -- `OOM-2369 `_ Workaround is to play +- `OOM-2369 `_ Workaround is to play postinstall jobs by hand. -- `OOM-2418 `_ Workaround is to use +- `OOM-2418 `_ Workaround is to use version 2.2.2 in global part of override file if the new check is needed. -- `OOM-2421 `_ Workaround is to +- `OOM-2421 `_ Workaround is to undeploy/redeploy NBI. -- `OOM-2422 `_ Workaround is to create +- `OOM-2422 `_ Workaround is to create first portal app service with service type Cluster IP then changing it to NodePort or LoadBalancer so all the port are available. @@ -131,9 +131,9 @@ Security Notes **Fixed Security Issues** - In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside - of cluster. [`OJSI-134 `_] + of cluster. [`OJSI-134 `_] - CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 - [`OJSI-202 `_] + [`OJSI-202 `_] References ========== diff --git a/docs/sections/release_notes/release-notes-guilin.rst b/docs/sections/release_notes/release-notes-guilin.rst index e8fda544c2..9bb4816aab 100644 --- a/docs/sections/release_notes/release-notes-guilin.rst +++ b/docs/sections/release_notes/release-notes-guilin.rst @@ -57,30 +57,30 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/10826 +https://lf-onap.atlassian.net/projects/OOM/versions/10826 **Known Issues** -- `OOM-1237 `_ Source Helm Charts from +- `OOM-1237 `_ Source Helm Charts from ONAP Repo. Having helm charts repo is not possible for Frankfurt release. -- `OOM-1720 `_ galera container is +- `OOM-1720 `_ galera container is outdated. containers used for mariadb are outdated and not supported anymore. -- `OOM-1817 `_ Use of global.repository +- `OOM-1817 `_ Use of global.repository inconsistent across Helm Charts. it's then may be hard to retrieve some containers when deploying in constrained environment. -- `OOM-2227 `_ Cassandra Backup Mechanism +- `OOM-2227 `_ Cassandra Backup Mechanism works only on "static PV" mode. -- `OOM-2285 `_ deploy.sh does not work +- `OOM-2285 `_ deploy.sh does not work for mariadb-galera. deploy script doesn't behave well with "-" in the component name. -- `OOM-2421 `_ OOM nbi chart deployment +- `OOM-2421 `_ OOM nbi chart deployment error -- `OOM-2534 `_ Cert-Service leverages +- `OOM-2534 `_ Cert-Service leverages runtime external dependency -- `OOM-2554 `_ Common pods have java 8 -- `OOM-2588 `_ Various subcharts not +- `OOM-2554 `_ Common pods have java 8 +- `OOM-2588 `_ Various subcharts not installing due to helm size issues -- `OOM-2629 `_ NetBox demo entry setup +- `OOM-2629 `_ NetBox demo entry setup not complete @@ -104,20 +104,20 @@ Known Vulnerabilities --------------------- - Hard coded password used for all OOM deployments - [`OJSI-188 `_] + [`OJSI-188 `_] Workarounds ----------- -- `OOM-1237 `_ Workaround is to generate +- `OOM-1237 `_ Workaround is to generate them as explained in documentation. -- `OOM-1817 `_ Workaround is to use +- `OOM-1817 `_ Workaround is to use offline installer if needed. -- `OOM-2227 `_ Workaround is to stick to +- `OOM-2227 `_ Workaround is to stick to "static PV" (so, not using storage class) if backup is needed. -- `OOM-2285 `_ Workaround is to use +- `OOM-2285 `_ Workaround is to use directly helm upgrade if needed. -- `OOM-2534 `_ Workaround is to download +- `OOM-2534 `_ Workaround is to download in advance docker.io/openjdk:11-jre-slim where you will generate the charts Security Notes diff --git a/docs/sections/release_notes/release-notes-honolulu.rst b/docs/sections/release_notes/release-notes-honolulu.rst index 832ec580cc..82b694a7e9 100644 --- a/docs/sections/release_notes/release-notes-honolulu.rst +++ b/docs/sections/release_notes/release-notes-honolulu.rst @@ -67,7 +67,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11073 +https://lf-onap.atlassian.net/projects/OOM/versions/11073 major issues solved: @@ -77,29 +77,29 @@ major issues solved: **Known Issues** -- `OOM-2554 `_ Common pods have java 8 -- `OOM-2435 `_ SDNC karaf shell: +- `OOM-2554 `_ Common pods have java 8 +- `OOM-2435 `_ SDNC karaf shell: log:list: Error executing command: Unrecognized configuration -- `OOM-2629 `_ NetBox demo entry setup +- `OOM-2629 `_ NetBox demo entry setup not complete -- `OOM-2706 `_ CDS Blueprint Processor +- `OOM-2706 `_ CDS Blueprint Processor does not work with local DB -- `OOM-2713 `_ Problem on onboarding +- `OOM-2713 `_ Problem on onboarding custom cert to SDNC ONAP during deployment -- `OOM-2698 `_ SO helm override fails in +- `OOM-2698 `_ SO helm override fails in for value with multi-level replacement -- `OOM-2697 `_ SO with local MariaDB +- `OOM-2697 `_ SO with local MariaDB deployment fails -- `OOM-2538 `_ strange error with +- `OOM-2538 `_ strange error with CertInitializer template -- `OOM-2547 `_ Health Check failures +- `OOM-2547 `_ Health Check failures seen after bringing down/up control plane & worker node VM instances on which ONAP hosted -- `OOM-2699 `_ SO so-mariadb +- `OOM-2699 `_ SO so-mariadb readinessCheck fails for local MariaDB instance -- `OOM-2705 `_ SDNC DB installation fails +- `OOM-2705 `_ SDNC DB installation fails on local MariaDB instance -- `OOM-2603 `_ [SDNC] allign password for +- `OOM-2603 `_ [SDNC] allign password for scaleoutUser/restconfUser/odlUser Deliverables @@ -122,7 +122,7 @@ Known Vulnerabilities --------------------- - Hard coded password used for all OOM deployments - [`OJSI-188 `_] + [`OJSI-188 `_] - `Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages Workarounds diff --git a/docs/sections/release_notes/release-notes-istanbul.rst b/docs/sections/release_notes/release-notes-istanbul.rst index a29b1e2f2d..46eb98ed96 100644 --- a/docs/sections/release_notes/release-notes-istanbul.rst +++ b/docs/sections/release_notes/release-notes-istanbul.rst @@ -56,7 +56,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11074 +https://lf-onap.atlassian.net/projects/OOM/versions/11074 **Known Issues** @@ -84,7 +84,7 @@ Known Vulnerabilities Workarounds ----------- -- `OOM-2754 `_ +- `OOM-2754 `_ Because of *updateEndpoint* property added to *cmpv2issuer* CRD it is impossible to upgrade platform component from Honolulu to Istanbul release without manual steps. Actions that should be performed: diff --git a/docs/sections/release_notes/release-notes-jakarta.rst b/docs/sections/release_notes/release-notes-jakarta.rst index cfc57888a6..34202f765d 100644 --- a/docs/sections/release_notes/release-notes-jakarta.rst +++ b/docs/sections/release_notes/release-notes-jakarta.rst @@ -57,7 +57,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11498 +https://lf-onap.atlassian.net/projects/OOM/versions/11498 **Known Issues** @@ -84,7 +84,7 @@ Known Vulnerabilities Workarounds ----------- -- `OOM-2754 `_ +- `OOM-2754 `_ Because of *updateEndpoint* property added to *cmpv2issuer* CRD it is impossible to upgrade platform component from Istanbul to Jakarta release without manual steps. Actions that should be performed: diff --git a/docs/sections/release_notes/release-notes-kohn.rst b/docs/sections/release_notes/release-notes-kohn.rst index 66d04628c1..3c8bc04657 100644 --- a/docs/sections/release_notes/release-notes-kohn.rst +++ b/docs/sections/release_notes/release-notes-kohn.rst @@ -66,7 +66,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11499 +https://lf-onap.atlassian.net/projects/OOM/versions/11499 **Known Issues** @@ -97,7 +97,7 @@ Known Vulnerabilities --------------------- * Cassandra version needs to be updated to support new Python version - see `OOM-2900 `_ + see `OOM-2900 `_ Workarounds ----------- diff --git a/docs/sections/release_notes/release-notes-london.rst b/docs/sections/release_notes/release-notes-london.rst index 28911b8923..c48041e0c2 100644 --- a/docs/sections/release_notes/release-notes-london.rst +++ b/docs/sections/release_notes/release-notes-london.rst @@ -66,14 +66,14 @@ New features * Update of Helmcharts to use common templates and practices * Optional support for Cassandra 4.x using k8ssandra-operator -* `REQ-1349 `_ Removal of AAF. +* `REQ-1349 `_ Removal of AAF. Internal communication encryption and authorization is offered by ServiceMesh -* `REQ-1350 `_ All component must be +* `REQ-1350 `_ All component must be able to run without MSB. Component helm charts modified to use MSB optionally and test the components during Daily and Gating with and without MSB -* `REQ-1351 `_ External secure +* `REQ-1351 `_ External secure communication only via Ingress. Ingress resources created by templates and Ingress installation is described in the OOM documents @@ -81,7 +81,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11500 +https://lf-onap.atlassian.net/projects/OOM/versions/11500 **Known Issues** @@ -116,7 +116,7 @@ Known Vulnerabilities --------------------- * Cassandra version needs to be updated to support new Python version - see `OOM-2900 `_ + see `OOM-2900 `_ In London supported as option (using k8ssandra-operator), see :ref:`oom_base_optional_addons` Workarounds diff --git a/docs/sections/release_notes/release-notes-montreal.rst b/docs/sections/release_notes/release-notes-montreal.rst index aa0b84ac07..7113b5bb0c 100644 --- a/docs/sections/release_notes/release-notes-montreal.rst +++ b/docs/sections/release_notes/release-notes-montreal.rst @@ -71,7 +71,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11501 +https://lf-onap.atlassian.net/projects/OOM/versions/11501 **Known Issues** diff --git a/docs/sections/release_notes/release-notes.rst b/docs/sections/release_notes/release-notes.rst index 879f16fb4c..c09fd708fe 100644 --- a/docs/sections/release_notes/release-notes.rst +++ b/docs/sections/release_notes/release-notes.rst @@ -76,7 +76,7 @@ New features **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11502 +https://lf-onap.atlassian.net/projects/OOM/versions/11502 **Known Issues** diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index 465364b3da..bd508c57fd 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -1,6 +1,7 @@ # Copyright © 2019 Intel Corporation # Modifications Copyright © 2021 Orange # Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2024 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +18,7 @@ apiVersion: v2 name: etcd home: https://github.com/coreos/etcd -version: 13.0.0 +version: 13.0.1 appVersion: 2.2.5 description: Distributed reliable key-value store for the most critical data of a distributed system. diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index 722a27d791..c71d3295eb 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2019 Intel Corporation Inc +# Modifications Copyright © 2024 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -36,10 +37,12 @@ spec: {{ toYaml .Values.tolerations | indent 8 }} {{- end }} {{- include "common.imagePullSecrets" . | nindent 6 }} + {{ include "common.podSecurityContext" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.googleK8sRepository" . }}/{{ .Values.image }} imagePullPolicy: "{{ .Values.pullPolicy }}" + {{ include "common.containerSecurityContext" . | indent 10 | trim }} ports: - containerPort: {{ .Values.service.peerInternalPort }} name: {{ .Values.service.peerPortName }} diff --git a/kubernetes/common/etcd/values.yaml b/kubernetes/common/etcd/values.yaml index e2334eadfe..69d533c728 100644 --- a/kubernetes/common/etcd/values.yaml +++ b/kubernetes/common/etcd/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2019 Intel Corporation, Inc +# Modifications Copyright © 2024 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -35,6 +36,10 @@ nodeSelector: {} affinity: {} +securityContext: + user_id: 1000 + group_id: 1000 + # probe configuration parameters liveness: initialDelaySeconds: 90 -- cgit 1.2.3-korg