From f6c0855f03b99fcca9f411370221fe9ffa48e889 Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Tue, 23 Jan 2018 11:04:43 -0500 Subject: Do not cache host resolution in DCAEGEN2 nginx MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit And fix DNS Designate proxy setup Change-Id: I46c265ba8f66f81503b8cdc8c0f90f9e5956da86 Issue-ID: OOM-608 Signed-off-by: Alexis de Talhouët --- .../src/config/dcaegen2/heat/DCAE-openrc-v2.sh | 34 ++++++++++++++++++ .../src/config/dcaegen2/heat/DCAE-openrc-v3.sh | 41 ++++++++++++++++++++++ .../init/src/config/dcaegen2/heat/DNS-openrc-v2.sh | 34 ++++++++++++++++++ .../init/src/config/dcaegen2/heat/DNS-openrc-v3.sh | 41 ++++++++++++++++++++++ .../init/src/config/dcaegen2/heat/OOM-openrc-v2.sh | 34 ------------------ .../init/src/config/dcaegen2/heat/OOM-openrc-v3.sh | 41 ---------------------- .../init/src/config/dcaegen2/heat/entrypoint.sh | 16 ++++++--- .../init/src/config/dcaegen2/heat/onap_dcae.env | 26 +++++++------- .../nginx/config/aai-service.onap.org.conf | 9 +++-- .../dcaegen2/nginx/config/dmaap.onap.org.conf | 7 +++- .../dcaegen2/nginx/config/open.onap.org.conf | 29 ++++++++++++++- .../config/dcaegen2/nginx/config/pdp.onap.org.conf | 7 +++- .../dcaegen2/nginx/config/sdc-be.onap.org.conf | 7 +++- kubernetes/dcaegen2/templates/nginx-service.yaml | 4 +++ kubernetes/multicloud/values.yaml | 4 ++- 15 files changed, 235 insertions(+), 99 deletions(-) create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh delete mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh delete mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh new file mode 100755 index 0000000000..108a3ce290 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other +# OpenStack API is version 2.0. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=DCAE_OS_KEYSTONE_URL_HERE/v2.0 +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=DCAE_OS_TENANT_ID_HERE +export OS_TENANT_NAME="DCAE_OS_TENANT_NAME_HERE" +# unsetting v3 items in case set +unset OS_PROJECT_ID +unset OS_PROJECT_NAME +unset OS_USER_DOMAIN_NAME +unset OS_INTERFACE +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME="DCAE_OS_USERNAME_HERE" +# With Keystone you pass the keystone password. +export OS_PASSWORD=DCAE_OS_PASSWORD_HERE +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="DCAE_OS_REGION_HERE" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi +export OS_ENDPOINT_TYPE=publicURL +export OS_IDENTITY_API_VERSION=2 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh new file mode 100755 index 0000000000..026f3f0a04 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other +# OpenStack API is version 3. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=DCAE_OS_KEYSTONE_URL_HERE/v3 + +# With the addition of Keystone we have standardized on the term **project** +# as the entity that owns the resources. +export OS_PROJECT_ID=DCAE_OS_TENANT_ID_HERE +export OS_PROJECT_NAME="DCAE_OS_TENANT_NAME_HERE" +export OS_USER_DOMAIN_NAME="Default" +if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi + +# unset v2.0 items in case set +unset OS_TENANT_ID +unset OS_TENANT_NAME + +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME="DCAE_OS_USERNAME_HERE" + +# With Keystone you pass the keystone password. +export OS_PASSWORD=DCAE_OS_PASSWORD_HERE + +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="DCAE_OS_REGION_HERE" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi + +export OS_INTERFACE=public +export OS_IDENTITY_API_VERSION=3 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh new file mode 100755 index 0000000000..9c9e3f0634 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other +# OpenStack API is version 2.0. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=DNSAAS_KEYSTONE_URL_HERE/v2.0 +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=DNSAAS_TENANT_ID_HERE +export OS_TENANT_NAME="DNSAAS_TENANT_NAME_HERE" +# unsetting v3 items in case set +unset OS_PROJECT_ID +unset OS_PROJECT_NAME +unset OS_USER_DOMAIN_NAME +unset OS_INTERFACE +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME="DNSAAS_USERNAME_HERE" +# With Keystone you pass the keystone password. +export OS_PASSWORD=DNSAAS_PASSWORD_HERE +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="DNSAAS_REGION_HERE" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi +export OS_ENDPOINT_TYPE=publicURL +export OS_IDENTITY_API_VERSION=2 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh new file mode 100755 index 0000000000..eebf8357e1 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other +# OpenStack API is version 3. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=DNSAAS_KEYSTONE_URL_HERE/v3 + +# With the addition of Keystone we have standardized on the term **project** +# as the entity that owns the resources. +export OS_PROJECT_ID=DNSAAS_TENANT_ID_HERE +export OS_PROJECT_NAME="DNSAAS_TENANT_NAME_HERE" +export OS_USER_DOMAIN_NAME="Default" +if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi + +# unset v2.0 items in case set +unset OS_TENANT_ID +unset OS_TENANT_NAME + +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME="DNSAAS_USERNAME_HERE" + +# With Keystone you pass the keystone password. +export OS_PASSWORD=DNSAAS_PASSWORD_HERE + +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="DNSAAS_REGION_HERE" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi + +export OS_INTERFACE=public +export OS_IDENTITY_API_VERSION=3 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh deleted file mode 100755 index 3313ef6793..0000000000 --- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash -# To use an OpenStack cloud you need to authenticate against the Identity -# service named keystone, which returns a **Token** and **Service Catalog**. -# The catalog contains the endpoints for all services the user/tenant has -# access to - such as Compute, Image Service, Identity, Object Storage, Block -# Storage, and Networking (code-named nova, glance, keystone, swift, -# cinder, and neutron). -# -# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other -# OpenStack API is version 2.0. For example, your cloud provider may implement -# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is -# only for the Identity API served through keystone. -export OS_AUTH_URL=OPENSTACK_KEYSTONE_IP_HERE/v2.0 -# With the addition of Keystone we have standardized on the term **tenant** -# as the entity that owns the resources. -export OS_TENANT_ID=OPENSTACK_TENANT_ID_HERE -export OS_TENANT_NAME="OPENSTACK_TENANT_NAME_HERE" -# unsetting v3 items in case set -unset OS_PROJECT_ID -unset OS_PROJECT_NAME -unset OS_USER_DOMAIN_NAME -unset OS_INTERFACE -# In addition to the owning entity (tenant), OpenStack stores the entity -# performing the action as the **user**. -export OS_USERNAME="OPENSTACK_USERNAME_HERE" -# With Keystone you pass the keystone password. -export OS_PASSWORD=OPENSTACK_PASSWORD_HERE -# If your configuration has multiple regions, we set that information here. -# OS_REGION_NAME is optional and only valid in certain environments. -export OS_REGION_NAME="OPENSTACK_REGION_HERE" -# Don't leave a blank variable, unset it if it was empty -if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi -export OS_ENDPOINT_TYPE=publicURL -export OS_IDENTITY_API_VERSION=2 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh deleted file mode 100755 index f8d0967fc3..0000000000 --- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env bash - -# To use an OpenStack cloud you need to authenticate against the Identity -# service named keystone, which returns a **Token** and **Service Catalog**. -# The catalog contains the endpoints for all services the user/tenant has -# access to - such as Compute, Image Service, Identity, Object Storage, Block -# Storage, and Networking (code-named nova, glance, keystone, swift, -# cinder, and neutron). -# -# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other -# OpenStack API is version 3. For example, your cloud provider may implement -# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is -# only for the Identity API served through keystone. -export OS_AUTH_URL=OPENSTACK_KEYSTONE_IP_HERE/v3 - -# With the addition of Keystone we have standardized on the term **project** -# as the entity that owns the resources. -export OS_PROJECT_ID=OPENSTACK_TENANT_ID_HERE -export OS_PROJECT_NAME="OPENSTACK_TENANT_NAME_HERE" -export OS_USER_DOMAIN_NAME="Default" -if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi - -# unset v2.0 items in case set -unset OS_TENANT_ID -unset OS_TENANT_NAME - -# In addition to the owning entity (tenant), OpenStack stores the entity -# performing the action as the **user**. -export OS_USERNAME="OPENSTACK_USERNAME_HERE" - -# With Keystone you pass the keystone password. -export OS_PASSWORD=OPENSTACK_PASSWORD_HERE - -# If your configuration has multiple regions, we set that information here. -# OS_REGION_NAME is optional and only valid in certain environments. -export OS_REGION_NAME="OPENSTACK_REGION_HERE" -# Don't leave a blank variable, unset it if it was empty -if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi - -export OS_INTERFACE=public -export OS_IDENTITY_API_VERSION=3 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh index 85c5ee2b13..bbf47a9bac 100755 --- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh @@ -130,12 +130,12 @@ mv ./kubectl /usr/local/bin/kubectl # Get the Kubernetes Node IP hosting the DCAE NGINX pod NODE_IP=`kubectl get services dcaegen2 -o jsonpath='{.status.loadBalancer.ingress[0].ip}'` -# # Source OpenStack parameters -if [ "OPENSTACK_API_VERSION_HERE" = "v2.0" ] +# Source OpenStack parameters to deploy DCAE +if [ "DCAE_OS_API_VERSION_HERE" = "v2.0" ] then - source /opt/heat/OOM-openrc-v2.sh + source /opt/heat/DCAE-openrc-v2.sh else - source /opt/heat/OOM-openrc-v3.sh + source /opt/heat/DCAE-openrc-v3.sh fi # Create stasck if doens't exist @@ -153,6 +153,14 @@ then sed -i -e "s/DCAE_CONTROLLER_IP_HERE/$DCAE_CONTROLLER_IP/g" /opt/robot/vm_properties.py; fi +# Source OpenStack parameters for DNS Designate +if [ "DNSAAS_API_VERSION_HERE" = "v2.0" ] +then + source /opt/heat/DNS-openrc-v2.sh +else + source /opt/heat/DNS-openrc-v3.sh +fi + configure_dns_designate monitor_nginx_node_ip \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env index 363de40526..6b7caadbf3 100644 --- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env @@ -6,19 +6,19 @@ parameters: # # ############################################## - public_net_id: OPENSTACK_PUBLIC_NET_ID_HERE + public_net_id: DCAE_OS_PUBLIC_NET_ID_HERE - public_net_name: OPENSTACK_PUBLIC_NET_NAME_HERE + public_net_name: DCAE_OS_PUBLIC_NET_NAME_HERE ubuntu_1404_image: UBUNTU_14_IMAGE_NAME_HERE ubuntu_1604_image: UBUNTU_16_IMAGE_NAME_HERE - flavor_small: OPENSTACK_FLAVOUR_SMALL_HERE + flavor_small: OPENSTACK_FLAVOR_SMALL_HERE - flavor_medium: OPENSTACK_FLAVOUR_MEDIUM_HERE + flavor_medium: OPENSTACK_FLAVOR_MEDIUM_HERE - flavor_large: OPENSTACK_FLAVOUR_LARGE_HERE + flavor_large: OPENSTACK_FLAVOR_LARGE_HERE vm_base_name: DCAE_VM_BASE_NAME_HERE @@ -36,17 +36,17 @@ parameters: artifacts_version: DEMO_ARTIFACTS_VERSION_HERE - openstack_tenant_id: OPENSTACK_TENANT_ID_HERE + openstack_tenant_id: DCAE_OS_TENANT_ID_HERE - openstack_tenant_name: OPENSTACK_TENANT_NAME_HERE + openstack_tenant_name: DCAE_OS_TENANT_NAME_HERE - openstack_username: OPENSTACK_USERNAME_HERE + openstack_username: DCAE_OS_USERNAME_HERE - openstack_api_key: OPENSTACK_PASSWORD_HERE + openstack_api_key: DCAE_OS_PASSWORD_HERE - openstack_region: OPENSTACK_REGION_HERE + openstack_region: DCAE_OS_REGION_HERE - keystone_url: OPENSTACK_KEYSTONE_IP_HERE + keystone_url: DCAE_OS_KEYSTONE_URL_HERE cloud_env: openstack @@ -59,7 +59,7 @@ parameters: dns_list: DNS_LIST_HERE external_dns: EXTERNAL_DNS_HERE dns_forwarder: DNS_FORWARDER_HERE - oam_network_cidr: NETWORK_CIDR_WITH_ONAP_ROUTE_HERE + oam_network_cidr: DCAE_OS_OAM_NETWORK_CIDR_HERE ### Private IP addresses ### @@ -85,7 +85,7 @@ parameters: dnsaas_tenant_name: DNSAAS_TENANT_NAME_HERE dnsaas_username: DNSAAS_USERNAME_HERE dnsaas_password: DNSAAS_PASSWORD_HERE - dcae_keystone_url: DCAE_KEYSTONE_URL_HERE + dcae_keystone_url: DCAE_FINAL_KEYSTONE_URL_HERE dcae_centos_7_image: OPENSTACK_CENTOS_7_IMAGE_HERE dcae_domain: DCAE_DOMAIN_HERE dcae_public_key: OPENSTACK_PUB_KEY_HERE diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf index 9cfb221771..4670f35ec3 100644 --- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf @@ -8,12 +8,17 @@ server { server_name *.aai.simpledemo.onap.org; + resolver KUBE_DNS_IP_HERE valid=1s; + + set $backend https://aai-service.onap-aai.svc.cluster.local:8443; + location / { - proxy_pass https://aai-service.onap-aai:8443/; + rewrite ^/(.*) /$1 break; + proxy_pass $backend; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; } ssl_certificate /etc/certs/aai-service.onap.org.pem; ssl_certificate_key /etc/certs/aai-service.onap.org.key; -} +} \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf index 1015a22063..e9c38d5895 100644 --- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf @@ -8,8 +8,13 @@ server { server_name *.mr.simpledemo.onap.org; + resolver KUBE_DNS_IP_HERE valid=1s; + + set $backend http://dmaap.onap-message-router.svc.cluster.local:3904; + location / { - proxy_pass http://dmaap.onap-message-router:3904/; + rewrite ^/(.*) /$1 break; + proxy_pass $backend; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "http"; } diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf index ed62a32f20..de4d04321f 100644 --- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf @@ -8,10 +8,37 @@ server { server_name *.openo.simpledemo.onap.org; + resolver KUBE_DNS_IP_HERE valid=1s; + + set $backend http://msb-iag.onap-msb.svc.cluster.local:80; + location / { - proxy_pass http://msb-iag.onap-msb:80/; + rewrite ^/(.*) /$1 break; + proxy_pass $backend; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "http"; } } +server { + listen 9005 ; + listen [::]:9005 ; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name *.openo.simpledemo.onap.org; + + resolver KUBE_DNS_IP_HERE valid=1s; + + set $backend http://multicloud-windriver.onap-multicloud.svc.cluster.local:9005; + + location / { + rewrite ^/(.*) /$1 break; + proxy_pass $backend; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto "http"; + } + +} \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf index 2bbff5c6d4..72fe7be134 100644 --- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf @@ -8,8 +8,13 @@ server { server_name *.policy.simpledemo.onap.org; + resolver KUBE_DNS_IP_HERE valid=1s; + + set $backend http://pdp.onap-policy.svc.cluster.local:8081; + location / { - proxy_pass http://pdp.onap-policy:8081/; + rewrite ^/(.*) /$1 break; + proxy_pass $backend; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "http"; } diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf index 7f15044a97..0be9355b6d 100644 --- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf @@ -8,8 +8,13 @@ server { server_name *.sdc.simpledemo.onap.org; + resolver KUBE_DNS_IP_HERE valid=1s; + + set $backend https://sdc-be.onap-sdc.svc.cluster.local:8443; + location / { - proxy_pass https://sdc-be.onap-sdc:8443/; + rewrite ^/(.*) /$1 break; + proxy_pass $backend; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; } diff --git a/kubernetes/dcaegen2/templates/nginx-service.yaml b/kubernetes/dcaegen2/templates/nginx-service.yaml index 68fe058f89..21dbb04b14 100644 --- a/kubernetes/dcaegen2/templates/nginx-service.yaml +++ b/kubernetes/dcaegen2/templates/nginx-service.yaml @@ -28,6 +28,10 @@ spec: port: 80 targetPort: 80 nodePort: 30604 + - name: multicloud-tinanium + port: 9005 + targetPort: 9005 + nodePort: 30605 selector: app: nginx type: LoadBalancer diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 2431d0a69d..27f1c2f5c9 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -9,5 +9,7 @@ image: windriver: nexus3.onap.org:10001/onap/multicloud/openstack-windriver:v1.0.0 # domain name of msb gateway -msbgateway: msb-iag.onap-msb +# It needs to be a FQDN because DCAE will have to +# resolve this to be able to use the proxy DNS setup +msbgateway: msb.api.simpledemo.onap.org msbPort: 80 \ No newline at end of file -- cgit 1.2.3-korg