From e4e81e7362308164e032f6b932dc326ad44178fb Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 9 Apr 2018 10:14:32 -0700 Subject: Adding Quorum client sub chart for sms SMS uses vault for its backend which needs an unseal operation to proceed. Quorumclient provides the unseal operation via 3 replicas that store each unseal shard and provide it during unseal. Issue-ID: AAF-255 Change-Id: I62db7a450e1e81aa6bfb2cc5b9da29ce99efd24b Signed-off-by: Kiran Kamineni --- kubernetes/aaf/charts/aaf-sms/Chart.yaml | 18 ++++ .../aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml | 18 ++++ .../aaf-sms-quorumclient/templates/configmap.yaml | 27 +++++ .../charts/aaf-sms-quorumclient/templates/pv.yaml | 37 +++++++ .../charts/aaf-sms-quorumclient/templates/pvc.yaml | 48 +++++++++ .../templates/statefulset.yaml | 70 +++++++++++++ .../charts/aaf-sms-quorumclient/values.yaml | 83 +++++++++++++++ .../charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml | 19 ++++ .../charts/aaf-sms-vault/templates/configmap.yaml | 41 ++++++++ .../aaf-sms/charts/aaf-sms-vault/templates/pv.yaml | 37 +++++++ .../charts/aaf-sms-vault/templates/pvc.yaml | 48 +++++++++ .../charts/aaf-sms-vault/templates/service.yaml | 39 ++++++++ .../aaf-sms-vault/templates/statefulset.yaml | 78 +++++++++++++++ .../aaf-sms/charts/aaf-sms-vault/values.yaml | 111 +++++++++++++++++++++ .../aaf/charts/aaf-sms/templates/configmap.yaml | 27 +++++ .../aaf/charts/aaf-sms/templates/deployment.yaml | 83 +++++++++++++++ kubernetes/aaf/charts/aaf-sms/templates/pv.yaml | 37 +++++++ kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml | 48 +++++++++ .../aaf/charts/aaf-sms/templates/service.yaml | 39 ++++++++ kubernetes/aaf/charts/aaf-sms/values.yaml | 105 +++++++++++++++++++ 20 files changed, 1013 insertions(+) create mode 100644 kubernetes/aaf/charts/aaf-sms/Chart.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/templates/pv.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/templates/service.yaml create mode 100644 kubernetes/aaf/charts/aaf-sms/values.yaml (limited to 'kubernetes/aaf/charts/aaf-sms') diff --git a/kubernetes/aaf/charts/aaf-sms/Chart.yaml b/kubernetes/aaf/charts/aaf-sms/Chart.yaml new file mode 100644 index 0000000000..71418759fb --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Secret Management Service +name: aaf-sms +version: 2.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml new file mode 100644 index 0000000000..4e279e7ced --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Secret Management Service Quorum Client +name: aaf-sms-quorumclient +version: 2.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml new file mode 100644 index 0000000000..cacc368df1 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config | toJson }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml new file mode 100644 index 0000000000..da0949816e --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml new file mode 100644 index 0000000000..e6aacd1b96 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml new file mode 100644 index 0000000000..483d6c5f17 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -0,0 +1,70 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/quorumclient/bin/quorumclient"] + workingDir: /quorumclient/ + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /quorumclient/config.json + name: {{ include "common.name" .}} + subPath: config.json + - mountPath: /quorumclient/auth + name: {{ include "common.fullname" . }}-auth + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-auth + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml new file mode 100644 index 0000000000..d09d492137 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -0,0 +1,83 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.1 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/smsquorumclient +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + url: "http://aaf-sms:10443" + cafile: "selfsignedca.pem" + clientcert: "server.cert" + clientkey: "server.key" + timeout: "60s" + disable_tls: true + +# default number of instances +replicaCount: 3 + +nodeSelector: {} + +affinity: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + mountSubPath: sms/quorum/data + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml new file mode 100644 index 0000000000..3f0b93ea0e --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart to launch Vault as SMS backend +name: aaf-sms-vault +appVersion: 0.9.5 +version: 2.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml new file mode 100644 index 0000000000..daf8cadc46 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml @@ -0,0 +1,41 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-vault + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.vault | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-consul + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.consul | toJson }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml new file mode 100644 index 0000000000..da0949816e --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml new file mode 100644 index 0000000000..e6aacd1b96 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml new file mode 100644 index 0000000000..04e9a5a92f --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.portName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml new file mode 100644 index 0000000000..26f03044ac --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -0,0 +1,78 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["vault","server","-config","/vault/config/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + volumeMounts: + - mountPath: /vault/config/config.json + name: {{ include "common.fullname" . }}-vault + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + + - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" + name: {{ include "common.name" . }}-backend + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["consul","agent","-server","-client","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"] + ports: + - name: http + containerPort: 8500 + volumeMounts: + - mountPath: /consul/data + name: {{ include "common.fullname" . }}-consuldata + - mountPath: /consul/config/config.json + name: {{ include "common.fullname" . }}-consulconfiguration + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + volumes: + - name: {{ include "common.fullname" . }}-consuldata + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-consulconfiguration + configMap: + name: {{ include "common.fullname" . }}-consul + - name: {{ include "common.fullname" . }}-vault + configMap: + name: {{ include "common.fullname" . }}-vault + - name: localtime + hostPath: + path: /etc/localtime + diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml new file mode 100644 index 0000000000..07b8c33226 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -0,0 +1,111 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + persistence: {} + +# application image +repository: docker.io +image: + consul: consul:1.0.6 + vault: vault:0.10.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + consul: + server: true + log_level: INFO + server: true + data_dir: '/consul/data' + ports: + http: 8500 + https: -1 + + vault: + storage: + consul: + address: localhost:8500 + path: smsvault + listener: + tcp: + address: '[::]:8200' + tls_disable: true + disable_mlock: true + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/consul/data + +service: + type: NodePort + name: aaf-sms-db + portName: aaf-sms-db + internalPort: 8200 + nodePort: 44 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml new file mode 100644 index 0000000000..72ce6fbadb --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + smsconfig.json: | + {{ .Values.config | toJson }} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml new file mode 100644 index 0000000000..4235ad01af --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml @@ -0,0 +1,83 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/sms/bin/sms"] + workingDir: /sms/ + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /sms/smsconfig.json + name: {{ include "common.name" .}} + subPath: smsconfig.json + - mountPath: /sms/auth + name: {{ include "common.fullname" . }}-auth + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-auth + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml new file mode 100644 index 0000000000..37ed28ee9d --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml new file mode 100644 index 0000000000..e6aacd1b96 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml b/kubernetes/aaf/charts/aaf-sms/templates/service.yaml new file mode 100644 index 0000000000..18334a301c --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.PortName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml new file mode 100644 index 0000000000..cd3253941d --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -0,0 +1,105 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/sms +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + smsdbaddress: "http://aaf-sms-db:8200" + cafile: "/sms/auth/selfsignedca.pem" + servercert: "/sms/auth/server.cert" + serverkey: "/sms/auth/server.key" + disable_tls: true + +# subchart configuration +vault: + nameOverride: smsdb + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 20 + +service: + type: NodePort + name: aaf-sms + portName: aaf-sms + internalPort: 10443 + nodePort: 43 + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/auth + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi -- cgit 1.2.3-korg