From a5bb31b95347229e400099565bedd3f6a3785c9a Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Tue, 7 Apr 2020 12:02:22 +0200 Subject: [Contrib] Authorize choice of subcomponents Instead of forcing installation of all contrib components, make the installation of these components enabled with a toggle, so each person can choose to install a subset, all or none. Issue-ID: OOM-2352 Signed-off-by: Sylvain Desbureaux Change-Id: Ie112fe1f1864587b9ac69f18967a3c28d16bdbbe --- .../netbox/charts/netbox-app/.helmignore | 21 +++ .../components/netbox/charts/netbox-app/Chart.yaml | 18 +++ .../config/configuration/configuration.py | 156 +++++++++++++++++++++ .../config/configuration/gunicorn_config.py | 8 ++ .../resources/config/configuration/ldap_config.py | 55 ++++++++ .../config/initializers/custom_fields.yml | 18 +++ .../resources/config/initializers/groups.yml | 9 ++ .../resources/config/initializers/users.yml | 9 ++ .../resources/config/provisioning/provision.sh | 136 ++++++++++++++++++ .../resources/config/startup_scripts/00_users.py | 26 ++++ .../resources/config/startup_scripts/10_groups.py | 19 +++ .../config/startup_scripts/20_custom_fields.py | 68 +++++++++ .../netbox/charts/netbox-app/templates/NOTES.txt | 33 +++++ .../charts/netbox-app/templates/configmap.yaml | 47 +++++++ .../charts/netbox-app/templates/deployment.yaml | 155 ++++++++++++++++++++ .../netbox/charts/netbox-app/templates/job.yaml | 65 +++++++++ .../netbox/charts/netbox-app/templates/pv.yaml | 40 ++++++ .../netbox/charts/netbox-app/templates/pvc.yaml | 39 ++++++ .../charts/netbox-app/templates/secrets.yaml | 34 +++++ .../charts/netbox-app/templates/service.yaml | 42 ++++++ .../netbox/charts/netbox-app/values.yaml | 115 +++++++++++++++ 21 files changed, 1113 insertions(+) create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml create mode 100644 kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml (limited to 'kubernetes/contrib/components/netbox/charts/netbox-app') diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore b/kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore new file mode 100755 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml new file mode 100755 index 0000000000..787bc4a971 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Netbox - Application (WSGI + Gunicorn) +name: netbox-app +version: 6.0.0 diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py new file mode 100755 index 0000000000..7d704ae762 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py @@ -0,0 +1,156 @@ +import os +import socket + +# For reference see http://netbox.readthedocs.io/en/latest/configuration/mandatory-settings/ +# Based on https://github.com/digitalocean/netbox/blob/develop/netbox/netbox/configuration.example.py + +# Read secret from file +def read_secret(secret_name): + try: + f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8') + except EnvironmentError: + return '' + else: + with f: + return f.readline().strip() + +BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +######################### +# # +# Required settings # +# # +######################### + +# This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write +# access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name. +# +# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local'] +ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', socket.gethostname()).split(' ') + +# PostgreSQL database configuration. +DATABASE = { + 'NAME': os.environ.get('DB_NAME', 'netbox'), # Database name + 'USER': os.environ.get('DB_USER', ''), # PostgreSQL username + 'PASSWORD': os.environ.get('DB_PASSWORD', read_secret('db_password')), + # PostgreSQL password + 'HOST': os.environ.get('DB_HOST', 'localhost'), # Database server + 'PORT': os.environ.get('DB_PORT', ''), # Database port (leave blank for default) +} + +# This key is used for secure generation of random numbers and strings. It must never be exposed outside of this file. +# For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and +# symbols. NetBox will not run without this defined. For more information, see +# https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SECRET_KEY +SECRET_KEY = os.environ.get('SECRET_KEY', read_secret('secret_key')) + +######################### +# # +# Optional settings # +# # +######################### + +# Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of +# application errors (assuming correct email settings are provided). +ADMINS = [ + # ['John Doe', 'jdoe@example.com'], +] + +# Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same +# content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. +BANNER_TOP = os.environ.get('BANNER_TOP', '') +BANNER_BOTTOM = os.environ.get('BANNER_BOTTOM', '') + +# Text to include on the login page above the login form. HTML is allowed. +BANNER_LOGIN = os.environ.get('BANNER_LOGIN', '') + +# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: +# BASE_PATH = 'netbox/' +BASE_PATH = os.environ.get('BASE_PATH', '') + +# API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be +# allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or +# CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers +CORS_ORIGIN_ALLOW_ALL = os.environ.get('CORS_ORIGIN_ALLOW_ALL', 'False').lower() == 'true' +CORS_ORIGIN_WHITELIST = os.environ.get('CORS_ORIGIN_WHITELIST', '').split(' ') +CORS_ORIGIN_REGEX_WHITELIST = [ + # r'^(https?://)?(\w+\.)?example\.com$', +] + +# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal +# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging +# on a production system. +DEBUG = os.environ.get('DEBUG', 'False').lower() == 'true' + +# Email settings +EMAIL = { + 'SERVER': os.environ.get('EMAIL_SERVER', 'localhost'), + 'PORT': int(os.environ.get('EMAIL_PORT', 25)), + 'USERNAME': os.environ.get('EMAIL_USERNAME', ''), + 'PASSWORD': os.environ.get('EMAIL_PASSWORD', read_secret('email_password')), + 'TIMEOUT': int(os.environ.get('EMAIL_TIMEOUT', 10)), # seconds + 'FROM_EMAIL': os.environ.get('EMAIL_FROM', ''), +} + +# Enforcement of unique IP space can be toggled on a per-VRF basis. +# To enforce unique IP space within the global table (all prefixes and IP addresses not assigned to a VRF), +# set ENFORCE_GLOBAL_UNIQUE to True. +ENFORCE_GLOBAL_UNIQUE = os.environ.get('ENFORCE_GLOBAL_UNIQUE', 'False').lower() == 'true' + +# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: +# https://docs.djangoproject.com/en/1.11/topics/logging/ +LOGGING = {} + +# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users +# are permitted to access most data in NetBox (excluding secrets) but not make any changes. +LOGIN_REQUIRED = os.environ.get('LOGIN_REQUIRED', 'False').lower() == 'true' + +# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: +# BASE_PATH = 'netbox/' +BASE_PATH = os.environ.get('BASE_PATH', '') + +# Setting this to True will display a "maintenance mode" banner at the top of every page. +MAINTENANCE_MODE = os.environ.get('MAINTENANCE_MODE', 'False').lower() == 'true' + +# An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g. +# "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request +# all objects by specifying "?limit=0". +MAX_PAGE_SIZE = int(os.environ.get('MAX_PAGE_SIZE', 1000)) + +# The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that +# the default value of this setting is derived from the installed location. +MEDIA_ROOT = os.environ.get('MEDIA_ROOT', os.path.join(BASE_DIR, 'media')) + +# Credentials that NetBox will use to access live devices. +NAPALM_USERNAME = os.environ.get('NAPALM_USERNAME', '') +NAPALM_PASSWORD = os.environ.get('NAPALM_PASSWORD', read_secret('napalm_password')) + +# NAPALM timeout (in seconds). (Default: 30) +NAPALM_TIMEOUT = int(os.environ.get('NAPALM_TIMEOUT', 30)) + +# NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must +# be provided as a dictionary. +NAPALM_ARGS = {} + +# Determine how many objects to display per page within a list. (Default: 50) +PAGINATE_COUNT = int(os.environ.get('PAGINATE_COUNT', 50)) + +# When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to +# prefer IPv4 instead. +PREFER_IPV4 = os.environ.get('PREFER_IPV4', 'False').lower() == 'true' + +# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of +# this setting is derived from the installed location. +REPORTS_ROOT = os.environ.get('REPORTS_ROOT', '/etc/netbox/reports') + +# Time zone (default: UTC) +TIME_ZONE = os.environ.get('TIME_ZONE', 'UTC') + +# Date/time formatting. See the following link for supported formats: +# https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date +DATE_FORMAT = os.environ.get('DATE_FORMAT', 'N j, Y') +SHORT_DATE_FORMAT = os.environ.get('SHORT_DATE_FORMAT', 'Y-m-d') +TIME_FORMAT = os.environ.get('TIME_FORMAT', 'g:i a') +SHORT_TIME_FORMAT = os.environ.get('SHORT_TIME_FORMAT', 'H:i:s') +DATETIME_FORMAT = os.environ.get('DATETIME_FORMAT', 'N j, Y g:i a') +SHORT_DATETIME_FORMAT = os.environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i') diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py new file mode 100755 index 0000000000..c7d9f7b725 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py @@ -0,0 +1,8 @@ +command = '/usr/bin/gunicorn' +pythonpath = '/opt/netbox/netbox' +bind = '0.0.0.0:{{ .Values.service.internalPort }}' +workers = 3 +errorlog = '-' +accesslog = '-' +capture_output = False +loglevel = 'debug' diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py new file mode 100755 index 0000000000..c7e0d3bee9 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py @@ -0,0 +1,55 @@ +import ldap +import os + +from django_auth_ldap.config import LDAPSearch, GroupOfNamesType + +# Server URI +AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '') + +# The following may be needed if you are binding to Active Directory. +AUTH_LDAP_CONNECTION_OPTIONS = { + ldap.OPT_REFERRALS: 0 +} + +# Set the DN and password for the NetBox service account. +AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '') +AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '') + +# Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert. +# Note that this is a NetBox-specific setting which sets: +# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) +LDAP_IGNORE_CERT_ERRORS = os.environ.get('LDAP_IGNORE_CERT_ERRORS', 'False').lower() == 'true' + +AUTH_LDAP_USER_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', ''), + ldap.SCOPE_SUBTREE, + "(sAMAccountName=%(user)s)") + +# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group +# heirarchy. +AUTH_LDAP_GROUP_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', ''), ldap.SCOPE_SUBTREE, + "(objectClass=group)") +AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() + +# Define a group required to login. +AUTH_LDAP_REQUIRE_GROUP = os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', '') + +# Define special user types using groups. Exercise great caution when assigning superuser status. +AUTH_LDAP_USER_FLAGS_BY_GROUP = { + "is_active": os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), + "is_staff": os.environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), + "is_superuser": os.environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') +} + +# For more granular permissions, we can map LDAP groups to Django groups. +AUTH_LDAP_FIND_GROUP_PERMS = os.environ.get('AUTH_LDAP_FIND_GROUP_PERMS', 'True').lower() == 'true' + +# Cache groups for one hour to reduce LDAP traffic +AUTH_LDAP_CACHE_GROUPS = os.environ.get('AUTH_LDAP_CACHE_GROUPS', 'True').lower() == 'true' +AUTH_LDAP_GROUP_CACHE_TIMEOUT = int(os.environ.get('AUTH_LDAP_CACHE_GROUPS', 3600)) + +# Populate the Django user from the LDAP directory. +AUTH_LDAP_USER_ATTR_MAP = { + "first_name": os.environ.get('AUTH_LDAP_ATTR_FIRSTNAME', 'givenName'), + "last_name": os.environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'), + "email": os.environ.get('AUTH_LDAP_ATTR_MAIL', 'mail') +} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml new file mode 100755 index 0000000000..c23e29a11d --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml @@ -0,0 +1,18 @@ +external-key: + description: "The external-key uniquely identify the resources to a service within ONAP." + filterable: true + label: ONAP external key + on_objects: + - ipam.models.IPAddress + required: true + type: text + weight: 0 +resource-name: + description: "The resource-name of the element using this IP." + filterable: true + label: ONAP resource name + on_objects: + - ipam.models.IPAddress + required: true + type: text + weight: 0 \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml new file mode 100755 index 0000000000..1f4a5a7a6e --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml @@ -0,0 +1,9 @@ +# applications: +# users: +# - technical_user +# readers: +# users: +# - reader +# writers: +# users: +# - writer diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml new file mode 100755 index 0000000000..77d330beac --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml @@ -0,0 +1,9 @@ +onap: + first_name: Steve + last_name: McQueen + email: steve.mcqueen@onap.org + password: onap123$ + api_token: onceuponatimeiplayedwithnetbox20180814 # This API KEY is used by SDNC, if you edit it, make sure to change it in the netbox.properties file + is_staff: true # whether user is admin or not, default = false + is_active: true # whether user is active, default = true + is_superuser: true # Whether user has all edit rights or not, default = false \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh new file mode 100755 index 0000000000..5db036f708 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh @@ -0,0 +1,136 @@ +#!/bin/bash + +# Create region + +echo "Create region: RegionOne" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "RegionOne", + "slug": "RegionOne" +}' + +# Create tenant group + +echo "Create tenant group: ONAP group" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "ONAP group", + "slug": "onap-group" +}' + +# Create tenant + +echo "Create tenant ONAP in ONAP group" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "ONAP", + "slug": "onap", + "group": 1, + "description": "ONAP tenant", + "comments": "Tenant for ONAP demo use cases" +}' + +# Create site + +echo "Create ONAP demo site: Montreal Lab" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "Montreal Lab D3", + "slug": "mtl-lab-d3", + "region": 1, + "tenant": 1, + "facility": "Campus", + "time_zone": "Canada/Atlantic", + "description": "Site hosting the ONAP use cases", + "physical_address": "1 Graham Bell", + "shipping_address": "1 Graham Bell", + "contact_name": "Alexis", + "contact_phone": "0000000000", + "contact_email": "adetalhouet89@gmail.com", + "comments": "ONAP lab" +}' + +# Create prefixes + +echo "Create Prefix for vFW protected network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "{{ .Values.service.private2 }}", + "site": 1, + "tenant": 1, + "is_pool": false, + "description": "IP Pool for private network 2" +}' + +echo "Create Prefix for vFW unprotected network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "{{ .Values.service.private1 }}", + "site": 1, + "tenant": 1, + "is_pool": false, + "description": "IP Pool for private network 1" +}' + +echo "Create Prefix for ONAP general purpose network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "{{ .Values.service.management }}", + "site": 1, + "tenant": 1, + "is_pool": false, + "description": "IP Pool for ONAP - general purpose" +}' + +# Reserve ports, gateway and dhcp, for each protected and unprotected networks. + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py new file mode 100755 index 0000000000..7626058357 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py @@ -0,0 +1,26 @@ +from django.contrib.auth.models import Group, User +from users.models import Token + +from ruamel.yaml import YAML + +with open('/opt/netbox/initializers/users.yml', 'r') as stream: + yaml=YAML(typ='safe') + users = yaml.load(stream) + + if users is not None: + for username, user_details in users.items(): + if not User.objects.filter(username=username): + user = User.objects.create_user( + username = username, + password = user_details.get('password', 0) or User.objects.make_random_password, + is_staff = user_details.get('is_staff', 0) or false, + is_superuser = user_details.get('is_superuser', 0) or false, + is_active = user_details.get('is_active', 0) or true, + first_name = user_details.get('first_name', 0), + last_name = user_details.get('last_name', 0), + email = user_details.get('email', 0)) + + print("👤 Created user ",username) + + if user_details.get('api_token', 0): + Token.objects.create(user=user, key=user_details['api_token']) \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py new file mode 100755 index 0000000000..7932874704 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py @@ -0,0 +1,19 @@ +from django.contrib.auth.models import Group, User +from ruamel.yaml import YAML + +with open('/opt/netbox/initializers/groups.yml', 'r') as stream: + yaml=YAML(typ='safe') + groups = yaml.load(stream) + + if groups is not None: + for groupname, group_details in groups.items(): + group, created = Group.objects.get_or_create(name=groupname) + + if created: + print("👥 Created group", groupname) + + for username in group_details['users']: + user = User.objects.get(username=username) + + if user: + user.groups.add(group) diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py new file mode 100755 index 0000000000..5c40e37bf2 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py @@ -0,0 +1,68 @@ +from extras.constants import CF_TYPE_TEXT, CF_TYPE_INTEGER, CF_TYPE_BOOLEAN, CF_TYPE_DATE, CF_TYPE_URL, CF_TYPE_SELECT +from extras.models import CustomField, CustomFieldChoice + +from ruamel.yaml import YAML + +text_to_fields = { + 'boolean': CF_TYPE_BOOLEAN, + 'date': CF_TYPE_DATE, + 'integer': CF_TYPE_INTEGER, + 'selection': CF_TYPE_SELECT, + 'text': CF_TYPE_TEXT, + 'url': CF_TYPE_URL, +} + +def get_class_for_class_path(class_path): + import importlib + from django.contrib.contenttypes.models import ContentType + + module_name, class_name = class_path.rsplit(".", 1) + module = importlib.import_module(module_name) + clazz = getattr(module, class_name) + return ContentType.objects.get_for_model(clazz) + +with open('/opt/netbox/initializers/custom_fields.yml', 'r') as stream: + yaml = YAML(typ='safe') + customfields = yaml.load(stream) + + if customfields is not None: + for cf_name, cf_details in customfields.items(): + custom_field, created = CustomField.objects.get_or_create(name = cf_name) + + if created: + if cf_details.get('default', 0): + custom_field.default = cf_details['default'] + + if cf_details.get('description', 0): + custom_field.description = cf_details['description'] + + if cf_details.get('filterable', 0): + custom_field.is_filterables = cf_details['filterable'] + + if cf_details.get('label', 0): + custom_field.label = cf_details['label'] + + for object_type in cf_details.get('on_objects', []): + custom_field.obj_type.add(get_class_for_class_path(object_type)) + + if cf_details.get('required', 0): + custom_field.required = cf_details['required'] + + if cf_details.get('type', 0): + custom_field.type = text_to_fields[cf_details['type']] + + if cf_details.get('weight', 0): + custom_field.weight = cf_details['weight'] + + custom_field.save() + + for choice_details in cf_details.get('choices', []): + choice = CustomFieldChoice.objects.create( + field=custom_field, + value=choice_details['value']) + + if choice_details.get('weight', 0): + choice.weight = choice_details['weight'] + choice.save() + + print("🔧 Created custom field", cf_name) diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt new file mode 100755 index 0000000000..e70c418864 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.fullname" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml new file mode 100755 index 0000000000..f785478e1b --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-provisioning-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/provisioning/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configuration-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/configuration/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-initializers-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/initializers/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-startupscripts-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/startup_scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml new file mode 100755 index 0000000000..16c592f48a --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml @@ -0,0 +1,155 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ .Values.repository }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-pass + key: DB_PASSWORD + - name: EMAIL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-pass + key: EMAIL_PASSWORD + - name: NAPALM_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-pass + key: NAPALM_PASSWORD + - name: SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-pass + key: SECRET_KEY + - name: SUPERUSER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-pass + key: SUPERUSER_PASSWORD + - name: SUPERUSER_API_TOKEN + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-pass + key: SUPERUSER_API_TOKEN + - name: ALLOWED_HOSTS + value: {{ .Values.config.allowedHosts | quote }} + - name: DB_NAME + value: {{ .Values.config.dbName }} + - name: DB_USER + value: {{ .Values.config.dbUser }} + - name: DB_HOST + value: {{ .Values.config.dbHost }} + - name: EMAIL_SERVER + value: {{ .Values.config.emailServer }} + - name: EMAIL_PORT + value: {{ .Values.config.emailPort | quote }} + - name: EMAIL_USERNAME + value: {{ .Values.config.emailUsername }} + - name: EMAIL_TIMEOUT + value: {{ .Values.config.emailTimeout | quote }} + - name: EMAIL_FROM + value: {{ .Values.config.emailFrom }} + - name: MEDIA_ROOT + value: {{ .Values.config.mediaRoot }} + - name: NAPALM_USERNAME + value: {{ .Values.config.napalmUsername }} + - name: NAPALM_TIMEOUT + value: {{ .Values.config.napalmTimeout | quote }} + - name: MAX_PAGE_SIZE + value: {{ .Values.config.maxPageSize | quote }} + - name: SUPERUSER_NAME + value: {{ .Values.config.superuserName }} + - name: SUPERUSER_EMAIL + value: {{ .Values.config.superuserEmail }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/netbox/startup_scripts + name: {{ include "common.fullname" . }}-startupscripts-config + - mountPath: /opt/netbox/initializers + name: {{ include "common.fullname" . }}-initializers-config + - mountPath: /etc/netbox/config + name: {{ include "common.fullname" . }}-configuration-config + - name: {{ include "common.fullname" . }} + mountPath: /opt/netbox/netbox/static + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }} + persistentVolumeClaim: + claimName: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }} + - name: {{ include "common.fullname" . }}-startupscripts-config + configMap: + name: {{ include "common.fullname" . }}-startupscripts-configmap + - name: {{ include "common.fullname" . }}-initializers-config + configMap: + name: {{ include "common.fullname" . }}-initializers-configmap + - name: {{ include "common.fullname" . }}-configuration-config + configMap: + name: {{ include "common.fullname" . }}-configuration-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml new file mode 100644 index 0000000000..f4002773fd --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml @@ -0,0 +1,65 @@ +# Copyright © 2018 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-provisioning + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 5 + template: + metadata: + labels: + app: {{ include "common.name" . }}-provisioning-job + release: {{ include "common.release" . }} + spec: + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - netbox-app + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }}-provisioning-job + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + volumeMounts: + - name: {{ include "common.fullname" . }}-provisioning + mountPath: /tmp + command: + - /bin/bash + - ./tmp/provision.sh + volumes: + - name: {{ include "common.fullname" . }}-provisioning + configMap: + name: {{ include "common.fullname" . }}-provisioning-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Never diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml new file mode 100755 index 0000000000..a61217fb94 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if not .Values.persistence.storageClass -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}/app +{{- end -}} +{{- end -}} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml new file mode 100755 index 0000000000..7e25a0f1ef --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + {{- if .Values.persistence.annotations }} + annotations: +{{ .Values.persistence.annotations | indent 4 }} + {{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml new file mode 100755 index 0000000000..c06bc5a333 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2018 Bell Canada, Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-pass + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +type: Opaque +data: + DB_PASSWORD: {{ .Values.config.dbPassword | b64enc | quote }} + EMAIL_PASSWORD: {{ .Values.config.emailPassword | b64enc | quote }} + NAPALM_PASSWORD: {{ .Values.config.napalmPassword | b64enc | quote }} + SECRET_KEY: {{ .Values.config.secretKey | b64enc | quote }} + SUPERUSER_PASSWORD: {{ .Values.config.superuserPassword | b64enc | quote }} + SUPERUSER_API_TOKEN: {{ .Values.config.superuserAPIToken | b64enc | quote }} \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml new file mode 100755 index 0000000000..74d1116f50 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + name: {{ include "common.name" . }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + name: {{ include "common.name" . }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml new file mode 100755 index 0000000000..ddfdc4b976 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml @@ -0,0 +1,115 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +global: # global defaults + nodePortPrefixExt: 304 + persistence: {} + +config: + # Secrets configuration values + dbPassword: J5brHrAXFLQSif0K + emailPassword: password + napalmPassword: password + secretKey: r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj + superuserPassword: admin + superuserAPIToken: 0123456789abcdef0123456789abcdef01234567 + + # Remaining environment configuration values + allowedHosts: "*" + dbName: netbox + dbUser: netbox + dbHost: netbox-postgres + emailServer: localhost + emailPort: 25 + emailUsername: netbox + emailTimeout: 5 + emailFrom: netbox@bar.com + mediaRoot: /opt/netbox/netbox/media + napalmUsername: napalm + napalmTimeout: 10 + maxPageSize: 0 + superuserName: admin + superuserEmail: admin@onap.org + +repository: netboxcommunity +image: netbox:v2.5.8 + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +service: + type: ClusterIP + name: netbox-app + externalPort: 8001 + internalPort: 8001 + portName: netbox-app + + # The following subnet pool will be + # configured in Netbox by provisioning script. + private1: 192.168.10.0/24 + private2: 192.168.20.0/24 + management: 10.0.101.0/24 + +ingress: + enabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 100Mi + + # Uncomment the storageClass parameter to use an existing PV + # that will match the following class. + # When uncomment the storageClass, the PV is not created anymore. + + # storageClass: "nfs-dev-sc" + + staticPvName: netbox-static + + # When using storage class, mountPath and mountSubPath are + # simply ignored. + + mountPath: /dockerdata-nfs + mountSubPath: netbox/app + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +resources: {} -- cgit 1.2.3-korg