From a4535c94d838cd0d784fd14ff8497be878c81176 Mon Sep 17 00:00:00 2001 From: Vijay Venkatesh Kumar Date: Fri, 2 Aug 2019 01:45:23 +0000 Subject: dcae el-alto earlydrop updates with released tag Following patches into staging are included with corresponding released image tag https://gerrit.onap.org/r/#/c/oom/+/91759/ https://gerrit.onap.org/r/#/c/oom/+/91832/ https://gerrit.onap.org/r/#/c/oom/+/90603/ https://gerrit.onap.org/r/#/c/oom/+/92569/ Change-Id: I369b8a3cb25476e466e61b6b23d3034f17a461b6 Signed-off-by: Vijay Venkatesh Kumar Issue-ID: DCAEGEN2-1318 Issue-ID: DCAEGEN2-913 Issue-ID: DCAEGEN2-1685 Issue-ID: DCAEGEN2-1597 Issue-ID: DCAEGEN2-909 Issue-ID: DCAEGEN2-904 Issue-ID: DCAEGEN2-1513 Issue-ID: DCAEGEN2-1550 Issue-ID: DCAEGEN2-1701 Issue-ID: DCAEGEN2-1694 Issue-ID: DCAEGEN2-1695 Issue-ID: DCAEGEN2-1718 Signed-off-by: Vijay Venkatesh Kumar --- .../dcae-bootstrap/resources/certs/cacert.pem | 31 ++++++++++++++++++++++ .../resources/config/dmaap-plugin.json | 8 ++++++ .../resources/config/k8s-plugin.json | 4 ++- .../resources/inputs/k8s-dashboard-inputs.yaml | 2 +- .../charts/dcae-bootstrap/templates/configmap.yaml | 9 ++++++- .../dcae-bootstrap/templates/deployment.yaml | 24 ++++++++++++++++- .../dcaegen2/charts/dcae-bootstrap/values.yaml | 13 ++++++--- 7 files changed, 83 insertions(+), 8 deletions(-) create mode 100644 kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem create mode 100644 kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json (limited to 'kubernetes/dcaegen2/charts/dcae-bootstrap') diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem new file mode 100644 index 0000000000..897c8ae499 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json new file mode 100644 index 0000000000..41404b0199 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json @@ -0,0 +1,8 @@ +{ + "dmaap": { + "username": "notused", + "password": "doesnotmatter", + "owner": "dcaecm", + "protocol": "http" + } +} \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 51d31a355b..d459d5bb95 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -33,6 +33,8 @@ "tls": { "cert_path": "/opt/tls/shared", - "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}" + "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}", + "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem", + "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" } } diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml index e40a03068c..2718e1882f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml @@ -24,7 +24,7 @@ external_tls_port: {{ .Values.config.address.dashboard.portSecure }} database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }} database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }} database_name: "dashboard_pg" -cloudify_ip: {{ .Values.config.address.cm }} +cloudify_ip: {{ .Values.config.address.cm.host }} cloudify_user: "admin" cloudify_password: "admin" consul_url: {{ .Values.config.address.consul_ui }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml index 878d94bfc6..21134ada9f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml @@ -31,4 +31,11 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/inputs/*").AsConfig . | indent 2 }} - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dcae-cacert + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml index 0463655c79..be5a769a37 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml @@ -61,6 +61,19 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -75,14 +88,21 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true + - mountPath: /certs + name: tls-info + readOnly: true env: - name: CMADDR - value: {{ .Values.config.address.cm }} + value: {{ .Values.config.address.cm.host }} - name: CMPASS valueFrom: secretKeyRef: name: {{ include "common.name" . }}-cmpass key: password + - name: CMPROTO + value: {{ .Values.config.address.cm.proto }} + - name: CMPORT + value: !!string {{ .Values.config.address.cm.port }} - name: CONSUL value: {{ .Values.config.address.consul.host }}:{{ .Values.config.address.consul.port }} - name: DCAE_NAMESPACE @@ -99,5 +119,7 @@ spec: - name: localtime hostPath: path: /etc/localtime + - name: tls-info + emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index aec082fe15..7e93715e29 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -38,10 +38,15 @@ config: host: consul-server port: 8500 consul_ui: consul-server-ui - cm: dcae-cloudify-manager + cm: + host: dcae-cloudify-manager + port: 443 + proto: https + #Temporary assignment to avoid conflict + #To be removed after bootstrap changes done to remove dashboard dashboard: - port: 30418 - portSecure: 30419 + port: 30473 + portSecure: 30474 datafile_collector: port: 30223 portSecure: 30262 @@ -90,7 +95,7 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.18 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.6.2 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager -- cgit