From dd34eadb816e1089a7121dda9810e902caf3e6c4 Mon Sep 17 00:00:00 2001 From: Andreas Geissler Date: Mon, 20 Mar 2023 17:16:45 +0100 Subject: [SDC] Chart cleanup for AAF/TLS removal Use latest helm templates and remove TLS/AAF related parts Issue-ID: OOM-3121 Signed-off-by: Andreas Geissler Change-Id: I453d9bfb471462a3c2f4825a3a542c61df353cf5 --- kubernetes/sdc/components/sdc-fe/Chart.yaml | 3 - .../config/plugins/plugins-configuration.yaml | 4 - .../components/sdc-fe/templates/deployment.yaml | 86 +++------------------- .../sdc/components/sdc-fe/templates/ingress.yaml | 17 +++++ .../sdc/components/sdc-fe/templates/service.yaml | 38 +--------- kubernetes/sdc/components/sdc-fe/values.yaml | 55 +++++--------- 6 files changed, 47 insertions(+), 156 deletions(-) (limited to 'kubernetes/sdc/components/sdc-fe') diff --git a/kubernetes/sdc/components/sdc-fe/Chart.yaml b/kubernetes/sdc/components/sdc-fe/Chart.yaml index 7b646bdf30..c8e53e0ba5 100644 --- a/kubernetes/sdc/components/sdc-fe/Chart.yaml +++ b/kubernetes/sdc/components/sdc-fe/Chart.yaml @@ -21,9 +21,6 @@ name: sdc-fe version: 12.0.0 dependencies: - - name: certInitializer - version: ~12.x-0 - repository: '@local' - name: repositoryGenerator version: ~12.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml index cc91960dbf..1648555ffc 100644 --- a/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml +++ b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml @@ -1,10 +1,6 @@ pluginsList: - pluginId: WORKFLOW - {{- if (include "common.needTLS" .) }} - pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url.https }}" - {{- else }} pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url.http }}" - {{- end }} pluginSourceUrl: "{{ .Values.config.plugins.workflow_source_url }}" pluginStateUrl: "workflowDesigner" pluginDisplayOptions: diff --git a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml index 599e32e175..6bebe6f3fb 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T, ZTE +# Modifications Copyright © 2023 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,26 +18,14 @@ apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} + initContainers: - name: {{ include "common.name" . }}-job-completion image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" @@ -44,7 +33,7 @@ spec: - /app/ready.py args: - --job-name - - {{ include "common.release" . }}-sdc-be-config-backend + - {{ include "common.release" . }}-sdc-be - "-t" - "35" env: @@ -60,60 +49,15 @@ spec: requests: cpu: 3m memory: 20Mi - {{- if .Values.global.aafEnabled }} - - name: {{ include "common.name" . }}-update-config - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - args: - - "-c" - - | - export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) - export KEYSTORE_PASS=$cadi_keystore_password_p12 - export KEYMANAGER_PASS=$cadi_keystore_password_p12 - export TRUSTSTORE_PASS=$cadi_truststore_password - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output - cd /config-input && \ - for PFILE in `find . -not -type d | grep -v -F ..` - do - envsubst <${PFILE} >/config-output/${PFILE} - chmod 0755 /config-output/${PFILE} - done - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - - name: sdc-environments-input - mountPath: /config-input/ - - name: sdc-environments - mountPath: /config-output/ - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 3m - memory: 20Mi - {{- end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - "-c" - - | - sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh - ${JETTY_BASE}/startup.sh - {{- end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + ports: {{ include "common.containerPorts" . | nindent 12 }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} @@ -122,7 +66,7 @@ spec: {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} @@ -130,7 +74,7 @@ spec: failureThreshold: {{ .Values.readiness.failureThreshold }} startupProbe: tcpSocket: - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} timeoutSeconds: {{ .Values.startup.timeoutSeconds }} @@ -149,14 +93,6 @@ spec: volumeMounts: - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ - {{- if .Values.global.aafEnabled }} - - name: sdc-environments - mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12 - subPath: org.onap.sdc.p12 - - name: sdc-environments - mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks - subPath: org.onap.sdc.trust.jks - {{- end }} - name: localtime mountPath: /etc/localtime readOnly: true @@ -175,7 +111,7 @@ spec: # side car containers {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} + volumes: - name: localtime hostPath: path: /etc/localtime diff --git a/kubernetes/sdc/components/sdc-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-fe/templates/ingress.yaml index 8f87c68f1e..90875ab5cc 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/ingress.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/ingress.yaml @@ -1 +1,18 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2023 Deutsche Telekom +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + {{ include "common.ingress" . }} diff --git a/kubernetes/sdc/components/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml index 30c3d1122f..0a349834b4 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T, ZTE +# Modifications Copyright © 2023 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,39 +16,4 @@ # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "sdc-gui", - "version": "v1", - "url": "/sdc1", - "protocol": "UI", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0|1" - } - ]' -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} - {{- else -}} - - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }} - targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index a9eef905c4..b4a8bd6bfe 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -18,30 +18,6 @@ ################################################################# global: nodePortPrefix: 302 - aafEnabled: true - -################################################################# -# AAF Part -################################################################# -certInitializer: - nameOverride: sdc-fe-cert-init - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - fqdn: sdc - fqi: sdc@sdc.onap.org - public_fqdn: sdc.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - addconfig: true - keystoreFile: "org.onap.sdc.p12" - truststoreFile: "org.onap.sdc.trust.jks" - permission_user: 352070 - permission_group: 35953 - aaf_add_config: | - echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop - echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop ################################################################# # Application configuration defaults. @@ -54,15 +30,12 @@ config: javaOptions: "-Xmx256m -Xms256m" plugins: dcae_discovery_url: - https: "https://sdc-dcae-fe:9444/dcaed/#/home" http: "http://sdc-dcae-fe:8183/dcaed/#/home" dcae_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30264/dcaed/#/home" dcae_dt_discovery_url: - https: "https://sdc-dcae-dt:9446/dcae/#/dcae/home" http: "http://sdc-dcae-dt:8186/dcae/#/dcae/home" dcae_dt_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30266/dcae/#/dcae/home" workflow_discovery_url: - https: "https://sdc-wfd-fe:8443/workflows" http: "http://sdc-wfd-fe:8080/workflows" workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/" @@ -106,26 +79,32 @@ startup: failureThreshold: 60 service: - #Example service definition with external, internal and node ports. - #Services may use any combination of ports depending on the 'type' of - #service being defined. type: NodePort name: sdc-fe - portName: http internalPort: 8181 - externalPort: 8181 - internalPort2: 9443 - externalPort2: 9443 - nodePort: "07" - + ports: + - name: http + port: 8181 + nodePort: '07' + annotations: + msb.onap.org/service-info: | + {{ if .Values.global.msbEnabled -}}[ + { + "serviceName": "sdc-ui", + "version": "v1", + "url": "/sdc1", + "protocol": "UI", + "visualRange":"0|1", + "port": "{{ .Values.service.internalPort }}", + } + ]{{ end }} ingress: enabled: false service: - baseaddr: "sdc-fe-ui" name: "sdc-fe" - port: 9443 - plain_port: 8181 + port: 8181 config: ssl: "redirect" -- cgit 1.2.3-korg