From 0df1f8ec5332651b5ce2731dd25ee2319f393b4f Mon Sep 17 00:00:00 2001 From: seshukm Date: Mon, 17 Aug 2020 21:45:49 +0530 Subject: [SO] move subcharts to components folder Move subcharts to components folder in order to be able to enable/disable them one by one. Also use certInitializer to retrieve truststore in order to be able to discuss with other ONAP components. Issue-ID: SO-2046 Change-Id: Ia5c2a590a2ad75e4b69be0748e9d79fda996af37 Signed-off-by: seshukm Signed-off-by: Sylvain Desbureaux --- kubernetes/so/components/so-bpmn-infra/Chart.yaml | 18 + .../so/components/so-bpmn-infra/requirements.yaml | 23 ++ .../resources/config/overrides/override.yaml | 383 +++++++++++++++++++++ .../so-bpmn-infra/templates/configmap.yaml | 49 +++ .../so-bpmn-infra/templates/deployment.yaml | 140 ++++++++ .../components/so-bpmn-infra/templates/secret.yaml | 15 + .../so-bpmn-infra/templates/service.yaml | 38 ++ kubernetes/so/components/so-bpmn-infra/values.yaml | 164 +++++++++ 8 files changed, 830 insertions(+) create mode 100755 kubernetes/so/components/so-bpmn-infra/Chart.yaml create mode 100755 kubernetes/so/components/so-bpmn-infra/requirements.yaml create mode 100755 kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml create mode 100755 kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml create mode 100755 kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml create mode 100644 kubernetes/so/components/so-bpmn-infra/templates/secret.yaml create mode 100755 kubernetes/so/components/so-bpmn-infra/templates/service.yaml create mode 100755 kubernetes/so/components/so-bpmn-infra/values.yaml (limited to 'kubernetes/so/components/so-bpmn-infra') diff --git a/kubernetes/so/components/so-bpmn-infra/Chart.yaml b/kubernetes/so/components/so-bpmn-infra/Chart.yaml new file mode 100755 index 0000000000..faba23eb16 --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for SO Bpmn Infra +name: so-bpmn-infra +version: 6.0.0 diff --git a/kubernetes/so/components/so-bpmn-infra/requirements.yaml b/kubernetes/so/components/so-bpmn-infra/requirements.yaml new file mode 100755 index 0000000000..1feea23842 --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/requirements.yaml @@ -0,0 +1,23 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +dependencies: + - name: common + version: ~6.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + - name: soHelpers + version: ~6.x-0 + repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..028b698657 --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -0,0 +1,383 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +aai: + auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} + dme2: + timeout: '30000' + endpoint: https://aai.{{ include "common.namespace" . }}:8443 + workflowAaiDistributionDelay: PT30S + pnfEntryNotificationTimeout: P14D +cds: + endpoint: cds-blueprints-processor-grpc + port: 9111 + auth: {{ .Values.cds.auth }} + timeout: 600 +camunda: + bpm: + admin-user: + id: admin + password: admin + history-level: full + job-execution: + max-pool-size: 30 + core-pool-size: 3 +entitymanager: + packagesToScan: com +pnf: + dmaap: + host: message-router + port: 3904 + protocol: http + uriPathPrefix: events + topicName: unauthenticated.PNF_READY + consumerGroup: consumerGroup + consumerId: consumerId + topicListenerDelayInSeconds: 5 +bpelURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081 +msb-ip: msb-iag +msb-port: 80 +mso: + rainyDay: + retryDurationMultiplier: 2 + maxRetries: 5 + msoKey: {{ .Values.mso.key }} + correlation: + timeout: 60 + logPath: logs + config: + cadi: {{ include "so.cadi.keys" . | nindent 8}} + async: + core-pool-size: 50 + max-pool-size: 50 + queue-capacity: 500 + adapters: + completemsoprocess: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/CompleteMsoProcess + requestDb: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.adapters.requestDb.auth )}} + db: + auth: {{ .Values.mso.adapters.db.auth }} + password: {{ .Values.mso.adapters.db.password }} + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter + spring: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + network: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/NetworkAdapter + rest: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/networks + openecomp: + db: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter + po: + auth: {{ .Values.mso.adapters.po.auth }} + sdnc: + endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter + rest: + endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc + timeout: PT60M + tenant: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/TenantAdapter + vnf: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAdapter + rest: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/vnfs + volume-groups: + rest: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/volume-groups + vnf-async: + endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsync + vfc: + rest: + endpoint: http://so-vfc-adapter.{{ include "common.namespace" . }}:8084/services/v1/vfcadapter + workflow: + message: + endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage + nssmf: + endpoint: http://so-nssmf-adapter.{{ include "common.namespace" . }}:8088 + bpmn: + process: + historyTimeToLive: '30' + callbackRetryAttempts: '5' + catalog: + db: + endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082/ecomp/mso/catalog + spring: + endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 + db: + auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + default: + adapter: + namespace: http://org.onap.mso + healthcheck: + log: + debug: 'false' + infra: + endpoint: + url: http://so.{{ include "common.namespace" . }}:8080/onap/so/infra + customer: + id: testCustIdInfra + po: + timeout: PT60M + request: + db: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/ + rollback: 'true' + sdnc: + password: {{ .Values.mso.sdnc.password }} + service: + agnostic: + sniro: + endpoint: /sniro/api/v2/placement + host: http://sniro-emulator:80 + site-name: CamundaEngine + sniro: + auth: {{ .Values.mso.sniro.auth }} + callback: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/adapters/rest/SDNCNotify + endpoint: {{ .Values.mso.sniro.endpoint }} + timeout: PT30M + oof: + auth: {{ .Values.mso.oof.auth }} + callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage + endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 + timeout: PT30M + workflow: + CreateGenericVNFV1: + aai: + volume-group: + uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group + default: + aai: + version: '14' + cloud-region: + version: '14' + generic-vnf: + version: '14' + v14: + customer: + uri: /aai/v14/business/customers/customer + generic-query: + uri: /aai/v14/search/generic-query + generic-vnf: + uri: /aai/v14/network/generic-vnfs/generic-vnf + l3-network: + uri: /aai/v14/network/l3-networks/l3-network + network-policy: + uri: /aai/v14/network/network-policies/network-policy + nodes-query: + uri: /aai/v14/search/nodes-query + route-table-reference: + uri: /aai/v14/network/route-table-references/route-table-reference + tenant: + uri: /aai/v14/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant + vce: + uri: /aai/v14/network/vces/vce + vpn-binding: + uri: /aai/v14/network/vpn-bindings/vpn-binding + sp-partner: + uri: /aai/v14/business/sp-partners/sp-partner + device: + uri: /aai/v14/network/devices/device + v11: + customer: + uri: /aai/v11/business/customers/customer + generic-query: + uri: /aai/v11/search/generic-query + generic-vnf: + uri: /aai/v11/network/generic-vnfs/generic-vnf + l3-network: + uri: /aai/v11/network/l3-networks/l3-network + network-policy: + uri: /aai/v11/network/network-policies/network-policy + nodes-query: + uri: /aai/v11/search/nodes-query + route-table-reference: + uri: /aai/v11/network/route-table-references/route-table-reference + tenant: + uri: /aai/v11/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant + vce: + uri: /aai/v11/network/vces/vce + vpn-binding: + uri: /aai/v11/network/vpn-bindings/vpn-binding + v8: + configuration: + uri: /aai/v11/network/configurations/configuration + customer: + uri: /aai/v8/business/customers/customer + generic-query: + uri: /aai/v8/search/generic-query + l3-network: + uri: /aai/v8/network/l3-networks/l3-network + network-policy: + uri: /aai/v8/network/network-policies/network-policy + nodes-query: + uri: /aai/v8/search/nodes-query + route-table-reference: + uri: /aai/v8/network/route-table-references/route-table-reference + tenant: + uri: /aai/v8/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant + vce: + uri: /aai/v8/network/vces/vce + vpn-binding: + uri: /aai/v8/network/vpn-bindings/vpn-binding + v9: + cloud-region: + uri: /aai/v9/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner + generic-vnf: + uri: /aai/v9/network/generic-vnfs/generic-vnf + retry: + attempts: '1' + deleteCinderVolumeV1: + aai: + volume-group: + uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group + global: + default: + aai: + namespace: http://org.onap.aai.inventory/ + version: 14 + message: + endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage + notification: + name: GenericNotificationServiceATT + sdnc: + replication: + delay: PT60S + sdncadapter: + callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService + vnfadapter: + create: + callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify + delete: + callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify + query: + callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify + rollback: + callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify + use: + qualified: + host: false + global: + dmaap: + username: testuser + password: alRyMzJ3NUNeakxl + host: http://10.42.111.36:904 + publisher: + topic: replaceme + naming: + endpoint: http://naming.demo.onap.com:8081/web/service/v1/genNetworkElementName + auth: Basic bTA0NzY4QG5vbi1wcm9kLm1zby5lY29tcC5hdHQuY29tOkF0dG0wNDc2OExpZmUhQA== +policy: + auth: Basic dGVzdHBkcDphbHBoYTEyMw== + default: + disposition: Skip + client: + auth: Basic bTAzNzQzOnBvbGljeVIwY2sk + endpoint: http://pdp.{{ include "common.namespace" . }}:8081/pdp/api/ + environment: TEST +sdnc: + auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ== + host: http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }} + path: /restconf/operations/GENERIC-RESOURCE-API + si: + svc: + types: PORT-MIRROR,PPROBE + dmaap: + host: http://message-router.{{ include "common.namespace" . }}:3904 + timeout: 30000 + lcm: + path: '/restconf/operations/LCM:' + actionTimeout: 300000 + dmapp: + readTopic: SDNC-LCM-WRITE + writeTopic: SDNC-LCM-READ +appc: + client: + topic: + read: + name: APPC-LCM-WRITE + timeout: 360000 + write: APPC-LCM-READ + sdnc: + read: SDNC-LCM-WRITE + write: SDNC-LCM-READ + response: + timeout: 360000 + key: VIlbtVl6YLhNUrtU + secret: 64AG2hF4pYeG2pq7CT6XwUOT + service: ueb + poolMembers: message-router.{{ include "common.namespace" . }}:3904,message-router.{{ include "common.namespace" . }}:3904 +sniro: + conductor: + enabled: true + host: http://sniro-emulator:80 + uri: /v1/release-orders + headers.auth: Basic dGVzdDp0ZXN0cHdk + manager: + timeout: PT30M + host: http://sniro-emulator:80 + uri.v1: /sniro/api/v2/placement + uri.v2: /sniro/api/placement/v2 + headers.auth: Basic dGVzdDp0ZXN0cHdk + headers.patchVersion: 1 + headers.minorVersion: 1 + headers.latestVersion: 2 +server: + port: {{ index .Values.containerPort }} + tomcat: + max-threads: 50 +spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: bpmn-pool + registerMbeans: true + security: + usercredentials: + - + username: apihBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: sdncaBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: poBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: wmaBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: sniro + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SNIRO-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +so: + vnfm: + adapter: + url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + auth: {{ .Values.so.vnfm.adapter.auth }} +org: + onap: + so: + cloud-owner: CloudOwner diff --git a/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml b/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml new file mode 100755 index 0000000000..747941610f --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml @@ -0,0 +1,49 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} + diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml new file mode 100755 index 0000000000..de76901865 --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -0,0 +1,140 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + - command: + - /app/ready.py + args: + - --job-name + - {{ include "common.release" . }}-so-mariadb-config-job + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: {{ include "common.resources" . | nindent 12 }} + {{- if .Values.global.aafEnabled }} + command: + - sh + args: + - -c + - | + export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) + export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" + {{- if .Values.global.security.aaf.enabled }} + export KEYSTORE_PASSWORD="${cadi_keystore_password}" + {{- end }} + /app/start-app.sh + {{- end }} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }} + - name: DB_ADMIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} + - name: DB_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} + {{ include "so.certificates.env" . | indent 8 | trim }} + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + - name: logs + mountPath: /app/logs + - name: config + mountPath: /app/config + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap +{{ include "so.helpers.livenessProbe" .| indent 8 }} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: logs + mountPath: /var/log/onap/so + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + - name: logs + emptyDir: {} + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-so-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-bpmn-infra/templates/secret.yaml b/kubernetes/so/components/so-bpmn-infra/templates/secret.yaml new file mode 100644 index 0000000000..bd7eb8ea40 --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/templates/secret.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secretFast" . }} diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml new file mode 100755 index 0000000000..6711c3b2e7 --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml @@ -0,0 +1,38 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml new file mode 100755 index 0000000000..b6f315aa3d --- /dev/null +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -0,0 +1,164 @@ +# Copyright © 2018 AT&T USA +# Copyright © 2020 Huawei +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + repository: nexus3.onap.org:10001 + readinessImage: onap/oom/readiness:3.0.1 + aafAgentImage: onap/aaf/aaf_agent:2.1.20 + envsubstImage: dibi/envsubst + persistence: + mountPath: /dockerdata-nfs + #This configuration specifies Service and port for SDNC OAM interface + sdncOamService: sdnc-oam + sdncOamPort: 8282 + security: + aaf: + enabled: false + aaf: + auth: + encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-user-creds + name: '{{ include "common.release" . }}-so-bpmn-infra-db-user-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' + login: '{{ .Values.db.userName }}' + password: '{{ .Values.db.userPassword }}' + passwordPolicy: required + - uid: db-admin-creds + name: '{{ include "common.release" . }}-so-bpmn-infra-db-admin-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' + login: '{{ .Values.db.adminName }}' + password: '{{ .Values.db.adminPassword }}' + passwordPolicy: required + +#secretsFilePaths: | +# - 'my file 1' +# - '{{ include "templateThatGeneratesFileName" . }}' + + + +################################################################# +# Application configuration defaults. +################################################################# +repository: nexus3.onap.org:10001 +image: onap/so/bpmn-infra:1.6.4 +pullPolicy: Always + +db: + userName: so_user + userPassword: so_User123 + # userCredsExternalSecret: some secret + adminName: so_admin + adminPassword: so_Admin123 + # adminCredsExternalSecret: some secret + +aai: + auth: 221187EFA3AD4E33600DE0488F287099934CE65C3D0697BCECC00BB58E784E07CD74A24581DC31DBC086FF63DF116378776E9BE3D1325885 + +cds: + auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + +mso: + key: 07a7159d3bf51a0e53be7a8f89699be7 + adapters: + requestDb: + auth: Basic YnBlbDpwYXNzd29yZDEk + db: + auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF + password: wLg4sjrAFUS8rfVfdvTXeQ== + po: + auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF + sdnc: + password: 1D78CFC35382B6938A989066A7A7EAEF4FE933D2919BABA99EB4763737F39876C333EE5F + sniro: + auth: test:testpwd + oof: + auth: test:testpwd +so: + vnfm: + adapter: + auth: Basic dm5mbTpwYXNzd29yZDEk +sniro: + endpoint: http://replaceme:28090/optimizationInstance/V1/create + +replicaCount: 1 +minReadySeconds: 10 +containerPort: &containerPort 8081 +logPath: ./logs/bpmn/ +app: so-bpmn-infra +service: + type: ClusterIP + internalPort: *containerPort + externalPort: 8081 + portName: so-bpmn-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 + +################################################################# +# soHelper part +################################################################# +soHelpers: + nameOverride: so-bpmn-cert-init + certInitializer: + nameOverride: so-bpmn-cert-init + credsPath: /opt/app/osaaf/local + cadi: + apiEnforcement: org.onap.so.bpmnPerm + containerPort: *containerPort + + +# Resource Limit flavor -By Default using small +flavor: large +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + memory: 4Gi + cpu: 2000m + requests: + memory: 1Gi + cpu: 500m + large: + limits: + memory: 8Gi + cpu: 4000m + requests: + memory: 2Gi + cpu: 1000m + unlimited: {} +livenessProbe: + path: /manage/health + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} -- cgit 1.2.3-korg