From f706ae1b811121513b40ff6b35509088a7a46820 Mon Sep 17 00:00:00 2001
From: Dileep Ranganathan <dileep.ranganathan@intel.com>
Date: Mon, 1 Oct 2018 04:27:13 -0700
Subject: Helm chart updates for OOF OSDF

Helm charts updated for OSDF.
Added new configs, dependent containers, read config from values.yaml

Change-Id: Iba58f4cd4382f21e8247959e2c58e4ffa2d5790d
Issue-ID: OPTFRA-299
Signed-off-by: Dileep Ranganathan <dileep.ranganathan@intel.com>
---
 kubernetes/oof/resources/config/aaf_root_ca.cer  | 31 ++++++++++++
 kubernetes/oof/resources/config/osdf_config.yaml | 63 ++++++++++++++++++++++--
 kubernetes/oof/templates/deployment.yaml         |  9 ++++
 kubernetes/oof/values.yaml                       | 49 +++++++++++++++---
 4 files changed, 142 insertions(+), 10 deletions(-)
 create mode 100755 kubernetes/oof/resources/config/aaf_root_ca.cer

(limited to 'kubernetes')

diff --git a/kubernetes/oof/resources/config/aaf_root_ca.cer b/kubernetes/oof/resources/config/aaf_root_ca.cer
new file mode 100755
index 0000000000..e9a50d7ea0
--- /dev/null
+++ b/kubernetes/oof/resources/config/aaf_root_ca.cer
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
diff --git a/kubernetes/oof/resources/config/osdf_config.yaml b/kubernetes/oof/resources/config/osdf_config.yaml
index f286be4595..d39a83222f 100755
--- a/kubernetes/oof/resources/config/osdf_config.yaml
+++ b/kubernetes/oof/resources/config/osdf_config.yaml
@@ -1,18 +1,29 @@
-osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }}
-osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }}
+placementVersioningEnabled: {{ .Values.config.placementVersioningEnabled }}
 
-osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
-osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
+# Placement API latest version numbers to be set in HTTP header
+placementMajorVersion: {{ .Values.config.placementMajorVersion }}
+placementMinorVersion: {{ .Values.config.placementMinorVersion }}
+placementPatchVersion: {{ .Values.config.placementPatchVersion }}
+
+# Placement API default version numbers to be set in HTTP header
+placementDefaultMajorVersion: {{ .Values.config.placementDefaultMajorVersion }}
+placementDefaultMinorVersion: {{ .Values.config.placementDefaultMinorVersion }}
+placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }}
 
+# Credentials for SO
 soUsername: {{ .Values.config.soUsername }}
 soPassword: {{ .Values.config.soPassword }}
 
+# Credentials for Conductor
 conductorUrl: {{ .Values.config.conductorUrl }}
 conductorUsername: {{ .Values.config.conductorUsername }}
 conductorPassword: {{ .Values.config.conductorPassword }}
 conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }}
 conductorMaxRetries: {{ .Values.config.conductorMaxRetries }}
+# versions to be set in HTTP header
+conductorMinorVersion: {{ .Values.config.conductorMinorVersion }}
 
+# Policy Platform -- requires ClientAuth, Authorization, and Environment
 policyPlatformUrl: {{ .Values.config.policyPlatformUrl }}
 policyPlatformEnv: {{ .Values.config.policyPlatformEnv }}
 policyPlatformUsername: {{ .Values.config.policyPlatformUsername }}
@@ -20,15 +31,59 @@ policyPlatformPassword: {{ .Values.config.policyPlatformPassword }}
 policyClientUsername: {{ .Values.config.policyClientUsername }}
 policyClientPassword: {{ .Values.config.policyClientPassword }}
 
+# Credentials for DMaaP
 messageReaderHosts: {{ .Values.config.messageReaderHosts }}
 messageReaderTopic: {{ .Values.config.messageReaderTopic }}
 messageReaderAafUserId: {{ .Values.config.messageReaderAafUserId }}
 messageReaderAafPassword: {{ .Values.config.messageReaderAafPassword }}
 
+# Credentials for SDC
 sdcUrl: {{ .Values.config.sdcUrl }}
 sdcUsername: {{ .Values.config.sdcUsername }}
 sdcPassword: {{ .Values.config.sdcPassword }}
 sdcONAPInstanceID: {{ .Values.config.sdcONAPInstanceID }}
 
+# Credentials for the OOF placement service - Generic
 osdfPlacementUsername: {{ .Values.config.osdfPlacementUsername }}
 osdfPlacementPassword: {{ .Values.config.osdfPlacementPassword }}
+
+# Credentials for the OOF placement service - SO
+osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }}
+osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }}
+
+# Credentials for the OOF placement service - VFC
+osdfPlacementVFCUsername: {{ .Values.config.osdfPlacementVFCUsername }}
+osdfPlacementVFCPassword: {{ .Values.config.osdfPlacementVFCPassword }}
+
+# Credentials for the OOF CM scheduling service - Generic
+osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
+osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
+
+is_aaf_enabled: {{ .Values.config.is_aaf_enabled }}
+aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }}
+aaf_url: {{ .Values.config.aaf_url }}
+aaf_user_roles:
+  {{- range .Values.config.aaf_user_roles }}
+  - {{ . }}
+  {{- end }}
+
+# Secret Management Service from AAF
+aaf_sms_url: {{ .Values.config.aaf_sms_url }}
+aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }}
+secret_domain: {{ .Values.config.secret_domain }}
+aaf_ca_certs: {{ .Values.config.aaf_ca_certs }}
+
+# config db api
+configDbUrl: {{ .Values.config.configDbUrl }}
+configDbUserName: {{ .Values.config.configDbUserName }}
+configDbPassword: {{ .Values.config.configDbPassword }}
+configDbGetCellListUrl: {{ .Values.config.configDbGetCellListUrl }}
+configDbGetNbrListUrl: {{ .Values.config.configDbGetNbrListUrl }}
+
+# Credentials for PCIHandler
+pciHMSUsername: {{ .Values.config.pciHMSUsername }}
+pciHMSPassword: {{ .Values.config.pciHMSPassword }}
+
+# Credentials for the OOF PCI Opt service
+osdfPCIOptUsername: {{ .Values.config.osdfPCIOptUsername }}
+osdfPCIOptPassword: {{ .Values.config.osdfPCIOptPassword }}
diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml
index ed64166b59..07f1ff44a9 100644
--- a/kubernetes/oof/templates/deployment.yaml
+++ b/kubernetes/oof/templates/deployment.yaml
@@ -38,6 +38,10 @@ spec:
         - --container-name
         - pdp
         - --container-name
+        - aaf-service
+        - --container-name
+        - aaf-sms
+        - --container-name
         - oof-has-api
         env:
         - name: NAMESPACE
@@ -76,6 +80,9 @@ spec:
           - mountPath: /opt/app/config/osdf_config.yaml
             name: {{ include "common.fullname" . }}-config
             subPath: osdf_config.yaml
+          - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
+            name: {{ include "common.fullname" . }}-config
+            subPath: aaf_root_ca.cer
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -97,5 +104,7 @@ spec:
             items:
             - key: osdf_config.yaml
               path: osdf_config.yaml
+            - key: aaf_root_ca.cer
+              path: aaf_root_ca.cer
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index c249f26569..da69c42b9e 100644
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -36,12 +36,15 @@ debugEnabled: false
 config:
   msbgateway: msb-iag
   msbPort: 80
-  # Credentials for the OOF placement service – SO.
-  osdfPlacementSOUsername: so_test
-  osdfPlacementSOPassword: so_testpwd
-  # Credentials for the OOF CM scheduling service – Generic.
-  osdfCMSchedulerUsername: test1
-  osdfCMSchedulerPassword: testpwd1
+  placementVersioningEnabled: False
+  # Placement API latest version numbers to be set in HTTP header
+  placementMajorVersion: "1"
+  placementMinorVersion: "0"
+  placementPatchVersion: "0"
+  # Placement API default version numbers to be set in HTTP header
+  placementDefaultMajorVersion: "1"
+  placementDefaultMinorVersion: "0"
+  placementDefaultPatchVersion: "0"
   # Credentials of the callback url for SO.
   soUsername: ""   # SO username for call back.
   soPassword: ""   # SO password for call back.
@@ -51,6 +54,8 @@ config:
   conductorPassword: plan.15
   conductorPingWaitTime: 60
   conductorMaxRetries: 30
+  # versions to be set in HTTP header
+  conductorMinorVersion: 0
   # Url and credentials for the Policy Platform
   policyPlatformUrl: http://pdp:8081/pdp/api/getConfig # Policy Dev platform URL
   policyPlatformEnv: TEST # Environment for policy platform
@@ -71,6 +76,38 @@ config:
   # Credentials for the placement service – Generic.
   osdfPlacementUsername: "test"
   osdfPlacementPassword: "testpwd"
+  # Credentials for the OOF placement service – SO.
+  osdfPlacementSOUsername: so_test
+  osdfPlacementSOPassword: so_testpwd
+  # Credentials for the OOF placement service - VFC
+  osdfPlacementVFCUsername: vfc_test
+  osdfPlacementVFCPassword: vfc_testpwd
+  # Credentials for the OOF CM scheduling service – Generic.
+  osdfCMSchedulerUsername: test1
+  osdfCMSchedulerPassword: testpwd1
+  #AAF Authentication
+  is_aaf_enabled: False
+  aaf_cache_expiry_hrs: 3
+  aaf_url: https://aaf-service:8100
+  aaf_user_roles:
+      - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL'
+  # Secret Management Service from AAF
+  aaf_sms_url: https://aaf-sms:10443
+  aaf_sms_timeout: 30
+  secret_domain: osdf
+  aaf_ca_certs: /opt/app/ssl_cert/aaf_root_ca.cer
+  # config db api
+  configDbUrl: http://config.db.url:8080
+  configDbUserName: osdf
+  configDbPassword: passwd
+  configDbGetCellListUrl: 'SDNCConfigDBAPI/getCellList'
+  configDbGetNbrListUrl: 'SDNCConfigDBAPI/getNbrList'
+  # Credentials for PCIHandler
+  pciHMSUsername: ""   # pcihandler username for call back.
+  pciHMSPassword: ""   # pcihandler password for call back.
+  # Credentials for the OOF PCI Opt service
+  osdfPCIOptUsername: pci_test
+  osdfPCIOptPassword: pci_testpwd
 # default number of instances
 replicaCount: 1
 nodeSelector: {}
-- 
cgit 1.2.3-korg