2 # Copyright © 2020 Samsung Electronics
3 # Copyright © 2017 Amdocs, Bell Canada
4 # Copyright © 2021 Nokia
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
21 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
25 app: {{ include "common.name" . }}
26 serviceName: {{ include "common.servicename" . }}-cluster
27 replicas: {{ .Values.replicaCount }}
28 selector: {{- include "common.selectors" . | nindent 4 }}
29 podManagementPolicy: Parallel
31 metadata: {{- include "common.templateMetadata" . | nindent 6 }}
38 - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
40 - name: AAI_CLIENT_NAME
41 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }}
42 - name: AAI_CLIENT_PASSWORD
43 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }}
44 - name: AAI_TRUSTSTORE_PASSWORD
45 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 10 }}
46 - name: ANSIBLE_TRUSTSTORE_PASSWORD
47 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 10 }}
49 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 10 }}
51 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 10 }}
53 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 10 }}
55 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 10 }}
57 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 10 }}
59 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 10 }}
60 - name: HONEYCOMB_USER
61 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 10 }}
62 - name: HONEYCOMB_PASSWORD
63 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 10 }}
64 - name: TRUSTSTORE_PASSWORD
65 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 10 }}
66 - name: KEYSTORE_PASSWORD
67 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }}
69 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 10 }}
70 - name: DMAAP_PASSWORD
71 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 10 }}
73 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 10 }}
74 - name: MODELSERVICE_USER
75 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }}
76 - name: MODELSERVICE_PASSWORD
77 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }}
79 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }}
80 - name: RESTCONF_PASSWORD
81 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }}
83 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }}
84 - name: ANSIBLE_PASSWORD
85 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }}
87 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }}
88 - name: SCALEOUT_PASSWORD
89 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }}
91 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }}
93 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
94 - name: SDNC_DB_PASSWORD
95 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
97 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
98 - name: MYSQL_PASSWORD
99 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
100 - name: ODL_ADMIN_USERNAME
101 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
103 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
104 - name: ODL_ADMIN_PASSWORD
105 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
107 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
108 {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }}
109 - name: DMAAP_HTTP_PROXY_USERNAME
110 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }}
111 - name: DMAAP_HTTP_PROXY_PASSWORD
112 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }}
114 {{ if .Values.config.sdnr.oauth.enabled }}
115 - name: OAUTH_TOKEN_SECRET
116 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }}
117 - name: KEYCLOAK_SECRET
118 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }}
120 - name: ENABLE_ODLUX_RBAC
121 value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}"
125 - mountPath: /config-input
129 image: {{ include "repositoryGenerator.image.envsubst" . }}
130 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
131 name: {{ include "common.name" . }}-update-config
132 {{ if .Values.dgbuilder.enabled -}}
136 {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}}
138 - {{ include "common.mariadbService" . }}
140 - {{ include "common.fullname" . }}-dbinit-job
142 {{ if .Values.config.sdnr.enabled -}}
144 - {{ include "common.name" . }}-sdnrdb-init-job
151 fieldPath: metadata.namespace
152 image: {{ include "repositoryGenerator.image.readiness" . }}
153 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
154 name: {{ include "common.name" . }}-readiness
156 {{ include "common.certInitializer.initContainer" . | indent 6 }}
157 - name: {{ include "common.name" . }}-chown
158 image: {{ include "repositoryGenerator.image.busybox" . }}
164 mkdir {{ .Values.persistence.mdsalPath }}/journal
165 mkdir {{ .Values.persistence.mdsalPath }}/snapshots
166 mkdir {{ .Values.persistence.mdsalPath }}/daexim
167 chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
168 {{- if .Values.global.aafEnabled }}
169 chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
172 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
173 - mountPath: {{ .Values.persistence.mdsalPath }}
174 name: {{ include "common.fullname" . }}-data
176 - name: {{ include "common.name" . }}
177 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
178 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
179 {{- if .Values.global.cmpv2Enabled }}
180 {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }}
184 command: ["sh", "-c", {{$linkCommand | quote}} ]
186 command: ["/bin/bash"]
187 args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"]
189 - containerPort: {{ .Values.service.internalPort }}
190 - containerPort: {{ .Values.service.internalPort2 }}
191 - containerPort: {{ .Values.service.internalPort3 }}
192 - containerPort: {{ .Values.service.clusterPort }}
193 {{- if .Values.config.sdnr.netconfCallHome.enabled }}
194 - containerPort: {{ .Values.service.callHomePort }}
198 port: {{ .Values.service.internalPort }}
199 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
200 periodSeconds: {{ .Values.readiness.periodSeconds }}
202 - name: MYSQL_ROOT_PASSWORD
203 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }}
204 - name: ODL_ADMIN_USERNAME
205 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
207 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
208 - name: ODL_ADMIN_PASSWORD
209 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
211 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
213 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
214 - name: SDNC_DB_PASSWORD
215 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
217 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
218 - name: MYSQL_PASSWORD
219 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
220 - name: MYSQL_DATABASE
221 value: "{{ .Values.config.dbSdnctlDatabase }}"
222 - name: SDNC_CONFIG_DIR
223 value: "{{ .Values.config.configDir }}"
224 - name: AAI_CLIENT_NAME
225 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 12 }}
226 - name: AAI_CLIENT_PASSWORD
227 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 12 }}
228 - name: AAI_TRUSTSTORE_PASSWORD
229 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 12 }}
230 - name: ANSIBLE_TRUSTSTORE_PASSWORD
231 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 12 }}
233 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 12 }}
235 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 12 }}
237 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 12 }}
238 - name: NENG_PASSWORD
239 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 12 }}
241 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 12 }}
243 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 12 }}
244 - name: HONEYCOMB_USER
245 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 12 }}
246 - name: HONEYCOMB_PASSWORD
247 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 12 }}
248 - name: TRUSTSTORE_PASSWORD
249 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
250 - name: KEYSTORE_PASSWORD
251 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
253 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 12 }}
254 - name: DMAAP_PASSWORD
255 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 12 }}
256 - name: DMAAP_AUTHKEY
257 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 12 }}
258 - name: ENABLE_ODL_CLUSTER
259 value: "{{ .Values.config.enableClustering }}"
260 - name: MY_ODL_CLUSTER
261 value: "{{ .Values.config.myODLCluster }}"
262 - name: PEER_ODL_CLUSTER
263 value: "{{ .Values.config.peerODLCluster }}"
264 - name: IS_PRIMARY_CLUSTER
265 value: "{{ .Values.config.isPrimaryCluster }}"
267 value: "{{ .Values.config.geoEnabled}}"
268 - name: SDNC_AAF_ENABLED
269 value: "{{ .Values.global.aafEnabled}}"
270 - name: SDNC_REPLICAS
271 value: "{{ .Values.replicaCount }}"
273 value: {{ include "common.mariadbService" . }}
275 value: {{ .Values.persistence.mdsalPath }}
277 value: {{ .Values.persistence.daeximPath }}
279 value: {{ .Values.persistence.journalPath }}
280 - name: SNAPSHOTS_PATH
281 value: {{ .Values.persistence.snapshotsPath }}
283 value: "{{ .Values.config.javaHome}}"
285 value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}"
286 - name: KARAF_CONSOLE_LOG_LEVEL
287 value: "{{ include "common.log.level" . }}"
289 value: "{{ .Values.config.sdnr.enabled | default "false"}}"
290 {{- if eq .Values.config.sdnr.mode "web" }}
295 value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
297 {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}}
298 value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
299 {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
300 - name: SDNRDBTRUSTALLCERTS
303 {{- if .Values.global.cmpv2Enabled }}
305 value: {{ (mustFirst (.Values.certificates)).mountPath }}
308 value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}"
309 - name: SDNR_NETCONF_CALLHOME_ENABLED
310 value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}"
311 - name: SDNR_VES_COLLECTOR_ENABLED
312 value: "{{ .Values.config.sdnr.vesCollector.enabled }}"
313 - name: SDNR_VES_COLLECTOR_TLS_ENABLED
314 value: "{{ .Values.config.sdnr.vesCollector.tls.enabled }}"
315 - name: SDNR_VES_COLLECTOR_TRUST_ALL_CERTS
316 value: "{{ .Values.config.sdnr.vesCollector.trustAllCertificates }}"
317 - name: SDNR_VES_COLLECTOR_IP
318 value: "{{ .Values.config.sdnr.vesCollector.address }}"
319 - name: SDNR_VES_COLLECTOR_PORT
320 value: "{{ .Values.config.sdnr.vesCollector.port }}"
321 - name: SDNR_VES_COLLECTOR_VERSION
322 value: "{{ .Values.config.sdnr.vesCollector.version | default "v7" }}"
323 - name: SDNR_VES_COLLECTOR_REPORTING_ENTITY_NAME
324 value: "{{ .Values.config.sdnr.vesCollector.reportingEntityName | default "ONAP SDN-R" }}"
325 - name: SDNR_VES_COLLECTOR_EVENTLOG_MSG_DETAIL
326 value: "{{ .Values.config.sdnr.vesCollector.eventLogMsgDetail | default "SHORT" }}"
327 - name: SDNR_VES_COLLECTOR_USERNAME
328 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "login") | indent 12 }}
329 - name: SDNR_VES_COLLECTOR_PASSWORD
330 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "password") | indent 12 }}
333 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
334 {{- if .Values.global.cmpv2Enabled }}
335 {{ include "common.certManager.volumeMounts" . | indent 10 }}
337 - mountPath: /etc/localtime
340 - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg
341 name: sdnc-logging-cfg-config
342 subPath: org.ops4j.pax.logging.cfg
343 - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
345 subPath: installSdncDb.sh
346 - mountPath: {{ .Values.config.binDir }}/createLinks.sh
348 subPath: createLinks.sh
349 - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
351 subPath: aaiclient.properties
352 - mountPath: {{ .Values.config.configDir }}/aaiclient.properties
354 subPath: aaiclient.properties
355 - mountPath: {{ .Values.config.configDir }}/dblib.properties
357 subPath: dblib.properties
358 - mountPath: {{ .Values.config.configDir }}/lcm-dg.properties
360 subPath: lcm-dg.properties
361 - mountPath: {{ .Values.config.configDir }}/svclogic.properties
363 subPath: svclogic.properties
364 - mountPath: /opt/onap/sdnc/svclogic/config/svclogic.properties
366 subPath: svclogic.properties
367 - mountPath: {{ .Values.config.configDir }}/netbox.properties
369 subPath: netbox.properties
370 - mountPath: {{ .Values.config.configDir }}/blueprints-processor-adaptor.properties
372 subPath: blueprints-processor-adaptor.properties
373 - mountPath: {{ .Values.persistence.mdsalPath }}
374 name: {{ include "common.fullname" . }}-data
375 - mountPath: /var/log/onap
377 - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml
380 - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg
382 subPath: org.opendaylight.controller.cluster.datastore.cfg
383 - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.aaa.filterchain.cfg
385 subPath: org.opendaylight.aaa.filterchain.cfg
386 - mountPath: {{ .Values.config.odl.binDir }}/setenv
389 - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties
391 subPath: mountpoint-registrar.properties
392 - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
394 subPath: mountpoint-state-provider.properties
395 - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg
397 subPath: org.opendaylight.daexim.cfg
398 {{- if .Values.config.sdnr.oauth.enabled }}
399 - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json
401 subPath: oauth-provider.config.json
403 resources: {{ include "common.resources" . | nindent 12 }}
404 # side car containers
405 - name: filebeat-onap
406 image: {{ include "repositoryGenerator.image.logging" . }}
407 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
409 - mountPath: /usr/share/filebeat/filebeat.yml
411 subPath: filebeat.yml
412 - mountPath: /var/log/onap
414 - mountPath: /usr/share/filebeat/data
416 {{- if .Values.nodeSelector }}
417 nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
419 {{- if .Values.affinity }}
420 affinity: {{ toYaml .Values.affinity | nindent 8 }}
423 - name: "{{ include "common.namespace" . }}-docker-registry-key"
424 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
431 - name: data-filebeat
433 - name: filebeat-conf
435 name: {{ include "common.fullname" . }}-filebeat-configmap
436 - name: sdnc-logging-cfg-config
438 name: {{ include "common.fullname" . }}-log-configmap
441 name: {{ include "common.fullname" . }}-bin
445 name: {{ include "common.fullname" . }}-properties
450 {{ if not .Values.persistence.enabled }}
451 - name: {{ include "common.fullname" . }}-data
454 {{ include "common.certInitializer.volumes" . | nindent 8 }}
455 {{- if .Values.global.cmpv2Enabled }}
456 {{ include "common.certManager.volumes" . | nindent 8 }}
458 volumeClaimTemplates:
460 name: {{ include "common.fullname" . }}-data
462 name: {{ include "common.fullname" . }}
463 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
464 release: "{{ include "common.release" . }}"
465 heritage: "{{ .Release.Service }}"
468 - {{ .Values.persistence.accessMode }}
469 storageClassName: {{ include "common.storageClass" . }}
472 storage: {{ .Values.persistence.size }}