2 # Copyright © 2020 Samsung Electronics
3 # Copyright © 2017 Amdocs, Bell Canada
4 # Copyright © 2021 Nokia
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
21 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
23 selector: {{- include "common.selectors" . | nindent 4 }}
24 serviceName: {{ include "common.servicename" . }}-cluster
25 podManagementPolicy: Parallel
26 replicas: {{ .Values.replicaCount }}
28 metadata: {{- include "common.templateMetadata" . | nindent 6 }}
35 - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
37 - name: AAI_CLIENT_NAME
38 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }}
39 - name: AAI_CLIENT_PASSWORD
40 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }}
41 - name: AAI_TRUSTSTORE_PASSWORD
42 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 10 }}
43 - name: ANSIBLE_TRUSTSTORE_PASSWORD
44 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 10 }}
46 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 10 }}
48 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 10 }}
50 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 10 }}
52 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 10 }}
54 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 10 }}
56 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 10 }}
57 - name: HONEYCOMB_USER
58 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 10 }}
59 - name: HONEYCOMB_PASSWORD
60 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 10 }}
61 - name: TRUSTSTORE_PASSWORD
62 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 10 }}
63 - name: KEYSTORE_PASSWORD
64 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }}
66 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 10 }}
67 - name: DMAAP_PASSWORD
68 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 10 }}
70 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 10 }}
71 - name: MODELSERVICE_USER
72 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }}
73 - name: MODELSERVICE_PASSWORD
74 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }}
76 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }}
77 - name: RESTCONF_PASSWORD
78 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }}
80 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }}
81 - name: ANSIBLE_PASSWORD
82 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }}
84 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }}
85 - name: SCALEOUT_PASSWORD
86 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }}
88 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }}
90 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
91 - name: SDNC_DB_PASSWORD
92 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
94 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
95 - name: MYSQL_PASSWORD
96 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
97 - name: ODL_ADMIN_USERNAME
98 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
100 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
101 - name: ODL_ADMIN_PASSWORD
102 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
104 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
105 {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }}
106 - name: DMAAP_HTTP_PROXY_USERNAME
107 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }}
108 - name: DMAAP_HTTP_PROXY_PASSWORD
109 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }}
111 {{ if .Values.config.sdnr.oauth.enabled }}
112 - name: OAUTH_TOKEN_SECRET
113 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }}
114 - name: KEYCLOAK_SECRET
115 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }}
116 - name: ENABLE_ODLUX_RBAC
117 value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}"
121 - mountPath: /config-input
125 image: {{ include "repositoryGenerator.image.envsubst" . }}
126 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
127 name: {{ include "common.name" . }}-update-config
128 {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}}
132 {{ if .Values.dgbuilder.enabled -}}
134 - {{ include "common.mariadbService" . }}
136 - {{ include "common.fullname" . }}-dbinit-job
138 {{ if .Values.config.sdnr.enabled -}}
140 - {{ include "common.fullname" . }}-sdnrdb-init-job
147 fieldPath: metadata.namespace
148 image: {{ include "repositoryGenerator.image.readiness" . }}
149 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
150 name: {{ include "common.name" . }}-readiness
152 - name: {{ include "common.name" . }}-chown
153 image: {{ include "repositoryGenerator.image.busybox" . }}
159 mkdir {{ .Values.persistence.mdsalPath }}/journal
160 mkdir {{ .Values.persistence.mdsalPath }}/snapshots
161 mkdir {{ .Values.persistence.mdsalPath }}/daexim
162 chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
164 - mountPath: {{ .Values.persistence.mdsalPath }}
165 name: {{ include "common.fullname" . }}-data
167 - name: {{ include "common.name" . }}
168 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
169 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
170 {{- if .Values.global.cmpv2Enabled }}
171 {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }}
175 command: ["sh", "-c", {{$linkCommand | quote}} ]
177 command: ["/bin/bash"]
178 args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"]
180 - containerPort: {{ .Values.service.internalPort }}
181 - containerPort: {{ .Values.service.internalPort2 }}
182 - containerPort: {{ .Values.service.internalPort3 }}
183 - containerPort: {{ .Values.service.clusterPort }}
184 {{- if .Values.config.sdnr.netconfCallHome.enabled }}
185 - containerPort: {{ .Values.service.callHomePort }}
189 port: {{ .Values.service.internalPort }}
190 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
191 periodSeconds: {{ .Values.readiness.periodSeconds }}
193 {{ if and .Values.config.sdnr.enabled .Values.config.sdnr.sdnronly -}}
194 - name: MYSQL_ROOT_PASSWORD
195 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }}
197 - name: ODL_ADMIN_USERNAME
198 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
200 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
201 - name: ODL_ADMIN_PASSWORD
202 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
204 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
206 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
207 - name: SDNC_DB_PASSWORD
208 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
210 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
211 - name: MYSQL_PASSWORD
212 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
213 - name: MYSQL_DATABASE
214 value: "{{ .Values.config.dbSdnctlDatabase }}"
215 - name: SDNC_CONFIG_DIR
216 value: "{{ .Values.config.configDir }}"
217 - name: AAI_CLIENT_NAME
218 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 12 }}
219 - name: AAI_CLIENT_PASSWORD
220 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 12 }}
221 - name: AAI_TRUSTSTORE_PASSWORD
222 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 12 }}
223 - name: ANSIBLE_TRUSTSTORE_PASSWORD
224 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 12 }}
226 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 12 }}
228 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 12 }}
230 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 12 }}
231 - name: NENG_PASSWORD
232 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 12 }}
234 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 12 }}
236 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 12 }}
237 - name: HONEYCOMB_USER
238 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 12 }}
239 - name: HONEYCOMB_PASSWORD
240 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 12 }}
241 - name: TRUSTSTORE_PASSWORD
242 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
243 - name: KEYSTORE_PASSWORD
244 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
246 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 12 }}
247 - name: DMAAP_PASSWORD
248 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 12 }}
249 - name: DMAAP_AUTHKEY
250 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 12 }}
251 - name: ENABLE_ODL_CLUSTER
252 value: "{{ .Values.config.enableClustering }}"
253 - name: MY_ODL_CLUSTER
254 value: "{{ .Values.config.myODLCluster }}"
255 - name: PEER_ODL_CLUSTER
256 value: "{{ .Values.config.peerODLCluster }}"
257 - name: IS_PRIMARY_CLUSTER
258 value: "{{ .Values.config.isPrimaryCluster }}"
260 value: "{{ .Values.config.geoEnabled}}"
261 - name: SDNC_AAF_ENABLED
263 - name: SDNC_REPLICAS
264 value: "{{ .Values.replicaCount }}"
266 value: {{ include "common.mariadbService" . }}
268 value: {{ .Values.persistence.mdsalPath }}
270 value: {{ .Values.persistence.daeximPath }}
272 value: {{ .Values.persistence.journalPath }}
273 - name: SNAPSHOTS_PATH
274 value: {{ .Values.persistence.snapshotsPath }}
276 value: "{{ .Values.config.javaHome}}"
278 value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}"
279 - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
281 - name: KARAF_CONSOLE_LOG_LEVEL
282 value: "{{ include "common.log.level" . }}"
284 value: "{{ .Values.config.sdnr.enabled | default "false"}}"
285 {{- if eq .Values.config.sdnr.mode "web" }}
290 value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
292 value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
293 {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
294 - name: SDNRDBTRUSTALLCERTS
297 {{- if .Values.global.cmpv2Enabled }}
299 value: {{ (mustFirst (.Values.certificates)).mountPath }}
302 value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}"
303 - name: SDNR_NETCONF_CALLHOME_ENABLED
304 value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}"
305 - name: SDNR_VES_COLLECTOR_ENABLED
306 value: "{{ .Values.config.sdnr.vesCollector.enabled }}"
307 - name: SDNR_VES_COLLECTOR_TLS_ENABLED
308 value: "{{ .Values.config.sdnr.vesCollector.tls.enabled }}"
309 - name: SDNR_VES_COLLECTOR_TRUST_ALL_CERTS
310 value: "{{ .Values.config.sdnr.vesCollector.trustAllCertificates }}"
311 - name: SDNR_VES_COLLECTOR_IP
312 value: "{{ .Values.config.sdnr.vesCollector.address }}"
313 - name: SDNR_VES_COLLECTOR_PORT
314 value: "{{ .Values.config.sdnr.vesCollector.port }}"
315 - name: SDNR_VES_COLLECTOR_VERSION
316 value: "{{ .Values.config.sdnr.vesCollector.version | default "v7" }}"
317 - name: SDNR_VES_COLLECTOR_REPORTING_ENTITY_NAME
318 value: "{{ .Values.config.sdnr.vesCollector.reportingEntityName | default "ONAP SDN-R" }}"
319 - name: SDNR_VES_COLLECTOR_EVENTLOG_MSG_DETAIL
320 value: "{{ .Values.config.sdnr.vesCollector.eventLogMsgDetail | default "SHORT" }}"
321 - name: SDNR_VES_COLLECTOR_USERNAME
322 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "login") | indent 12 }}
323 - name: SDNR_VES_COLLECTOR_PASSWORD
324 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "password") | indent 12 }}
325 - name: SDNR_WEBSOCKET_PORT
326 value: "{{ .Values.sdnrWebsocketPort | default "8182"}}"
329 {{- if .Values.global.cmpv2Enabled }}
330 {{ include "common.certManager.volumeMounts" . | indent 10 }}
332 - mountPath: /etc/localtime
335 - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg
336 name: sdnc-logging-cfg-config
337 subPath: org.ops4j.pax.logging.cfg
338 - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
340 subPath: installSdncDb.sh
341 - mountPath: {{ .Values.config.binDir }}/createLinks.sh
343 subPath: createLinks.sh
344 - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
346 subPath: aaiclient.properties
347 - mountPath: {{ .Values.config.configDir }}/aaiclient.properties
349 subPath: aaiclient.properties
350 - mountPath: {{ .Values.config.configDir }}/dblib.properties
352 subPath: dblib.properties
353 - mountPath: {{ .Values.config.configDir }}/lcm-dg.properties
355 subPath: lcm-dg.properties
356 - mountPath: {{ .Values.config.configDir }}/svclogic.properties
358 subPath: svclogic.properties
359 - mountPath: /opt/onap/sdnc/svclogic/config/svclogic.properties
361 subPath: svclogic.properties
362 - mountPath: {{ .Values.config.configDir }}/netbox.properties
364 subPath: netbox.properties
365 - mountPath: {{ .Values.config.configDir }}/blueprints-processor-adaptor.properties
367 subPath: blueprints-processor-adaptor.properties
368 - mountPath: {{ .Values.persistence.mdsalPath }}
369 name: {{ include "common.fullname" . }}-data
370 - mountPath: {{ .Values.log.path }}
372 - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml
375 - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg
377 subPath: org.opendaylight.controller.cluster.datastore.cfg
378 - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.aaa.filterchain.cfg
380 subPath: org.opendaylight.aaa.filterchain.cfg
381 - mountPath: {{ .Values.config.odl.binDir }}/setenv
384 - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties
386 subPath: mountpoint-registrar.properties
387 - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
389 subPath: mountpoint-state-provider.properties
390 - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg
392 subPath: org.opendaylight.daexim.cfg
393 {{- if .Values.config.sdnr.oauth.enabled }}
394 - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json
396 subPath: oauth-provider.config.json
398 resources: {{ include "common.resources" . | nindent 12 }}
399 # side car containers
400 {{ include "common.log.sidecar" . | nindent 8 }}
401 {{- if .Values.nodeSelector }}
402 nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
404 {{- if .Values.affinity }}
405 affinity: {{ toYaml .Values.affinity | nindent 8 }}
408 - name: "{{ include "common.namespace" . }}-docker-registry-key"
409 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
416 {{ include "common.log.volumes" . | nindent 8 }}
417 - name: sdnc-logging-cfg-config
419 name: {{ include "common.fullname" . }}-log-configmap
422 name: {{ include "common.fullname" . }}-bin
426 name: {{ include "common.fullname" . }}-properties
431 {{ if not .Values.persistence.enabled }}
432 - name: {{ include "common.fullname" . }}-data
435 {{- if .Values.global.cmpv2Enabled }}
436 {{ include "common.certManager.volumes" . | nindent 8 }}
438 volumeClaimTemplates:
440 name: {{ include "common.fullname" . }}-data
442 name: {{ include "common.fullname" . }}
443 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
444 release: "{{ include "common.release" . }}"
445 heritage: "{{ .Release.Service }}"
448 - {{ .Values.persistence.accessMode }}
449 storageClassName: {{ include "common.storageClass" . }}
452 storage: {{ .Values.persistence.size }}