.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright (C) 2021 Nordix Foundation
+.. Copyright (C) 2021-2022 Nordix Foundation
.. Modifications Copyright (C) 2021 Bell Canada.
.. DO NOT CHANGE THIS LABEL FOR RELEASE NOTES - EVEN THOUGH IT GIVES A WARNING
.. _deployment:
CPS Deployment
-==============
+##############
.. contents::
:depth: 2
CPS OOM Charts
---------------
+==============
The CPS kubernetes chart is located in the `OOM repository <https://github.com/onap/oom/tree/master/kubernetes/cps>`_.
This chart includes different cps components referred as <cps-component-name> further in the document are listed below:
.. container:: ulist
- - `cps-core <https://github.com/onap/oom/tree/master/kubernetes/cps/components/cps-core>`_
- - `cps-temporal <https://github.com/onap/oom/tree/master/kubernetes/cps/components/cps-temporal>`_
- - `ncmp-dmi-plugin <https://github.com/onap/oom/tree/master/kubernetes/cps/components/ncmp-dmi-plugin>`_
+ - `cps-core <https://github.com/onap/oom/tree/master/kubernetes/cps/components/cps-core>`__
+ - `cps-temporal <https://github.com/onap/oom/tree/master/kubernetes/cps/components/cps-temporal>`__
+ - `ncmp-dmi-plugin <https://github.com/onap/oom/tree/master/kubernetes/cps/components/ncmp-dmi-plugin>`__
-Please refer to the `OOM documentation <https://docs.onap.org/projects/onap-oom/en/latest/oom_user_guide.html>`_ on how to install and deploy ONAP.
+Please refer to the `OOM documentation <https://docs.onap.org/projects/onap-oom/en/latest/sections/guides/user_guides/oom_user_guide.html>`_ on how to install and deploy ONAP.
Installing or Upgrading CPS Components
---------------------------------------
+======================================
+
The assumption is you have cloned the charts from the OOM repository into a local directory.
**Step 1** Go to the cps charts and edit properties in values.yaml files to make any changes to particular cps component if required.
kubectl get pods -n <namespace> | grep <cps-component-name>
Restarting a faulty component
------------------------------
+=============================
Each cps component can be restarted independently by issuing the following command:
.. code-block:: bash
.. _cps_common_credentials_retrieval:
Credentials Retrieval
----------------------
+=====================
Application and database credentials are kept in Kubernetes secrets. They are defined as external secrets in the
values.yaml file to be used across different components as :
dev-cps-core-postgres-primary-f7766d46c-s9d5b 1/1 Running 0 24h
dev-cps-core-postgres-replica-84659d68f9-6qnt4 1/1 Running 0 24h
+.. note::
+ The CPS Service will have to be restarted each time a change is made to a configurable property.
-Additional Cps-Core Customizations
+Additional CPS-Core Customizations
==================================
The following table lists some properties that can be specified as Helm chart
-values to configure the application to be deployed. This list is not
-exhaustive.
+values to configure the application to be deployed. This list is not exhaustive.
+
+Any spring supported property can be configured by providing in ``config.additional.<spring-supported-property-name>: value`` Example: config.additional.spring.datasource.hikari.maximumPoolSize: 30
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| Property | Description | Default Value |
| | | |
| | If not defined, the password is generated when deploying the application. | |
| | | |
-| | See also :ref:`credentials_retrieval`. | |
-+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.dmiPluginUserName | User name used by cps-core to authenticate themselves for using ncmp-dmi-plugin service. | ``dmiuser`` |
-+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.dmiPluginUserPassword | Internal password used by cps-core to connect to ncmp-dmi-plugin service. | Not defined |
-| | | |
-| | If not defined, the password is generated when deploying the application. | |
-| | | |
-| | See also :ref:`credentials_retrieval`. | |
+| | See also :ref:`cps_common_credentials_retrieval`. | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| postgres.config.pgUserName | Internal user name used by cps-core to connect to its own database. | ``cps`` |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| | | |
| | If not defined, the password is generated when deploying the application. | |
| | | |
-| | See also :ref:`credentials_retrieval`. | |
+| | See also :ref:`cps_common_credentials_retrieval`. | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| postgres.config.pgDatabase | Database name used by cps-core | ``cpsdb`` |
| | | |
| logging.level | Logging level set in cps-core | info |
| | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.eventPublisher. | Kafka hostname and port | ``message-router-kafka:9092`` |
+| config.useStrimziKafka | If targeting a custom kafka cluster, ie useStrimziKafka: false, the config.eventPublisher.spring.kafka | true |
+| | values below must be set. | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.eventPublisher. | Kafka hostname and port | ``<kafka-bootstrap>:9092`` |
| spring.kafka.bootstrap-servers | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| config.eventPublisher. | Kafka consumer client id | ``cps-core`` |
| spring.kafka.consumer.client-id | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security protocol. | ``PLAINTEXT`` |
+| config.eventPublisher. | Kafka security protocol. | ``SASL_PLAINTEXT`` |
| spring.kafka.security.protocol | Some possible values are: | |
| | | |
| | * ``PLAINTEXT`` | |
| | * ``SASL_PLAINTEXT``, for authentication | |
| | * ``SASL_SSL``, for authentication and encryption | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL mechanism. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
+| config.eventPublisher. | Kafka security SASL mechanism. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
| spring.kafka.properties. | Some possible values are: | |
| sasl.mechanism | | |
| | * ``PLAIN``, for PLAINTEXT | |
| | * ``SCRAM-SHA-512``, for SSL | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL JAAS configuration. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
+| config.eventPublisher. | Kafka security SASL JAAS configuration. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
| spring.kafka.properties. | Some possible values are: | |
| sasl.jaas.config | | |
| | * ``org.apache.kafka.common.security.plain.PlainLoginModule required username="..." password="...";``, | |
| | * ``org.apache.kafka.common.security.scram.ScramLoginModule required username="..." password="...";``, | |
| | for SSL | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL store type. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL store type. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.ssl.trust-store-type | Some possible values are: | |
| | | |
| | * ``JKS`` | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL store file location. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL store file location. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.ssl.trust-store-location | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL store password. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL store password. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.ssl.trust-store-password | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL broker hostname identification verification. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL broker hostname identification verification. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.properties. | Possible value is: | |
| ssl.endpoint.identification.algorithm | | |
| | * ``""``, empty string to disable | |
| config.additional. | Kafka topic to publish to cps-temporal | ``cps.data-updated-events`` |
| notification.data-updated.topic | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.additional. | If notification from cps-core to cps-temporal is enabled or not. | ``true`` |
-| notification.data-updated.enabled | If this is set to false, then the config.publisher properties could be skipped. | |
-+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.additional. | Dataspaces to be enabled for publishing events to cps-temporal | ```` |
-| notification.data-updated.filters. | | |
+| config.additional. | Array of dataspaces to be enabled for publishing events to cps-temporal | [] |
+| notification.data-updated.filters. | If left blank CPS-Temporal notification will be sent for all dataspaces | |
| enabled-dataspaces | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.additional. | If notifications should be processed in synchronous or asynchronous manner | ``false`` |
-| notification.async.enabled | | |
+| config.additional. | If asynchronous messaging, user notifications, and updated event persistence should be enabled | ``true`` |
+| notification.data-updated.enabled | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| config.additional. | Core pool size in asynchronous execution of notification. | ``2`` |
| notification.async.executor. | | |
| notification.async.executor. | | |
| wait-for-tasks-to-complete-on-shutdown| | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.additional. | Prefix to be added to the thread name in asynchronous execution of notifications. | ``async_`` |
+| config.additional. | Prefix to be added to the thread name in asynchronous execution of notifications. | ``Async-`` |
| notification.async.executor. | | |
| thread-name-prefix | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.additional. | Specifies number of database connections between database and application. | ``10`` |
+| spring.datasource.hikari. | This property controls the maximum size that the pool is allowed to reach, | |
+| maximumPoolSize | including both idle and in-use connections. | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+
+.. _additional-cps-ncmp-customizations:
+
+Additional CPS-NCMP Customizations
+==================================
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.dmiPluginUserName | User name used by cps-core to authenticate themselves for using ncmp-dmi-plugin service. | ``dmiuser`` |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.dmiPluginUserPassword | Internal password used by cps-core to connect to ncmp-dmi-plugin service. | Not defined |
+| | | |
+| | If not defined, the password is generated when deploying the application. | |
+| | | |
+| | See also :ref:`cps_common_credentials_retrieval`. | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.ncmp.timers | Specifies the delay in milliseconds in which the module sync watch dog will wake again after finishing. | ``30000`` |
+| .advised-modules-sync.sleep-time-ms | | |
+| | | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.ncmp.timers | Specifies the delay in milliseconds in which the retry mechanism watch dog | |
+| .locked-modules-sync.sleep-time-ms | will wake again after finishing. | ``300000`` |
+| | | |
+| | | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.ncmp.timers | Specifies the delay in milliseconds in which the data sync watch dog will wake again after finishing. | ``30000`` |
+| .cm-handle-data-sync.sleep-time-ms | | |
+| | | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
CPS-Core Docker Installation
============================