.. _deployment:
CPS Deployment
-==============
+##############
.. contents::
:depth: 2
CPS OOM Charts
---------------
+==============
The CPS kubernetes chart is located in the `OOM repository <https://github.com/onap/oom/tree/master/kubernetes/cps>`_.
This chart includes different cps components referred as <cps-component-name> further in the document are listed below:
Please refer to the `OOM documentation <https://docs.onap.org/projects/onap-oom/en/latest/oom_user_guide.html>`_ on how to install and deploy ONAP.
Installing or Upgrading CPS Components
---------------------------------------
+======================================
+
The assumption is you have cloned the charts from the OOM repository into a local directory.
**Step 1** Go to the cps charts and edit properties in values.yaml files to make any changes to particular cps component if required.
kubectl get pods -n <namespace> | grep <cps-component-name>
Restarting a faulty component
------------------------------
+=============================
Each cps component can be restarted independently by issuing the following command:
.. code-block:: bash
.. _cps_common_credentials_retrieval:
Credentials Retrieval
----------------------
+=====================
Application and database credentials are kept in Kubernetes secrets. They are defined as external secrets in the
values.yaml file to be used across different components as :
dev-cps-core-postgres-primary-f7766d46c-s9d5b 1/1 Running 0 24h
dev-cps-core-postgres-replica-84659d68f9-6qnt4 1/1 Running 0 24h
+.. note::
+ The CPS Service will have to be restarted each time a change is made to a configurable property.
-Additional Cps-Core Customizations
+Additional CPS-Core Customizations
==================================
The following table lists some properties that can be specified as Helm chart
-values to configure the application to be deployed. This list is not
-exhaustive.
+values to configure the application to be deployed. This list is not exhaustive.
+
+Any spring supported property can be configured by providing in ``config.additional.<spring-supported-property-name>: value`` Example: config.additional.spring.datasource.hikari.maximumPoolSize: 30
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| Property | Description | Default Value |
| | | |
| | See also :ref:`cps_common_credentials_retrieval`. | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.dmiPluginUserName | User name used by cps-core to authenticate themselves for using ncmp-dmi-plugin service. | ``dmiuser`` |
-+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.dmiPluginUserPassword | Internal password used by cps-core to connect to ncmp-dmi-plugin service. | Not defined |
-| | | |
-| | If not defined, the password is generated when deploying the application. | |
-| | | |
-| | See also :ref:`cps_common_credentials_retrieval`. | |
-+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| postgres.config.pgUserName | Internal user name used by cps-core to connect to its own database. | ``cps`` |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| postgres.config.pgUserPassword | Internal password used by cps-core to connect to its own database. | Not defined |
| logging.level | Logging level set in cps-core | info |
| | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.eventPublisher. | Kafka hostname and port | ``message-router-kafka:9092`` |
+| config.useStrimziKafka | If targeting a custom kafka cluster, ie useStrimziKakfa: false, the config.eventPublisher.spring.kafka | true |
+| | values must be set. | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.eventPublisher. | Kafka hostname and port | ``<kafka-bootstrap>:9092`` |
| spring.kafka.bootstrap-servers | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
| config.eventPublisher. | Kafka consumer client id | ``cps-core`` |
| spring.kafka.consumer.client-id | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security protocol. | ``PLAINTEXT`` |
+| config.eventPublisher. | Kafka security protocol. | ``SASL_PLAINTEXT`` |
| spring.kafka.security.protocol | Some possible values are: | |
| | | |
| | * ``PLAINTEXT`` | |
| | * ``SASL_PLAINTEXT``, for authentication | |
| | * ``SASL_SSL``, for authentication and encryption | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL mechanism. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
+| config.eventPublisher. | Kafka security SASL mechanism. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
| spring.kafka.properties. | Some possible values are: | |
| sasl.mechanism | | |
| | * ``PLAIN``, for PLAINTEXT | |
| | * ``SCRAM-SHA-512``, for SSL | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL JAAS configuration. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
+| config.eventPublisher. | Kafka security SASL JAAS configuration. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined |
| spring.kafka.properties. | Some possible values are: | |
| sasl.jaas.config | | |
| | * ``org.apache.kafka.common.security.plain.PlainLoginModule required username="..." password="...";``, | |
| | * ``org.apache.kafka.common.security.scram.ScramLoginModule required username="..." password="...";``, | |
| | for SSL | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL store type. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL store type. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.ssl.trust-store-type | Some possible values are: | |
| | | |
| | * ``JKS`` | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL store file location. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL store file location. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.ssl.trust-store-location | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL store password. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL store password. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.ssl.trust-store-password | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
-| config.publisher. | Kafka security SASL SSL broker hostname identification verification. Required for SASL_SSL protocol. | Not defined |
+| config.eventPublisher. | Kafka security SASL SSL broker hostname identification verification. Required for SASL_SSL protocol. | Not defined |
| spring.kafka.properties. | Possible value is: | |
| ssl.endpoint.identification.algorithm | | |
| | * ``""``, empty string to disable | |
| notification.async.executor. | | |
| thread-name-prefix | | |
+---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.additional. | Specifies number of database connections between database and application. | ``10`` |
+| spring.datasource.hikari. | This property controls the maximum size that the pool is allowed to reach, | |
+| maximumPoolSize | including both idle and in-use connections. | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+
+Additional CPS-NCMP Customizations
+==================================
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.dmiPluginUserName | User name used by cps-core to authenticate themselves for using ncmp-dmi-plugin service. | ``dmiuser`` |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.dmiPluginUserPassword | Internal password used by cps-core to connect to ncmp-dmi-plugin service. | Not defined |
+| | | |
+| | If not defined, the password is generated when deploying the application. | |
+| | | |
+| | See also :ref:`cps_common_credentials_retrieval`. | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
+| config.timers.advised-modules-sync | Specifies the delay in milliseconds in which the module sync watch dog will wake again after finishing. | ``30000`` |
+| .sleep-time-ms | | |
+| | | |
++---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+
CPS-Core Docker Installation
============================