Code Review / oom.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 5d3c01e)
[CPS] Update cps-and-ncmp and dmi-plugin image 23/134123/14
authormpriyank <priyank.maheshwari@est.tech>
Thu, 13 Apr 2023 15:27:25 +0000 (16:27 +0100)
committerPriyank Maheshwari <priyank.maheshwari@est.tech>
Thu, 20 Apr 2023 16:09:24 +0000 (16:09 +0000)
- updating cps-and-ncmp docker image to 3.2.6
- updating ncmp-dmi-plugin docker image to 1.3.0 and adding JAAS config
- temporarily removing the faulty link

Issue-ID: CPS-1589
Change-Id: Ia57af84137b02a090191cb29c66bd6cdf85f7aeb
Signed-off-by: mpriyank <priyank.maheshwari@est.tech>
docs/sections/guides/infra_guides/oom_base_optional_addons.rst patch | blob | history
kubernetes/cps/components/cps-core/values.yaml patch | blob | history
kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml patch | blob | history
kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml patch | blob | history
kubernetes/cps/components/ncmp-dmi-plugin/templates/kafkauser.yaml [new file with mode: 0644] patch | blob
kubernetes/cps/components/ncmp-dmi-plugin/values.yaml patch | blob | history

diff --git a/docs/sections/guides/infra_guides/oom_base_optional_addons.rst b/docs/sections/guides/infra_guides/oom_base_optional_addons.rst
index c98a388..713aec6 100644 (file)
--- a/docs/sections/guides/infra_guides/oom_base_optional_addons.rst
+++ b/docs/sections/guides/infra_guides/oom_base_optional_addons.rst
@@ -6,7 +6,6 @@
 .. Links
 .. _Prometheus stack README: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#readme
 .. _ONAP Next Generation Security & Logging Structure: https://wiki.onap.org/pages/viewpage.action?pageId=103417456
 .. Links
 .. _Prometheus stack README: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#readme
 .. _ONAP Next Generation Security & Logging Structure: https://wiki.onap.org/pages/viewpage.action?pageId=103417456
-.. _Istio best practices: https://docs.solo.io/gloo-mesh-enterprise/latest/setup/prod/namespaces/
 .. _Istio setup guide: https://istio.io/latest/docs/setup/install/helm/
 .. _Kiali setup guide: https://kiali.io/docs/installation/installation-guide/example-install/
 .. _Kserve setup guide: https://kserve.github.io/website/0.10/admin/kubernetes_deployment/
 .. _Istio setup guide: https://istio.io/latest/docs/setup/install/helm/
 .. _Kiali setup guide: https://kiali.io/docs/installation/installation-guide/example-install/
 .. _Kserve setup guide: https://kserve.github.io/website/0.10/admin/kubernetes_deployment/
@@ -58,7 +57,7 @@ ONAP on Service Mesh
 
 ONAP is currenty planned to support Istio as default ServiceMesh platform.
 Therefor the following instructions describe the setup of Istio and required tools.
 
 ONAP is currenty planned to support Istio as default ServiceMesh platform.
 Therefor the following instructions describe the setup of Istio and required tools.
-Used `Istio best practices`_ and `Istio setup guide`_
+Used `Istio setup guide`_
 
 .. _oom_base_optional_addons_istio_installation:
 
 
 .. _oom_base_optional_addons_istio_installation:
 
diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml
index 7bdb79d..e5c062c 100644 (file)
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -68,7 +68,7 @@ global:
     container:
       name: postgres
 
     container:
       name: postgres
 
-image: onap/cps-and-ncmp:3.2.1
+image: onap/cps-and-ncmp:3.2.6
 containerPort: &svc_port 8080
 managementPort: &mgt_port 8081
 
 containerPort: &svc_port 8080
 managementPort: &mgt_port 8081
 
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml
index 1c15a2d..7d764bf 100644 (file)
--- a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml
@@ -49,9 +49,12 @@ logging:
       onap:
         cps: {{ .Values.logging.cps }}
 
       onap:
         cps: {{ .Values.logging.cps }}
 
+{{- with (first .Values.kafkaUser.acls) }}
+spring.kafka.consumer.group-id: {{ .name }}
+{{- end }}
 spring.kafka.bootstrap-servers: {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
 spring.kafka.security.protocol: SASL_PLAINTEXT
 spring.kafka.bootstrap-servers: {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
 spring.kafka.security.protocol: SASL_PLAINTEXT
-spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+spring.kafka.properties.sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
 spring.kafka.properties.sasl.jaas.config: ${SASL_JAAS_CONFIG}
 
 {{- if .Values.config.additional }}
 spring.kafka.properties.sasl.jaas.config: ${SASL_JAAS_CONFIG}
 
 {{- if .Values.config.additional }}
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml
index 3d154db..4ff2851 100644 (file)
--- a/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml
@@ -60,6 +60,11 @@ spec:
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-core-creds" "key" "login") | indent 12 }}
           - name: CPS_CORE_PASSWORD
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-core-creds" "key" "password") | indent 12 }}
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-core-creds" "key" "login") | indent 12 }}
           - name: CPS_CORE_PASSWORD
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-core-creds" "key" "password") | indent 12 }}
+          - name: SASL_JAAS_CONFIG
+            valueFrom:
+              secretKeyRef:
+                name: {{ include "common.name" . }}-ku
+                key: sasl.jaas.config
         volumeMounts:
           - mountPath: /config-input
             name: init-data-input
         volumeMounts:
           - mountPath: /config-input
             name: init-data-input
@@ -90,6 +95,11 @@ spec:
         env:
           - name: SPRING_PROFILES_ACTIVE
             value: {{ .Values.config.spring.profile }}
         env:
           - name: SPRING_PROFILES_ACTIVE
             value: {{ .Values.config.spring.profile }}
+          - name: SASL_JAAS_CONFIG
+            valueFrom:
+              secretKeyRef:
+                name: {{ include "common.name" . }}-ku
+                key: sasl.jaas.config
         resources: {{ include "common.resources" . | nindent 10 }}
         {{- if .Values.nodeSelector }}
         nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }}
         resources: {{ include "common.resources" . | nindent 10 }}
         {{- if .Values.nodeSelector }}
         nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }}
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/kafkauser.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/kafkauser.yaml
new file mode 100644 (file)
index 0000000..708e99d
--- /dev/null
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/kafkauser.yaml
@@ -0,0 +1,16 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.kafkauser" . }}
\ No newline at end of file
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
index 44f11f5..59a6490 100644 (file)
--- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
@@ -47,7 +47,7 @@ global:
     virtualhost:
       baseurl: "simpledemo.onap.org"
 
     virtualhost:
       baseurl: "simpledemo.onap.org"
 
-image: onap/ncmp-dmi-plugin:1.2.2
+image: onap/ncmp-dmi-plugin:1.3.0
 containerPort: &svc_port 8080
 managementPort: &mgt_port 8081
 
 containerPort: &svc_port 8080
 managementPort: &mgt_port 8081
 
@@ -177,3 +177,20 @@ updateStrategy:
   type: RollingUpdate
   maxUnavailable: 0
   maxSurge: 1
   type: RollingUpdate
   maxUnavailable: 0
   maxSurge: 1
+
+# Strimzi KafkaUser config
+kafkaUser:
+  authenticationType: scram-sha-512
+  acls:
+    - name: ncmp-dmi-plugin-group
+      type: group
+      operations: [Read]
+    - name: ncmp-dmi-cm-avc-subscription-ncmp-dmi-plugin
+      type: topic
+      operations: [Read]
+    - name: dmi-ncmp-cm-avc-subscription
+      type: topic
+      operations: [Write]
+    - name: ncmp-async-m2m
+      type: topic
+      operations: [Write]
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).