- [resources,traversal,graphadmin] use 1.14.7 release images that are based on Java 11
- [babel] add metrics and tracing
- [babel] allow remote profiling and debugging
- [graphadmin] make graphadmin chart Kyverno compliant
- [graphadmin] replace fixed initialDelaySeconds wait invertal with dynamic startup probe
- [graphadmin] use actuator endpoint for liveness and readiness probe. Actuator still uses the old echo probe in the background
- [graphadmin] remove janusgraph-cached.properties since it effectively cannot be used
- [graphadmin] clean up janusgraph-realtime.properties
- [graphadmin] use common functions for readiness probe
- [graphadmin] remove LOCAL_USER_ID and LOCAL_GROUP_ID environment variables since they are not used (anymore)
- [modelloader] add metrics monitoring via prometheus
- [modelloader] allow remote profiling and debugging
- [sparky-be] use latest release image (2.0.5)
Other
- [sdc-be] declare ServiceMonitor to enable metrics monitoring via Prometheus
Issue-ID: AAI-3986
Change-Id: Ifbd52d0d019d34596f6f824aa940e9b7993336ab
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
apiVersion: v2
description: ONAP Active and Available Inventory
name: aai
-version: 14.0.2
+version: 14.0.3
dependencies:
- name: common
apiVersion: v2
description: Babel microservice
name: aai-babel
-version: 14.0.1
+version: 14.0.2
dependencies:
- name: common
{{/*
# Copyright © 2018 Amdocs, Bell Canada, AT&T
# Copyright © 2021 Orange
-# Modifications Copyright © 2023 Nordix Foundation
+# Modifications Copyright � 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
server.servlet.context-path=/services/babel-service
logging.config=${CONFIG_HOME}/logback.xml
tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json
+
+management.endpoints.web.exposure.include=*
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
selector: {{- include "common.selectors" . | nindent 4 }}
+ {{- if .Values.debug.enabled }}
+ replicas: 1
+ {{- else }}
replicas: {{ .Values.replicaCount }}
+ {{- end }}
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
strategy:
type: {{ .Values.updateStrategy.type }}
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports: {{ include "common.containerPorts" . | nindent 12 }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{ if .Values.liveness.enabled }}
+ ports:
+ {{- if .Values.debug.enabled }}
+ - containerPort: {{ .Values.debug.port }}
+ name: {{ .Values.debug.portName }}
+ {{- end }}
+ {{- if .Values.profiling.enabled }}
+ - containerPort: {{ .Values.profiling.port }}
+ name: {{ .Values.profiling.portName }}
+ {{- end }}
+ {{ include "common.containerPorts" . | nindent 12 }}
+ # disable liveness probe when
+ # debugging.enabled=true or profiling.enabled=true
+ {{- if and .Values.liveness.enabled (not (or .Values.debug.enabled .Values.profiling.enabled)) }}
livenessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
value: NotUsed
- name: CONFIG_HOME
value: /opt/app/babel/config
+ {{- if .Values.profiling.enabled }}
+ - name: JVM_OPTS
+ value: '{{ join " " .Values.profiling.args }}'
+ {{- end }}
+ {{- if .Values.debug.enabled }}
+ - name: JVM_OPTS
+ value: {{ .Values.debug.args | quote }}
+ {{- end }}
volumeMounts:
- mountPath: /opt/app/babel/config/application.properties
name: config
--- /dev/null
+{{- if .Values.metrics.serviceMonitor.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }}
#################################################################
# application image
-image: onap/babel:1.13.2
+image: onap/babel:1.13.3
flavor: small
flavorOverride: small
memory: "2Gi"
unlimited: {}
+tracing:
+ collector:
+ baseUrl: http://jaeger-collector.istio-system:9411
+ sampling:
+ probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%)
+
+# adds jvm args for remote debugging the application
+debug:
+ enabled: false
+ args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
+ port: 5005
+ portName: debug
+
+# adds jvm args for remote profiling the application
+profiling:
+ enabled: false
+ args:
+ - "-Dcom.sun.management.jmxremote"
+ - "-Dcom.sun.management.jmxremote.ssl=false"
+ - "-Dcom.sun.management.jmxremote.authenticate=false"
+ - "-Dcom.sun.management.jmxremote.local.only=false"
+ - "-Dcom.sun.management.jmxremote.port=9999"
+ - "-Dcom.sun.management.jmxremote.rmi.port=9999"
+ - "-Djava.rmi.server.hostname=127.0.0.1"
+ port: 9999
+ portName: jmx
+
+metrics:
+ serviceMonitor:
+ enabled: true
+ targetPort: 9516
+ path: /services/babel-service/actuator/prometheus
+ basicAuth:
+ enabled: false
+
#Pods Service Account
serviceAccount:
nameOverride: aai-babel
- name: serviceAccount
version: ~13.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~13.x-0
+ repository: '@local'
# JMS bind address host port
jms.bind.address=tcp://localhost:61649
-
# dmaap is deprecated now kafka is used
spring.kafka.producer.bootstrap-servers=${BOOTSTRAP_SERVERS}
spring.kafka.producer.properties.security.protocol=SASL_PLAINTEXT
aperture.service.timeout-in-milliseconds=300000
#To Expose the Prometheus scraping endpoint
-management.server.port=8448
+management.server.port={{ .Values.service.actuatorPort }}
management.endpoints.enabled-by-default=true
management.endpoints.web.exposure.include=info,health,prometheus
-endpoints.enabled=false
-management.security.enabled=false
\ No newline at end of file
+management.security.enabled=false
+++ /dev/null
-{{/*
-#
-# ============LICENSE_START=======================================================
-# org.onap.aai
-# ================================================================================
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-*/}}
-
-query.fast-property=true
-query.smart-limit=false
-
-{{ if .Values.global.config.cluster.cassandra.dynamic }}
-
-storage.backend=cql
-storage.hostname={{.Values.global.cassandra.serviceName}}
-storage.cql.keyspace=aaigraph
-storage.username={{.Values.global.cassandra.username}}
-storage.password={{.Values.global.cassandra.password}}
-
-storage.cql.read-consistency-level=LOCAL_QUORUM
-storage.cql.write-consistency-level=LOCAL_QUORUM
-storage.cql.replication-factor={{.Values.global.cassandra.replicas}}
-storage.cql.only-use-local-consistency-for-system-operations=true
-
-{{ else }}
-
-{{ if .Values.global.config.storage }}
-
-storage.backend={{ .Values.global.config.storage.backend }}
-
-{{ if eq .Values.global.config.storage.backend "cassandra" }}
-
-storage.hostname={{ .Values.global.config.storage.hostname }}
-storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
-
-storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
-storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
-storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
-storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
-storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
-
-storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
-cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
-log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
-
-{{ else if eq .Values.global.config.storage.backend "cql" }}
-
-storage.hostname={{ .Values.global.config.storage.hostname }}
-storage.cql.keyspace={{ .Values.global.config.storage.name }}
-
-storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
-storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
-storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
-
-storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
-storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
-storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
-
-storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
-cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
-log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
-
-{{ else if eq .Values.global.config.storage.backend "hbase" }}
-
-storage.hostname={{ .Values.global.config.storage.hostname }}
-storage.hbase.table={{ .Values.global.config.storage.name }}
-
-storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
-cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
-log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
-
-{{ end }}
-
-{{ end }}
-
-{{ end }}
-
-storage.lock.wait-time=300
-#caching on
-cache.db-cache = true
-cache.db-cache-clean-wait = 20
-cache.db-cache-time = 180000
-cache.db-cache-size = 0.3
-
-#load graphson file on startup
-load.snapshot.file=false
query.fast-property=true
query.smart-limit=false
-{{ if .Values.global.config.cluster.cassandra.dynamic }}
+{{- if .Values.global.config.cluster.cassandra.dynamic }}
storage.backend=cql
storage.hostname={{.Values.global.cassandra.serviceName}}
storage.cql.replication-factor={{.Values.global.cassandra.replicas}}
storage.cql.only-use-local-consistency-for-system-operations=true
-{{ if .Values.global.cassandra.partitionerName }}
+{{- if .Values.global.cassandra.partitionerName }}
storage.cql.partitioner-name={{ .Values.global.cassandra.partitionerName }}
-{{ end }}
+{{- end }}
{{- if .Values.config.janusgraph.cassandraDriver }}
storage.cql.internal.string-configuration = datastax-java-driver { {{ .Values.config.janusgraph.cassandraDriver.configuration }} }
{{- end }}
-{{ else }}
+{{- else -}}
-{{ if .Values.global.config.storage }}
+{{- if .Values.global.config.storage }}
storage.backend={{ .Values.global.config.storage.backend }}
-{{ if eq .Values.global.config.storage.backend "cql" }}
+{{- if eq .Values.global.config.storage.backend "cql" }}
storage.hostname={{ .Values.global.config.storage.hostname }}
storage.cql.keyspace={{ .Values.global.config.storage.name }}
-storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+storage.cql.local-datacenter={{ .Values.global.cassandra.localDataCenter }}
storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
-storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+storage.cql.local-datacenter={{ .Values.global.cassandra.localDataCenter }}
storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
-{{ else if eq .Values.global.config.storage.backend "hbase" }}
+{{- else if eq .Values.global.config.storage.backend "hbase" }}
storage.hostname={{ .Values.global.config.storage.hostname }}
storage.hbase.table={{ .Values.global.config.storage.name }}
cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
-{{ end }}
-
-{{ end }}
-
-{{ end }}
+{{- end }}
+{{- end }}
+{{- end }}
storage.lock.wait-time=300
# Setting db-cache to false ensure the fastest propagation of changes across servers
#load graphson file on startup
load.snapshot.file=false
-{{ if .Values.config.janusgraph.allowUpgrade }}
+{{- if .Values.config.janusgraph.allowUpgrade }}
graph.allow-upgrade=true
-{{ end }}
+{{- end }}
{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
---
apiVersion: v1
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ {{- if .Values.config.debug.enabled }}
+ replicas: 1
+ {{- else }}
replicas: {{ .Values.replicaCount }}
+ {{- end }}
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
minReadySeconds: {{ .Values.minReadySeconds }}
strategy:
spec:
hostname: aai-graphadmin
terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
- {{ if .Values.global.initContainers.enabled }}
+ {{- if .Values.global.initContainers.enabled }}
initContainers:
- - command:
- {{ if .Values.global.jobs.migration.enabled }}
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-aai-graphadmin-migration
- {{ else if .Values.global.jobs.createSchema.enabled }}
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
- {{ else }}
- - /app/ready.py
- args:
- - --service-name
- - {{ .Values.global.cassandra.serviceName }}
- - --service-name
- - aai-schema-service
- {{ end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- resources:
- limits:
- cpu: "100m"
- memory: "500Mi"
- requests:
- cpu: "3m"
- memory: "20Mi"
- {{ end }}
+ {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForWithCreateSchemaDisabled ) | indent 6 | trim}}
+ {{- end }}
+ {{ include "common.podSecurityContext" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{ include "common.containerSecurityContext" . | indent 8 | trim }}
env:
- - name: LOCAL_USER_ID
- value: {{ .Values.securityContext.user_id | quote }}
- - name: LOCAL_GROUP_ID
- value: {{ .Values.securityContext.group_id | quote }}
+ {{- if .Values.config.env }}
+ {{- range $key,$value := .Values.config.env }}
+ - name: {{ $key | upper | quote}}
+ value: {{ $value | quote}}
+ {{- end }}
+ {{- end }}
+ {{- if eq .Values.flavor "small" }}
+ - name: MAX_HEAP_SIZE
+ value: {{ .Values.small.maxHeapSize | quote }}
+ {{- else if eq .Values.flavor "large" }}
+ - name: MAX_HEAP_SIZE
+ value: {{ .Values.large.maxHeapSize | quote }}
+ {{- end }}
- name: INTERNAL_PORT_1
value: {{ .Values.service.appPort | quote }}
- name: INTERNAL_PORT_2
value: {{ .Values.service.debugPort | quote }}
- name: INTERNAL_PORT_3
- value: {{ .Values.service.internalPort3 | quote }}
+ value: {{ .Values.service.actuatorPort | quote }}
- name: BOOTSTRAP_SERVERS
value: {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
- name: JAAS_CONFIG
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
name: config
subPath: janusgraph-realtime.properties
- - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
- name: config
- subPath: janusgraph-cached.properties
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
name: properties
subPath: aaiconfig.properties
- mountPath: /opt/aai/logroot/AAI-RES
name: logs
+ - mountPath: /opt/app/aai-graphadmin/logs
+ name: script-logs
- mountPath: /opt/app/aai-graphadmin/resources/logback.xml
name: config
subPath: logback.xml
- mountPath: /opt/app/aai-graphadmin/resources/application.properties
name: properties
subPath: application.properties
+ - mountPath: /tmp
+ name: tmp-volume
ports:
- containerPort: {{ .Values.service.appPort }}
name: {{ .Values.service.appPortName }}
- containerPort: {{ .Values.service.profilingPort }}
name: {{ .Values.service.profilingPortName }}
{{- end }}
- - containerPort: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName3 }}
+ - containerPort: {{ .Values.service.actuatorPort }}
+ name: {{ .Values.service.actuatorPortName }}
lifecycle:
# wait for active requests (long-running tasks) to be finished
# Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
# debugging.enabled=true or profiling.enabled=true
{{- if and .Values.liveness.enabled (not (or .Values.config.debug.enabled .Values.config.profiling.enabled)) }}
livenessProbe:
- tcpSocket:
- port: {{ .Values.service.appPort }}
+ httpGet:
+ port: {{ .Values.service.actuatorPort }}
+ path: {{ .Values.liveness.path }}
+ {{- if .Values.liveness.initialDelaySeconds }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ {{- end }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end }}
+ {{- end }}
readinessProbe:
- tcpSocket:
- port: {{ .Values.service.appPort }}
+ httpGet:
+ port: {{ .Values.service.actuatorPort }}
+ path: {{ .Values.readiness.path }}
+ {{- if .Values.readiness.initialDelaySeconds }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ {{- end }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ startupProbe:
+ httpGet:
+ port: {{ .Values.service.actuatorPort }}
+ path: {{ .Values.startup.path }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
resources: {{ include "common.resources" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ include "common.log.sidecar" . | nindent 6 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
+ - name: tmp-volume
+ emptyDir: {}
- name: logs
emptyDir: {}
+ - name: script-logs
+ emptyDir: {}
{{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
- name: config
configMap:
name: {{ include "common.name" . }}
spec:
initContainers:
- {{ if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
+ {{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
- command:
- /bin/bash
- -c
- |
{{- if include "common.onServiceMesh" . }}
echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
- sh docker-entrypoint.sh dataSnapshot.sh;
+ bash docker-entrypoint.sh dataSnapshot.sh;
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
- env:
- - name: LOCAL_USER_ID
- value: {{ .Values.securityContext.user_id | quote }}
- - name: LOCAL_GROUP_ID
- value: {{ .Values.securityContext.group_id | quote }}
volumeMounts:
- mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots
name: snapshots
name: {{ include "common.name" . }}
spec:
initContainers:
- - command:
- - /app/ready.py
- args:
- - --service-name
- - {{ .Values.global.cassandra.serviceName }}
- - --service-name
- - aai-schema-service
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- resources:
- limits:
- cpu: "100m"
- memory: "500Mi"
- requests:
- cpu: "3m"
- memory: "20Mi"
+ {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForWithCreateSchemaDisabled) | indent 6 | trim }}
+ {{ include "common.podSecurityContext" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}-job
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{ include "common.containerSecurityContext" . | indent 8 | trim }}
command:
- sh
args:
sh docker-entrypoint.sh createDBSchema.sh;
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
env:
- - name: LOCAL_USER_ID
- value: {{ .Values.securityContext.user_id | quote }}
- - name: LOCAL_GROUP_ID
- value: {{ .Values.securityContext.group_id | quote }}
+ {{- if .Values.config.debug.enabled }}
+ - name: JVM_OPTS
+ value: {{ .Values.config.debug.args | quote }}
+ {{- end }}
+ ports:
+ {{- if .Values.config.debug.enabled }}
+ - containerPort: {{ .Values.service.debugPort }}
+ name: {{ .Values.service.debugPortName }}
+ {{- end }}
volumeMounts:
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
name: config
subPath: janusgraph-realtime.properties
- - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
- name: config
- subPath: janusgraph-cached.properties
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
name: properties
subPath: aaiconfig.properties
volumes:
{{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
- name: logs
- emptyDir: {}
+ emptyDir:
+ sizeLimit: 64Mi
- name: config
configMap:
name: {{ include "common.fullname" . }}
- -c
- |
sh docker-entrypoint.sh dataRestoreFromSnapshot.sh `ls -t /opt/app/aai-graphadmin/logs/data/dataSnapshots|head -1|awk -F".P" '{ print $1 }'`
- env:
- - name: LOCAL_USER_ID
- value: {{ .Values.securityContext.user_id | quote }}
- - name: LOCAL_GROUP_ID
- value: {{ .Values.securityContext.group_id | quote }}
volumeMounts:
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
name: config
subPath: janusgraph-realtime.properties
- mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots
name: snapshots
- - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
- name: config
- subPath: janusgraph-cached.properties
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
name: properties
subPath: aaiconfig.properties
echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
sh docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges ;
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
- env:
- - name: LOCAL_USER_ID
- value: {{ .Values.securityContext.user_id | quote }}
- - name: LOCAL_GROUP_ID
- value: {{ .Values.securityContext.group_id | quote }}
volumeMounts:
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
name: config
subPath: janusgraph-realtime.properties
- - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
- name: config
- subPath: janusgraph-cached.properties
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
name: properties
subPath: aaiconfig.properties
name: {{ include "common.name" . }}
spec:
initContainers:
- {{ if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
+ {{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
- command:
- /bin/bash
- -c
echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
sh docker-entrypoint.sh dataSnapshot.sh
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
- env:
- - name: LOCAL_USER_ID
- value: {{ .Values.securityContext.user_id | quote }}
- - name: LOCAL_GROUP_ID
- value: {{ .Values.securityContext.group_id | quote }}
volumeMounts:
- mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots
name: snapshots
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
name: {{ .Values.service.debugPortName }}
targetPort: {{ .Values.service.debugPortName }}
- - port: {{ .Values.service.internalPort3 }}
+ - port: {{ .Values.service.actuatorPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
- name: {{ .Values.service.portName3 }}
- targetPort: {{ .Values.service.portName3 }}
+ name: {{ .Values.service.actuatorPortName }}
+ targetPort: {{ .Values.service.actuatorPortName }}
{{- else -}}
- port: {{ .Values.service.appPort }}
name: {{ .Values.service.appPortName }}
- port: {{ .Values.service.debugPort }}
name: {{ .Values.service.debugPortName }}
targetPort: {{ .Values.service.debugPortName }}
- - port: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName3 }}
+ - port: {{ .Values.service.actuatorPort }}
+ name: {{ .Values.service.actuatorPortName }}
targetPort: {{ .Values.service.appPort }}
{{- end}}
selector:
clients: SDNC,-1|MSO,-1|SO,-1|robot-ete,-1
# application image
-image: onap/aai-graphadmin:1.14.6
+image: onap/aai-graphadmin:1.14.7
pullPolicy: Always
restartPolicy: Always
flavor: small
-flavorOverride: small
+
# default number of instances
replicaCount: 1
# config override for the cassandra driver
# see: https://docs.janusgraph.org/master/configs/configuration-reference/#storagecqlinternal
cassandraDriver:
- configuration: advanced.metadata.schema.debouncer.window = 1 second # Default maximum records to fix for the data grooming and dupeTool
+ configuration: advanced.metadata.schema.debouncer.window = 1 second
+ # Default maximum records to fix for the data grooming and dupeTool
maxFix:
dataGrooming: 150
dupeTool: 25
# probe configuration parameters
liveness:
- initialDelaySeconds: 60
- periodSeconds: 60
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: false
+ enabled: true
+ path: /actuator/health/liveness
+ periodSeconds: 10
readiness:
- initialDelaySeconds: 60
+ path: /actuator/health/readiness
periodSeconds: 10
+startup:
+ path: /actuator/health/liveness
+ failureThreshold: 60
+ periodSeconds: 5
+
+readinessCheck:
+ waitForWithCreateSchemaEnabled:
+ jobs:
+ - '{{ include "common.release" . }}-aai-graphadmin-create-db-schema'
+ waitForWithCreateSchemaDisabled:
+ services:
+ - '{{ .Values.global.cassandra.serviceName }}'
+ - aai-schema-service
+
service:
type: ClusterIP
# REST API port for the graphadmin microservice
debugPort: 5005
profilingPortName: jxm-9999
profilingPort: 9999
- portName3: http-graphadmin
- internalPort3: 8448
+ actuatorPortName: http-graphadmin
+ actuatorPort: 8448
terminationGracePeriodSeconds: 45
ingress:
memory: "8Gi"
requests:
cpu: "1"
- memory: "3.2Gi"
+ memory: "4Gi"
unlimited: {}
+# define the heap size for the JVM
+# according to the resource flavor
+small:
+ maxHeapSize: "1g"
+large:
+ maxHeapSize: "5g"
+
metrics:
serviceMonitor:
- enabled: false
+ enabled: true
targetPort: 8448
path: /actuator/prometheus
basicAuth:
# Not fully used for now
securityContext:
- user_id: 1000
- group_id: 1000
+ user_id: 65534
+ group_id: 65534
#Pods Service Account
serviceAccount:
log:
path: /var/log/onap
level:
- root: DEBUG
- base: DEBUG
+ root: INFO
+ base: INFO
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
#DupeTool cronjob parameters
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ {{- if .Values.debug.enabled }}
+ replicas: 1
+ {{- else }}
replicas: {{ .Values.replicaCount }}
+ {{- end }}
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
strategy:
type: {{ .Values.updateStrategy.type }}
secretKeyRef:
name: {{ include "common.name" . }}-ku
key: sasl.jaas.config
+ {{- if .Values.profiling.enabled }}
+ - name: JVM_ARGS
+ value: '{{ join " " .Values.profiling.args }}'
+ {{- end }}
+ {{- if .Values.debug.enabled }}
+ - name: JVM_ARGS
+ value: {{ .Values.debug.args | quote }}
+ {{- end }}
+ ports:
+ - containerPort: 9500
+ name: http
+ {{- if .Values.debug.enabled }}
+ - containerPort: {{ .Values.debug.port }}
+ name: {{ .Values.debug.portName }}
+ {{- end }}
+ {{- if .Values.profiling.enabled }}
+ - containerPort: {{ .Values.profiling.port }}
+ name: {{ .Values.profiling.portName }}
+ {{- end }}
volumeMounts:
- mountPath: /opt/app/model-loader/config/model-loader.properties
subPath: model-loader.properties
--- /dev/null
+{{/*
+# Copyright © 2024 Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if .Values.metrics.podMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+ name: {{ include "common.fullname" . }}
+ labels:
+ {{- include "common.labels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ podMetricsEndpoints:
+ - port: {{ .Values.metrics.podMonitor.port }}
+ path: {{ .Values.metrics.podMonitor.path }}
+ namespaceSelector:
+ matchNames:
+ - {{ .Release.Namespace }}
+{{- end }}
nodePortPrefix: 302
# application image
-image: onap/model-loader:1.14.1
+image: onap/model-loader:1.14.2
pullPolicy: Always
restartPolicy: Always
flavor: small
maxUnavailable: 0
maxSurge: 1
+# adds jvm args for remote debugging the application
+debug:
+ enabled: false
+ args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
+ port: 5005
+ portName: debug
+
+# adds jvm args for remote profiling the application
+profiling:
+ enabled: false
+ args:
+ - "-Dcom.sun.management.jmxremote"
+ - "-Dcom.sun.management.jmxremote.ssl=false"
+ - "-Dcom.sun.management.jmxremote.authenticate=false"
+ - "-Dcom.sun.management.jmxremote.local.only=false"
+ - "-Dcom.sun.management.jmxremote.port=9999"
+ - "-Dcom.sun.management.jmxremote.rmi.port=9999"
+ - "-Djava.rmi.server.hostname=127.0.0.1"
+ port: 9999
+ portName: jmx
+
+
nodeSelector: {}
affinity: {}
ignorePatterns:
- /aai/util.*
+metrics:
+ podMonitor:
+ enabled: true
+ port: http
+ path: /actuator/prometheus
+
#Pods Service Account
serviceAccount:
nameOverride: aai-modelloader
url: external-system
# application image
-image: onap/aai-resources:1.14.6
+image: onap/aai-resources:1.14.7
pullPolicy: Always
restartPolicy: Always
flavor: small
serviceName: aai-search-data
# application image
-image: onap/sparky-be:2.0.3
+image: onap/sparky-be:2.0.5
pullPolicy: Always
restartPolicy: Always
flavor: small
someConfig: random
# application image
-image: onap/aai-traversal:1.14.6
+image: onap/aai-traversal:1.14.7
pullPolicy: Always
restartPolicy: Always
flavor: small
--- /dev/null
+{{- if .Values.metrics.serviceMonitor.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }}
\ No newline at end of file
memory: "6Gi"
unlimited: {}
+metrics:
+ serviceMonitor:
+ enabled: true
+ targetPort: 8080
+ path: /sdc2/rest/actuator/prometheus
+ basicAuth:
+ enabled: false
+
#Pods Service Account
serviceAccount:
nameOverride: sdc-be
Code Review / oom.git / commitdiff