# Application configuration defaults.
#################################################################
# application image
-image: onap/ccsdk-blueprintsprocessor:1.1.4
+image: onap/ccsdk-blueprintsprocessor:1.1.5
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: onap/ccsdk-commandexecutor:1.1.4
+image: onap/ccsdk-commandexecutor:1.1.5
pullPolicy: Always
# application configuration
# Application configuration defaults.
#################################################################
# application image
-image: onap/ccsdk-py-executor:1.1.4
+image: onap/ccsdk-py-executor:1.1.5
pullPolicy: Always
# default number of instances
# Application configuration defaults.
#################################################################
# application image
-image: onap/ccsdk-sdclistener:1.1.4
+image: onap/ccsdk-sdclistener:1.1.5
name: sdc-listener
pullPolicy: Always
{{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
# application image
-image: onap/ccsdk-cds-ui-server:1.1.4
+image: onap/ccsdk-cds-ui-server:1.1.5
pullPolicy: Always
# application configuration
Policy-sync sidecar polls PolicyEngine (PDP) periodically based
on .Values.policies.duration and configuration retrieved is shared with
DCAE Microservice container by common volume. Policy can be retrieved based on
-list of policyID or filter
+list of policyID or filter. An optional policyRelease parameter can be specified
+to override the default policy helm release (used for retreiving the secret containing
+pdp username and password)
+
+Following is example policy config override
+
+dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
+policies:
+ duration: 300
+ policyRelease: "onap"
+ policyID: |
+ '["onap.vfirewall.tca","onap.vdns.tca"]'
*/}}
{{- define "dcaegen2-services-common.microserviceDeployment" -}}
{{- $logDir := default "" .Values.logDirectory -}}
{{- $certDir := default "" .Values.certDirectory . -}}
{{- $tlsServer := default "" .Values.tlsServer -}}
-{{- $policy := default "" .Values.policies -}}
+{{- $commonRelease := print (include "common.release" .) -}}
+{{- $policy := default dict .Values.policies -}}
+{{- $policyRls := default $commonRelease $policy.policyRelease -}}
{{- $drFeedConfig := default "" .Values.drFeedConfig -}}
apiVersion: apps/v1
- name: POLICY_SYNC_PDP_USER
valueFrom:
secretKeyRef:
- name: onap-policy-xacml-pdp-api-creds
+ name: {{ $policyRls }}-policy-xacml-pdp-api-creds
key: login
- name: POLICY_SYNC_PDP_PASS
valueFrom:
secretKeyRef:
- name: onap-policy-xacml-pdp-api-creds
+ name: {{ $policyRls }}-policy-xacml-pdp-api-creds
key: password
- name: POLICY_SYNC_PDP_URL
value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.6.1
+image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.0
pullPolicy: Always
# log directory where logging sidecar should look for log files
aai.aaiClientConfiguration.aaiIgnoreSslCertificateErrors: true
aai.aaiClientConfiguration.aaiBasePath: "/aai/v23"
aai.aaiClientConfiguration.aaiPnfPath: "/network/pnfs/pnf"
- aai.aaiClientConfiguration.aaiServiceInstancePath: "/business/customers/customer/$${undefined}{customer}/service-subscriptions/service-subscription/$${undefined}{serviceType}/service-instances/service-instance/$${undefined}{serviceInstanceId}"
+ aai.aaiClientConfiguration.aaiServiceInstancePath: "/business/customers/customer/{{customer}}/service-subscriptions/service-subscription/{{serviceType}}/service-instances/service-instance/{{serviceInstanceId}}"
aai.aaiClientConfiguration.aaiHeaders:
X-FromAppId: "prh"
X-TransactionId: "9999"
#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
#policies:
# duration: 300
+# policyRelease: "onap"
# policyID: |
-# '["onap.vfirewall.tca","abc"]'
+# '["onap.vfirewall.tca","onap.vdns.tca"]'
# filter: |
# '["DCAE.Config_vfirewall_.*"]'
disableNfsProvisioner: true
# application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.3.2
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.3.3
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
componentImages:
tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.0
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.6.1
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.0
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.0
# Resource Limit flavor -By Default using small
- name: serviceAccount
version: ~8.x-0
repository: '@local'
+ - name: certInitializer
+ version: ~8.x-0
+ repository: '@local'
CadiEnabled = false
#
# AAF Props file path
-AAFPropsFilePath = {{ .Values.aafConfig.credsPath }}/org.onap.dmaap-dr.props
+AAFPropsFilePath = {{ .Values.certInitializer.credsPath }}/org.onap.dmaap-dr.props
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }}
- name: {{ include "common.name" . }}-readiness
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config" . | nindent 8 }}{{ end }}
- name: {{ include "common.name" . }}-permission-fixer
image: {{ include "repositoryGenerator.image.busybox" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: {{ .Values.persistence.spool.path }}
name: {{ include "common.fullname" . }}-spool
- mountPath: {{ .Values.persistence.event.path }}
port: {{.Values.readiness.port}}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: {{ .Values.persistence.spool.path }}
name: {{ include "common.fullname" . }}-spool
- mountPath: {{ .Values.persistence.event.path }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }}
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
persistence: {}
aafEnabled: true
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: dmaap-dr-node-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: dmaap-dr-node
+ fqi: dmaap-dr-node@dmaap-dr.onap.org
+ public_fqdn: dmaap-dr.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop
+ echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop
+
#################################################################
# Application configuration defaults.
#################################################################
labels:
app.kubernetes.io/component: event-logs
-#################################################################
-# AAF part
-#################################################################
-aafConfig:
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: dmaap-dr-node
- fqi: dmaap-dr-node@dmaap-dr.onap.org
- public_fqdn: dmaap-dr.onap.org
- cadi_longitude: 0.0
- cadi_latitude: 0.0
- app_ns: org.osaaf.aaf
- permission_user: 1000
- permission_group: 1001
- secret_uid: &aaf_secret_uid dmaap-dr-node-aaf-deploy-creds
- credsPath: /opt/app/osaaf/local
-
#################################################################
# Secrets metaconfig
#################################################################
-secrets:
- - uid: *aaf_secret_uid
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafConfig.aafDeployFqi }}'
- password: '{{ .Values.aafConfig.aafDeployPass }}'
- passwordPolicy: required
+secrets: {}
ingress:
enabled: false
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 8 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
cpu: 1
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: sdnc-dmaap-listener
+ roles:
+ - read
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 8 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
cpu: 1
memory: 1Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: sdnc-ansible-server
+ roles:
+ - read
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 8 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
enabled: false
resources: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: sdnc-prom
+ roles:
+ - read
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 8 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
cpu: 1
memory: 1Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: sdnc-web
+ roles:
+ - read
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 8 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
cpu: 1
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: sdnc-ueb-listener
+ roles:
+ - read
+
# Copyright © 2017 Amdocs, Bell Canada,
# Copyright © 2020 highstreet technologies GmbH
# Copyright © 2021 Nokia
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
dependencies:
- name: common
version: ~8.x-0
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
mountSubPath: sdnc/mdsal
mdsalPath: /opt/opendaylight/mdsal
daeximPath: /opt/opendaylight/mdsal/daexim
- journalPath: /opt/opendaylight/journal
+ journalPath: /opt/opendaylight/segmented-journal
snapshotsPath: /opt/opendaylight/snapshots
certpersistence:
cpu: 2
memory: 4Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: sdnc
+ roles:
+ - read
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/bpmn-infra:1.8.2
+image: onap/so/bpmn-infra:1.9.0
pullPolicy: Always
db:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/catalog-db-adapter:1.8.2
+image: onap/so/catalog-db-adapter:1.9.0
pullPolicy: Always
db:
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
+multicloud:
+ endpoint: http://multicloud-k8s.{{ include "common.namespace" . }}:9015
mso:
site-name: localSite
logPath: ./logs/cnf-adapter
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.8.2
+image: onap/so/openstack-adapter:1.9.0
pullPolicy: Always
db:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/request-db-adapter:1.8.2
+image: onap/so/request-db-adapter:1.9.0
pullPolicy: Always
db:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/sdc-controller:1.8.2
+image: onap/so/sdc-controller:1.9.0
pullPolicy: Always
db:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/sdnc-adapter:1.8.2
+image: onap/so/sdnc-adapter:1.9.0
pullPolicy: Always
org:
userName: so_user
adminName: so_admin
-image: onap/so/api-handler-infra:1.8.2
+image: onap/so/api-handler-infra:1.9.0
server:
aaf:
Code Review / oom.git / commitdiff