.. This work is licensed under a Creative Commons Attribution 4.0
.. International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018 Amdocs, Bell Canada
+.. Copyright 2019 Amdocs, Bell Canada
.. Links
-.. _Microsoft Azure: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Microsoft+Azure
-.. _Amazon AWS: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Amazon+EC2
-.. _Google GCE: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Google+Compute+Engine
+.. _Microsoft Azure: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-MicrosoftAzure
+.. _Amazon AWS: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-AmazonAWS
+.. _Google GCE: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-GoogleGCE
.. _VMware VIO: https://wiki.onap.org/display/DW/ONAP+on+VMware+Integrated+OpenStack+-+Container+Orchestration
.. _OpenStack: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+OpenStack?src=contextnavpagetreemode
-.. _Setting Up Kubernetes with Rancher: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Rancher
+.. _Setting Up Kubernetes with Rancher: https://wiki.onap.org/display/DW/Cloud+Native+Deployment
.. _Setting Up Kubernetes with Kubeadm: https://wiki.onap.org/display/DW/Deploying+Kubernetes+Cluster+with+kubeadm
-.. _Setting Up Kubernetes with Cloudify: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Cloudify
-.. _ONAP on Kubernetes Wiki: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes
+.. _Cloud Native Deployment Wiki: https://wiki.onap.org/display/DW/Cloud+Native+Deployment
+.. _ONAP Development - 110 pod limit Wiki: https://wiki.onap.org/display/DW/ONAP+Development#ONAPDevelopment-Changemax-podsfromdefault110podlimit
.. figure:: oomLogoV2-medium.png
:align: right
============== =========== ===== ======== ========
amsterdam 1.7.x 2.3.x 1.7.x 1.12.x
beijing 1.8.10 2.8.2 1.8.10 17.03.x
- casablanca 1.11.2 2.9.1 1.11.2 17.03.x
+ casablanca 1.11.5 2.9.1 1.11.5 17.03.x
============== =========== ===== ======== ========
Minimum Hardware Configuration
===== ===== ====== ====================
.. note::
- Kubernetes supports a maximum of 110 pods per node. The use of many small
+ Kubernetes supports a maximum of 110 pods per node - configurable in the --max-pods=n setting off the
+ "additional kubelet flags" box in the kubernetes template window described in 'ONAP Development - 110 pod limit Wiki'
+ - this limit does not need to be modified . The use of many small
nodes is preferred over a few larger nodes (for example 14x16GB - 8 vCores each).
Subsets of ONAP may still be deployed on a single node.
combination of the two). The following guide describe the recommended method to
setup a Kubernetes cluster: :ref:`onap-on-kubernetes-with-rancher`.
-There are alternative deployment methods described on the `ONAP on Kubernetes Wiki`_
+There are alternative deployment methods described on the `Cloud Native Deployment Wiki`_
> helm install local/onap -name development -f dev.yaml
Note that there are one or more example deployment files in the
-`onap/resources/environments/` directory. It is best practice to create a unique
-deployment file for each environment used to ensure consistent behaviour.
+`onap/resources/environments/` directory. It is best practice to create a
+unique deployment file for each environment used to ensure consistent
+behaviour.
To aid in the long term supportability of ONAP, a set of common charts have
been created (and will be expanded in subsequent releases of ONAP) that can be
The common section of charts consists of a set of templates that assist with
parameter substitution (`_name.tpl` and `_namespace.tpl`) and a set of charts
-for components used throughout ONAP. Initially `mysql` is in the common area but
-this will expand to include other databases like `mariadb-galera`, `postgres`,
-and `cassandra`. Other candidates for common components include `redis` and
-`kafka`. When the common components are used by other charts they are
-instantiated each time. In subsequent ONAP releases some of the common
+for components used throughout ONAP. Initially `mysql` is in the common area
+but this will expand to include other databases like `mariadb-galera`,
+`postgres`, and `cassandra`. Other candidates for common components include
+`redis` and`kafka`. When the common components are used by other charts they
+are instantiated each time. In subsequent ONAP releases some of the common
components could be a setup as services that are used by multiple ONAP
components thus minimizing the deployment and operational costs.
of each ONAP component team to update these configuration files when changes
are made to the project containers that impact configuration.
-The following section describes how the hierarchical ONAP configuration system is
-key to management of such a large system.
+The following section describes how the hierarchical ONAP configuration system
+is key to management of such a large system.
Configuration Management
========================
Name Spaces
-----------
-Within the namespaces are Kubernetes services that provide external connectivity to pods that host Docker containers.
+Within the namespaces are Kubernetes services that provide external
+connectivity to pods that host Docker containers.
ONAP Components to Kubernetes Object Relationships
--------------------------------------------------
------------------------------
- DNS
-- Ports - Flattening the containers also expose port conflicts between the containers which need to be resolved.
+- Ports - Flattening the containers also expose port conflicts between the
+ containers which need to be resolved.
Node Ports
~~~~~~~~~~
.. MISC
.. ====
.. Note that although OOM uses Kubernetes facilities to minimize the effort
-.. required of the ONAP component owners to implement a successful rolling upgrade
-.. strategy there are other considerations that must be taken into consideration.
+.. required of the ONAP component owners to implement a successful rolling
+.. upgrade strategy there are other considerations that must be taken into
+.. consideration.
.. For example, external APIs - both internal and external to ONAP - should be
-.. designed to gracefully accept transactions from a peer at a different software
-.. version to avoid deadlock situations. Embedded version codes in messages may
-.. facilitate such capabilities.
+.. designed to gracefully accept transactions from a peer at a different
+.. software version to avoid deadlock situations. Embedded version codes in
+.. messages may facilitate such capabilities.
..
-.. Within each of the projects a new configuration repository contains all of the
-.. project specific configuration artifacts. As changes are made within the
-.. project, it's the responsibility of the project team to make appropriate
+.. Within each of the projects a new configuration repository contains all of
+.. the project specific configuration artifacts. As changes are made within
+.. the project, it's the responsibility of the project team to make appropriate
.. changes to the configuration data.
> cd oom/kubernetes
**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release::
- sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
+
+ > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
**Step 3.** Customize the onap/values.yaml file to suit your deployment. You
may want to selectively enable or disable ONAP components by changing the
> kubectl get pods --all-namespaces -o=wide
Undeploying onap can be done using the following command::
+
> helm undeploy dev --purge
Apply customization script for the Rancher VM
---------------------------------------------
-Click :download:`openstack-rancher.sh <openstack-rancher.sh>` to download the script.
+Click :download:`openstack-rancher.sh <openstack-rancher.sh>` to download the
+script.
.. literalinclude:: openstack-rancher.sh
:language: bash
will be installed.
As of the Casablanca release a minimum 224GB will be needed to run a
-full ONAP deployment (all components). It is recommended that more hosts are used
-with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts.
+full ONAP deployment (all components). It is recommended that more hosts are
+used with fewer resources instead of only a few large hosts. For example 14 x
+16GB hosts.
If a small subset of ONAP components are being deployed for testing purposes,
then a single 16GB or 32GB host should suffice.
set up an NFS share on Master and Slave nodes, the user can run the scripts
below.
-Click :download:`master_nfs_node.sh <master_nfs_node.sh>` to download the script.
+Click :download:`master_nfs_node.sh <master_nfs_node.sh>` to download the
+script.
.. literalinclude:: master_nfs_node.sh
:language: bash
.. image:: Click_create.jpeg
-6. Select the new named environment (ie. SB4) from the dropdown list (top left).
+6. Select the new named environment (ie. SB4) from the dropdown list (top
+ left).
Rancher is now waiting for a Kubernetes Host to be added.
Add Kubernetes Host
-------------------
-1. If this is the first (or only) host being added - click on the "Add a host" link
+1. If this is the first (or only) host being added - click on the "Add a host"
+ link
.. image:: K8s-Assign_Floating_IP_for_external_access.jpeg
.. image:: otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg
-2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just created.
+2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just
+ created.
3. Click on “Copy to Clipboard” button
- name: "SB4"
user:
token: "QmFzaWMgTlRBd01qZzBOemc)TkRrMk1UWkNOMFpDTlVFNlExcHdSa1JhVZreE5XSm1TRGhWU2t0Vk1sQjVhalZaY0dWaFVtZGFVMHQzWW1WWVJtVmpSQT09"
- ~
- ~
- ~
- - INSERT --
5. Validate that kubectl is able to connect to the kubernetes cluster::
- :ref:`quick-start-label` - deploy ONAP on an existing cloud
- :ref:`user-guide-label` - a guide for operators of an ONAP instance
-
-
Pre-requisites
--------------
-Your environment must have both the Kubernetes `kubectl` and Helm setup as a one time activity.
+Your environment must have both the Kubernetes `kubectl` and Helm setup as a
+one time activity.
Install Kubectl
~~~~~~~~~~~~~~~
-Enter the following to install kubectl (on Ubuntu, there are slight differences on other O/Ss), the Kubernetes command line interface used to manage a Kubernetes cluster::
+Enter the following to install kubectl (on Ubuntu, there are slight differences
+on other O/Ss), the Kubernetes command line interface used to manage a
+Kubernetes cluster::
> curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.10/bin/linux/amd64/kubectl
> chmod +x ./kubectl
> sudo mv ./kubectl /usr/local/bin/kubectl
> mkdir ~/.kube
-Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for alternative Kubernetes environment setups) into the `~/.kube/config` file.
+Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for
+alternative Kubernetes environment setups) into the `~/.kube/config` file.
Verify that the Kubernetes config is correct::
Install Helm
~~~~~~~~~~~~
-Helm is used by OOM for package and configuration management. To install Helm, enter the following::
+Helm is used by OOM for package and configuration management. To install Helm,
+enter the following::
> wget http://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz
> tar -zxvf helm-v2.9.1-linux-amd64.tar.gz
Install the Helm Repo
---------------------
-Once kubectl and Helm are setup, one needs to setup a local Helm server to server up the ONAP charts::
+Once kubectl and Helm are setup, one needs to setup a local Helm server to
+server up the ONAP charts::
> helm install osn/onap
> helm init
> helm serve &
-Note the port number that is listed and use it in the Helm repo add as follows::
+Note the port number that is listed and use it in the Helm repo add as
+follows::
> helm repo add local http://127.0.0.1:8879
In any case, setup of the Helm repository is a one time activity.
-Once the repo is setup, installation of ONAP can be done with a single command::
+Next, install Helm Plugins required to deploy the ONAP Casablanca release::
- > helm install local/onap --name development
+ > cp -R helm/plugins/ ~/.helm
+
+Once the repo is setup, installation of ONAP can be done with a single
+command::
+
+ > helm deploy development local/onap --namespace onap
This will install ONAP from a local repository in a 'development' Helm release.
As described below, to override the default configuration values provided by
OOM, an environment file can be provided on the command line as follows::
- > helm install local/onap --name development -f onap-development.yaml
+ > helm deploy development local/onap --namespace onap -f overrides.yaml
To get a summary of the status of all of the pods (containers) running in your
deployment::
To install a specific version of a single ONAP component (`so` in this example)
-with the given name enter::
+with the given release name enter::
- > helm install onap/so --version 2.0.1 -n so
+ > helm deploy so onap/so --version 3.0.1
To display details of a specific resource or group of resources type::
user's own environment (a laptop etc.) the portal application's port 8989 is
exposed through a `Kubernetes LoadBalancer`_ object.
-Typically, to be able to access the Kubernetes nodes publicly a public address is
-assigned. In Openstack this is a floating IP address.
+Typically, to be able to access the Kubernetes nodes publicly a public address
+is assigned. In Openstack this is a floating IP address.
When the `portal-app` chart is deployed a Kubernetes service is created that
instantiates a load balancer. The LB chooses the private interface of one of
of the page
.. note::
- Besides the ONAP Portal the Components can deliver additional user interfaces,
+ Besides the ONAP Portal the Components can deliver additional user interfaces,
please check the Component specific documentation.
-.. note::
+.. note::
| Alternatives Considered:
- a set of liveness probes which feed into the Kubernetes manager which
are described in the Heal section.
-Within ONAP, Consul is the monitoring system of choice and deployed by OOM in two parts:
+Within ONAP, Consul is the monitoring system of choice and deployed by OOM in
+two parts:
- a three-way, centralized Consul server cluster is deployed as a highly
available monitor of all of the ONAP components, and
> helm undeploy casablanca --dry-run
-will display the outcome of deleting the 'casablanca' release from the deployment.
+will display the outcome of deleting the 'casablanca' release from the
+deployment.
To completely delete a release and remove it from the internal store enter::
> helm undeploy casablanca --purge
will remove `so` as the configuration indicates it's no longer part of the
deployment. This might be useful if a one wanted to replace just `so` by
-installing a custom version.
+installing a custom version.
#!/bin/bash
DOCKER_VERSION=17.03
-KUBECTL_VERSION=1.11.2
+KUBECTL_VERSION=1.11.5
HELM_VERSION=2.9.1
# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
DOCKER_VERSION=17.03
RANCHER_VERSION=1.6.22
-KUBECTL_VERSION=1.11.2
+KUBECTL_VERSION=1.11.5
HELM_VERSION=2.9.1
# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights reserved.
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
.. Links
.. _release-notes-label:
Summary
=======
-The focus of this release was on incremental improvements in the following areas:
-* Pluggable persistent storage with support for GlusterFS as the first storage class provisioner
-* CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster
+The focus of this release was on incremental improvements in the following
+areas:
+
+* Pluggable persistent storage with support for GlusterFS as the first storage
+ class provisioner
+
+* CPU and Memory limits in Helm Charts to improve Pod placement based on
+ resource availablity in Kubernetes Cluster
+
* Support of Node Selectors for Pod placement
+
* Common "shared" Helm Charts referencing common images
+
- mariadb-galera
- postgres
- cassandra
- mysql
- mongo
+
* Integration of ARK Backup and Restore solution
-* Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments
+
+* Introduction of Helm deploy and undeploy plugins to better manage ONAP
+ deployments
**Security Notes**
-OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found.
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
Quick Links:
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
**Known Issues**
-Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes (1.11.2)
-Workaround: Restart of the kubelet daemons on the k8s hosts
-Fix: Will be delivered in the next release via a new Kubernetes version (1.12)
-- `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
-- `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
-- `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
-- `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
+ * **Problem**: kubectl connections to pods (kubectl exec|logs) will
+ fail after a while due to a known bug in Kubernetes (1.11.2)
+
+ **Workaround**: Restart of the kubelet daemons on the k8s hosts
+
+ **Fix**: Will be delivered in the next release via a new
+ Kubernetes version (1.12)
+
+ - `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
+ - `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
+ - `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
+ - `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
Version 2.0.0 Beijing Release
**Security Notes**
-OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found.
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
Quick Links:
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
Version: 1.1.0
--------------
**New Features**
-The Amsterdam release is the first release of the ONAP Operations Manager (OOM).
+The Amsterdam release is the first release of the ONAP Operations Manager
+(OOM).
The main goal of the Amsterdam release was to:
- - Support Flexible Platform Deployment via Kubernetes of fully containerized ONAP components - on any type of environment.
+ - Support Flexible Platform Deployment via Kubernetes of fully
+ containerized ONAP components - on any type of environment.
- Support State Management of ONAP platform components.
- - Support full production ONAP deployment and any variation of component level deployment for development.
+ - Support full production ONAP deployment and any variation of component
+ level deployment for development.
- Platform Operations Orchestration / Control Loop Actions.
- Platform centralized logging with ELK stack.
**Bug Fixes**
- The full list of implemented user stories and epics is available on `JIRA <https://jira.onap.org/secure/RapidBoard.jspa?rapidView=41&view=planning.nodetail&epics=visible>`_
- This is the first release of OOM, the defects fixed in this release were raised during the course of the release.
- Anything not closed is captured below under Known Issues. If you want to review the defects fixed in the Amsterdam release, refer to Jira link above.
+ The full list of implemented user stories and epics is available on
+ `JIRA <https://jira.onap.org/secure/RapidBoard.jspa?rapidView=41&view=planning.nodetail&epics=visible>`_
+ This is the first release of OOM, the defects fixed in this release were
+ raised during the course of the release.
+ Anything not closed is captured below under Known Issues. If you want to
+ review the defects fixed in the Amsterdam release, refer to Jira link
+ above.
**Known Issues**
- `OOM-6 <https://jira.onap.org/browse/OOM-6>`_ Automated platform deployment on Docker/Kubernetes
VFC, AAF, MSB minor issues.
- Workaround: Manual configuration changes - however the reference vFirewall use case does not currently require these components.
+ Workaround: Manual configuration changes - however the reference
+ vFirewall use case does not currently require these components.
- `OOM-10 <https://jira.onap.org/browse/OOM-10>`_ Platform configuration management.
OOM ONAP Configuration Management - Handling of Secrets.
- Workaround: Automated workaround to be able to pull from protected docker repositories.
+ Workaround: Automated workaround to be able to pull from protected
+ docker repositories.
**Security Issues**
============LICENSE_START==========================================
===================================================================
- Copyright © 2017 Amdocs
- Copyright © 2017 Bell Canada
+ Copyright © 2017-2019 Amdocs
+ Copyright © 2017-2019 Bell Canada
All rights reserved.
===================================================================
Licensed under the Apache License, Version 2.0 (the "License");
apiVersion: v1
description: ONAP Application Authorization Framework
name: aaf
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAF Certificate Manager
name: aaf-cm
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAF cassandra
name: aaf-cs
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAF File Server
name: aaf-fs
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF GUI
name: aaf-gui
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF Hello
name: aaf-hello
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF Locate
name: aaf-locate
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF OAuth
name: aaf-oauth
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF Service
name: aaf-service
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Secret Management Service
name: aaf-sms
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Secret Management Service Quorum Client
name: aaf-sms-quorumclient
-version: 3.0.0
+version: 4.0.0
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/quorumclient/bin/quorumclient"]
workingDir: /quorumclient/
volumeMounts:
description: Chart to launch Vault as SMS backend
name: aaf-sms-vault
appVersion: 0.9.5
-version: 3.0.0
+version: 4.0.0
mountSubPath: sms/consul/data
service:
- type: NodePort
+ type: ClusterIP
name: aaf-sms-db
portName: aaf-sms-db
internalPort: 8200
- nodePort: 44
+ externalPort: 8200
ingress:
enabled: false
fieldPath: metadata.namespace
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
command: ["/sms/bin/sms"]
workingDir: /sms/
fieldPath: metadata.namespace
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-preload
command:
- "/sms/bin/preload"
apiVersion: v1
description: ONAP Hardware Security Components
name: aaf-sshsm
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Trusted Platform Module Resource Manager
name: aaf-sshsm-abrmd
-version: 3.0.0
+version: 4.0.0
containers:
- name: {{ include "common.name" . }}-job
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/abrmd/bin/initialize_tpm.sh"]
workingDir: /abrmd/bin
securityContext:
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/abrmd/bin/run_abrmd.sh"]
workingDir: /abrmd/bin
securityContext:
apiVersion: v1
description: ONAP Trusted Platform Module Distribution Center
name: aaf-sshsm-distcenter
-version: 3.0.0
+version: 4.0.0
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/entrypoint.sh"]
workingDir: /distcenter
volumeMounts:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-{{- end -}}
\ No newline at end of file
+{{- end -}}
apiVersion: v1
description: ONAP Trusted Platform Module Test CA Service
name: aaf-sshsm-testca
-version: 3.0.0
+version: 4.0.0
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["./import.sh"]
workingDir: /testca/bin
env:
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: ONAP Active and Available Inventory
name: aai
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Babel microservice
name: aai-babel
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
+++ /dev/null
-AAI.instance-group-types=org.openecomp.groups.NetworkCollection,org.openecomp.groups.VfcInstanceGroup
--- /dev/null
+{
+ "instanceGroupTypes": [
+ "org.openecomp.groups.NetworkCollection",
+ "org.openecomp.groups.VfcInstanceGroup",
+ "org.openecomp.groups.ResourceInstanceGroup"
+ ],
+ "widgetMappings": [
+ {
+ "prefix": "org.openecomp.resource.vfc",
+ "type": "widget",
+ "widget": "VSERVER",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.cp",
+ "type": "widget",
+ "widget": "LINT",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.cp",
+ "type": "widget",
+ "widget": "LINT",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.vl",
+ "widget": "L3_NET",
+ "deleteFlag": false
+ },
+ {
+ "prefix": "org.openecomp.resource.vf",
+ "widget": "VF",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.groups.vfmodule",
+ "widget": "VFMODULE",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.groups.VfModule",
+ "widget": "VFMODULE",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.vfc.nodes.heat.cinder",
+ "type": "widget",
+ "widget": "VOLUME",
+ "deleteFlag": true
+ }
+ ]
+}
- mountPath: /opt/app/babel/config/artifact-generator.properties
name: {{ include "common.fullname" . }}-config
subPath: artifact-generator.properties
- - mountPath: /opt/app/babel/config/filter-types.properties
+ - mountPath: /opt/app/babel/config/tosca-mappings.json
name: {{ include "common.fullname" . }}-config
- subPath: filter-types.properties
+ subPath: tosca-mappings.json
- mountPath: /opt/app/babel/config/babel-auth.properties
name: {{ include "common.fullname" . }}-config
subPath: babel-auth.properties
items:
- key: artifact-generator.properties
path: artifact-generator.properties
- - key: filter-types.properties
- path: filter-types.properties
+ - key: tosca-mappings.json
+ path: tosca-mappings.json
- key: babel-auth.properties
path: babel-auth.properties
- key: logback.xml
apiVersion: v1
description: ONAP AAI Cassandra
name: aai-cassandra
-version: 3.0.0
+version: 4.0.0
storage: {{ .Values.persistence.size | quote }}
selector:
matchLabels:
+ app: {{ include "common.name" . }}
release: "{{ .Release.Name }}"
{{- end }}
apiVersion: v1
description: ONAP AAI Champ microservice
name: aai-champ
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
"permissions": [
"test\\.auth\\.access\\|services\\|GET,PUT",
"\\|services\\|GET"
- ]
+ ]
},
{
"uri": "\/services\/inventory\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
},
{
- "uri": "\/services\/champ-service\/.*",
- "permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
- }
+ "uri": "\/services\/champ-service\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ }
]
#hostname=test.aic.cip.att.com
cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
aaf_env=DEV
aaf_id=demo@people.osaaf.org
+++ /dev/null
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- {{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
- {{ end }}
initContainers:
- command:
- /root/ready.py
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
subPath: uri-authorization.json
- #- name: {{ include "common.fullname" . }}-rproxy-auth-config
- # mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- # subPath: aaf_truststore.jks
- name: {{ include "common.fullname" . }}-rproxy-security-config
mountPath: /opt/app/rproxy/config/security/keyfile
subPath: keyfile
- name: CONFIG_HOME
value: "/opt/app/fproxy/config"
- name: KEY_STORE_PASSWORD
- value: {{ .Values.config.keyStorePassword }}
+ value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
- name: spring_profiles_active
value: {{ .Values.global.fproxy.activeSpringProfiles }}
volumeMounts:
- name: {{ include "common.fullname" . }}-fproxy-log-config
mountPath: /opt/app/fproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/client-cert.p12
subPath: client-cert.p12
ports:
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
- name: {{ include "common.fullname" . }}-rproxy-security-config
secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ secretName: aai-rproxy-security-config
- name: {{ include "common.fullname" . }}-fproxy-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-config
- name: {{ include "common.fullname" . }}-fproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ secretName: aai-fproxy-auth-certs
{{ end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
---
apiVersion: v1
kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
{{ end }}
\ No newline at end of file
config:
keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
# default number of instances
replicaCount: 1
apiVersion: v1
description: ONAP AAI Data-Router
name: aai-data-router
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAI elasticsearch
name: aai-elasticsearch
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Gizmo service
name: aai-gizmo
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+}
\ No newline at end of file
+###############################################################################
# Schema Version Related Attributes
+###############################################################################
schema.uri.base.path=/aai
# Lists all of the versions in the schema
-schema.version.list=v9,v10,v11,v12,v13,v14
+schema.version.list=v10,v11,v12,v13,v14,v15
# Specifies from which version should the depth parameter to default to zero
-schema.version.depth.start=v9
+schema.version.depth.start=v10
# Specifies from which version should the related link be displayed in response payload
schema.version.related.link.start=v10
# Specifies from which version should the client see only the uri excluding host info
# Before this version server base will also be included
schema.version.app.root.start=v11
# Specifies from which version should the namespace be changed
-schema.version.namespace.change.start=v12
+schema.version.namespace.change.start=v11
# Specifies from which version should the client start seeing the edge label in payload
schema.version.edge.label.start=v12
# Specifies the version that the application should default to
-schema.version.api.default=v14
+schema.version.api.default=v15
+###############################################################################
+# Schema Location Related Attributes
+###############################################################################
# Schema Location Related Attributes
schema.configuration.location=NA
schema.nodes.location=/opt/app/crud-api/bundleconfig/etc/onap/oxm
schema.edges.location=/opt/app/crud-api/bundleconfig/etc/onap/dbedgerules
+
+###############################################################################
+# Schema Service Related Attributes
+###############################################################################
+# Specifies whether to use the schema service or local schema files
+schema.translator.list=config
+
+schema.service.base.url=https://<host>:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+
+#Default rest client is the two-way-ssl
+schema.service.client=two-way-ssl
+#Replace the below with the A&AI client key store
+schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12
+#Replace the below with the A&AI tomcat trust store
+schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore
\ No newline at end of file
"permissions": [
"test\\.auth\\.access\\|services\\|GET,PUT",
"\\|services\\|GET"
- ]
+ ]
},
{
"uri": "\/services\/inventory\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
},
{
"uri": "\/services\/gizmo\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
}
]
#hostname=test.aic.cip.att.com
cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
aaf_env=DEV
aaf_id=demo@people.osaaf.org
aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
\ No newline at end of file
+++ /dev/null
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
release: {{ .Release.Name }}
spec:
{{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
-
initContainers:
- name: {{ .Values.global.tproxyConfig.name }}
image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: CONFIG_HOME
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
subPath: uri-authorization.json
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- subPath: aaf_truststore.jks
- name: {{ include "common.fullname" . }}-rproxy-security-config
mountPath: /opt/app/rproxy/config/security/keyfile
subPath: keyfile
value: "/opt/app/fproxy/config"
- name: KEY_STORE_PASSWORD
value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
- name: spring_profiles_active
value: {{ .Values.global.fproxy.activeSpringProfiles }}
volumeMounts:
- name: {{ include "common.fullname" . }}-fproxy-log-config
mountPath: /opt/app/fproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/client-cert.p12
subPath: client-cert.p12
ports:
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
- name: {{ include "common.fullname" . }}-rproxy-security-config
secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ secretName: aai-rproxy-security-config
- name: {{ include "common.fullname" . }}-fproxy-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-config
- name: {{ include "common.fullname" . }}-fproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ secretName: aai-fproxy-auth-certs
{{ end }}
imagePullSecrets:
---
apiVersion: v1
kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
{{ end }}
#################################################################
# application image
-image: onap/gizmo:1.3.0
+image: onap/gizmo:1.4-STAGING-latest
flavor: small
# application configuration
config:
keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
+ timeoutSeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
+ timeoutSeconds: 10
periodSeconds: 10
service:
apiVersion: v1
description: ONAP AAI GraphAdmin
name: aai-graphadmin
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAI modelloader
name: aai-modelloader
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAI resources
name: aai-resources
-version: 3.0.0
+version: 4.0.0
data:
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
{{ if .Values.global.installSidecarSecurity }}
"visualRange": "1",
"path": "/aai/v13/cloud-infrastructure"
},
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v14",
+ "url": "/aai/v14/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/cloud-infrastructure"
+ },
{
"serviceName": "_aai-business",
"version": "v11",
"visualRange": "1",
"path": "/aai/v13/business"
},
+ {
+ "serviceName": "_aai-business",
+ "version": "v14",
+ "url": "/aai/v14/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/business"
+ },
{
"serviceName": "_aai-actions",
"version": "v11",
"visualRange": "1",
"path": "/aai/v13/actions"
},
+ {
+ "serviceName": "_aai-actions",
+ "version": "v14",
+ "url": "/aai/v14/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/actions"
+ },
{
"serviceName": "_aai-service-design-and-creation",
"version": "v11",
"visualRange": "1",
"path": "/aai/v13/service-design-and-creation"
},
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v14",
+ "url": "/aai/v14/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/service-design-and-creation"
+ },
{
"serviceName": "_aai-network",
"version": "v11",
"visualRange": "1",
"path": "/aai/v13/network"
},
+ {
+ "serviceName": "_aai-network",
+ "version": "v14",
+ "url": "/aai/v14/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/network"
+ },
{
"serviceName": "_aai-externalSystem",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1",
"path": "/aai/v11/external-system"
- },
+ },
{
"serviceName": "_aai-externalSystem",
"version": "v12",
"lb_policy":"ip_hash",
"visualRange": "1",
"path": "/aai/v12/external-system"
- },
+ },
{
"serviceName": "_aai-externalSystem",
"version": "v13",
"visualRange": "1",
"path": "/aai/v13/external-system"
},
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v14",
+ "url": "/aai/v14/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/external-system"
+ },
{
"serviceName": "aai-cloudInfrastructure",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v14",
+ "url": "/aai/v14/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-business",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-business",
+ "version": "v14",
+ "url": "/aai/v14/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-actions",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-actions",
+ "version": "v14",
+ "url": "/aai/v14/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-service-design-and-creation",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v14",
+ "url": "/aai/v14/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-network",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-network",
+ "version": "v14",
+ "url": "/aai/v14/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-externalSystem",
"version": "v11",
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
- },
+ },
{
"serviceName": "aai-externalSystem",
"version": "v12",
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
- },
+ },
{
"serviceName": "aai-externalSystem",
"version": "v13",
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v14",
+ "url": "/aai/v14/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
}
]'
spec:
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.p12
- mountPath: /opt/app/aai-resources/resources/aaf/truststoreONAPall.jks
- name: {{ include "common.fullname" . }}-aaf-certs
+ name: aai-common-aai-auth-mount
subPath: truststoreONAPall.jks
- mountPath: /opt/app/aai-resources/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
{{ end }}
volumes:
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
- name: localtime
hostPath:
path: /etc/localtime
apiVersion: v1
description: ONAP AAI search-data
name: aai-search-data
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAI sparky-be
name: aai-sparky-be
-version: 3.0.0
+version: 4.0.0
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /opt/app/sparky/config/auth/
+ - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12
name: {{ include "common.fullname" . }}-auth-config
+ subPath: client-cert-onap.p12
+
+ - mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: csp-cookie-filter.properties
+
+ - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: org.onap.aai.p12
+
+ - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ name: aai-common-aai-auth-mount
+ subPath: truststoreONAPall.jks
- mountPath: /opt/app/sparky/config/portal/
name: {{ include "common.fullname" . }}-portal-config
ports:
- containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
- name: {{ include "common.fullname" . }}-auth-config
secret:
secretName: {{ include "common.fullname" . }}
+
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+
- name: filebeat-conf
configMap:
name: aai-filebeat
apiVersion: v1
description: ONAP AAI Spike microservice
name: aai-spike
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
--- /dev/null
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+}
\ No newline at end of file
#######################################
# Schema Version Related Attributes
#######################################
-
schema.uri.base.path=/aai
# Lists all of the versions in the schema
-schema.version.list=v8,v9,v10,v11,v12,v13,v14
+schema.version.list=v10,v11,v12,v13,v14,v15
# Specifies from which version should the depth parameter to default to zero
-schema.version.depth.start=v9
+schema.version.depth.start=v10
# Specifies from which version should the related link be displayed in response payload
schema.version.related.link.start=v10
# Specifies from which version should the client see only the uri excluding host info
# Before this version server base will also be included
schema.version.app.root.start=v11
# Specifies from which version should the namespace be changed
-schema.version.namespace.change.start=v12
+schema.version.namespace.change.start=v11
# Specifies from which version should the client start seeing the edge label in payload
schema.version.edge.label.start=v12
# Specifies the version that the application should default to
-schema.version.api.default=v14
+schema.version.api.default=v15
#######################################
# Schema Location Related Attributes
#######################################
-
schema.configuration.location=NA
schema.nodes.location=/opt/app/spike/bundleconfig/etc/onap/oxm
schema.edges.location=/opt/app/spike/bundleconfig/etc/onap/dbedgerules
+
+###############################################################################
+# Schema Service Related Attributes
+###############################################################################
+# Specifies whether to use the schema service (schema-service) or local schema files (config)
+schema.translator.list=config
+
+schema.service.base.url=https://<host>:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+
+#Default rest client is the two-way-ssl
+schema.service.client=two-way-ssl
+#Replace the below with the A&AI client key store
+schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12
+#Replace the below with the A&AI tomcat trust store
+schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore
#################################################################
# application image
-image: onap/spike:1.3.1
+image: onap/spike:1.4-STAGING-latest
flavor: small
# application configuration
config:
apiVersion: v1
description: ONAP AAI traversal
name: aai-traversal
-version: 3.0.0
+version: 4.0.0
data:
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
"visualRange": "1",
"path": "/aai/v13/search/generic-query"
},
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v14",
+ "url": "/aai/v14/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/search/generic-query"
+ },
{
"serviceName": "_aai-nodes-query",
"version": "v11",
"visualRange": "1",
"path": "/aai/v13/search/nodes-query"
},
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v14",
+ "url": "/aai/v14/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/search/nodes-query"
+ },
{
"serviceName": "_aai-query",
"version": "v11",
"visualRange": "1",
"path": "/aai/v13/query"
},
+ {
+ "serviceName": "_aai-query",
+ "version": "v14",
+ "url": "/aai/v14/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/query"
+ },
{
"serviceName": "_aai-named-query",
"url": "/aai/search",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v14",
+ "url": "/aai/v14/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-nodes-query",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v14",
+ "url": "/aai/v14/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-query",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-query",
+ "version": "v14",
+ "url": "/aai/v14/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-named-query",
"url": "/aai/search",
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.p12
- mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
- name: {{ include "common.fullname" . }}-aaf-certs
+ name: aai-common-aai-auth-mount
subPath: truststoreONAPall.jks
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
- name: {{ include "common.fullname" . }}-aaf-certs
secret:
secretName: {{ include "common.fullname" . }}-aaf-keys
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
- name: {{ include "common.fullname" . }}-springapp-conf
configMap:
name: {{ include "common.fullname" . }}-springapp-configmap
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
--- /dev/null
+2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
+jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
+4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
+moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
+GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
+74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
+iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
+p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
+3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
+hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
+RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
+xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
+8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
+ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
+5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
+GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
+_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
+zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
+S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
+LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
+hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
+nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
+bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
+JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
+Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
+J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
+mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file
data:
{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
-
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-fproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }}
+{{ end }}
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-kind: ConfigMap
+kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-cfg
+ name: aai-common-aai-auth
namespace: {{ include "common.namespace" . }}
+type: Opaque
data:
-{{ tpl (.Files.Glob "resources/config/ext-haproxy-cfg/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
apiVersion: v1
description: Application Controller
name: appc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP APPC Ansible Server
name: appc-ansible-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-ansible-server-image:0.3.2
+image: onap/ccsdk-ansible-server-image:0.3.3
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP APPC Self Service Controller Design Tool
name: appc-cdt
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: mariadb-galera
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: dgbuilder
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+#!/bin/bash
+
+###
+# ============LICENSE_START=======================================================
+# APPC
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+###
+
+ODL_HOME=${ODL_HOME:-/opt/opendaylight/current}
+APPC_HOME=${APPC_HOME:-/opt/onap/appc}
+ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
+APPC_FEATURE_DIR=${APPC_FEATURE_DIR:-${APPC_HOME}/features}
+
+function featureInstall {
+COUNT=0
+while [ $COUNT -lt 10 ]; do
+ ${ODL_HOME}/bin/client feature:install $1 2> /tmp/installErr
+ cat /tmp/installErr
+ if grep -q 'Failed to get the session' /tmp/installErr; then
+ sleep 10
+ else
+ let COUNT=10
+ fi
+ let COUNT=COUNT+1
+done
+}
+
+ APPC_FEATURES=" \
+ appc-metric \
+ appc-dmaap-adapter \
+ appc-chef-adapter \
+ appc-netconf-adapter \
+ appc-rest-adapter \
+ appc-lifecycle-management \
+ appc-dispatcher \
+ appc-provider \
+ appc-dg-util \
+ appc-dg-shared \
+ appc-sdc-listener \
+ appc-oam \
+ appc-iaas-adapter \
+ appc-ansible-adapter \
+ appc-sequence-generator \
+ appc-artifact-handler \
+ appc-aai-client"
+
+APPC_FEATURES_1=" \
+ onap-appc-core \
+ onap-appc-metric \
+ onap-appc-dmaap-adapter \
+ onap-appc-chef-adapter \
+ onap-appc-netconf-adapter \
+ onap-appc-rest-adapter \
+ onap-appc-lifecycle-management \
+ onap-appc-license-manager"
+
+ APPC_FEATURES_2=" \
+ onap-appc-dg-util \
+ onap-appc-dg-shared \
+ onap-appc-sdc-listener \
+ onap-appc-oam \
+ onap-appc-iaas-adapter \
+ onap-appc-ansible-adapter \
+ onap-appc-sequence-generator \
+ onap-appc-config-generator \
+ onap-appc-config-data-services \
+ onap-appc-config-adaptor \
+ onap-appc-config-audit \
+ onap-appc-config-encryption-tool \
+ onap-appc-config-flow-controller \
+ onap-appc-config-params \
+ onap-appc-artifact-handler
+ onap-appc-aai-client \
+ onap-appc-event-listener \
+ onap-appc-network-inventory-client \
+ onap-appc-design-services \
+ onap-appc-interfaces-service"
+
+ APPC_FEATURES_UNZIP=" \
+ appc-core \
+ appc-metric \
+ appc-dmaap-adapter \
+ appc-event-listener \
+ appc-chef-adapter \
+ appc-netconf-adapter \
+ appc-rest-adapter \
+ appc-lifecycle-management \
+ appc-dispatcher \
+ appc-provider \
+ appc-dg-util \
+ appc-dg-shared \
+ appc-sdc-listener \
+ appc-oam \
+ appc-iaas-adapter \
+ appc-ansible-adapter \
+ appc-sequence-generator \
+ appc-config-generator \
+ appc-config-data-services \
+ appc-config-adaptor \
+ appc-config-audit \
+ appc-config-encryption-tool \
+ appc-config-flow-controller \
+ appc-config-params \
+ appc-artifact-handler \
+ appc-aai-client \
+ appc-network-inventory-client \
+ appc-design-services \
+ appc-interfaces-service"
+
+
+if $ENABLE_ODL_CLUSTER
+ then
+ echo "Enabling core APP-C features with clustering enabled"
+ featureInstall odl-netconf-connector-all
+ featureInstall odl-restconf-noauth
+ featureInstall odl-netconf-clustered-topology
+ else
+ echo "Enabling core APP-C features with clustering disabled"
+ featureInstall odl-netconf-connector-all
+ featureInstall odl-restconf-noauth
+ featureInstall odl-netconf-topology
+fi
+
+sleep 7s
+echo "Installing APP-C Features"
+echo ""
+
+for feature in ${APPC_FEATURES_UNZIP}
+do
+ if [ -f ${APPC_FEATURE_DIR}/${feature}/install-feature.sh ]
+ then
+ ${APPC_FEATURE_DIR}/${feature}/install-feature.sh
+ else
+ echo "No installer found for feature ${feature}"
+ fi
+done
+
+#${ODL_HOME}/bin/client feature:install appc-metric appc-dmaap-adapter appc-event-listener appc-chef-adapter appc-netconf-adapter appc-rest-adapter appc-lifecycle-management appc-dispatcher appc-provider appc-dg-util appc-dg-shared appc-sdc-listener appc-oam appc-iaas-adapter appc-ansible-adapter appc-sequence-generator appc-config-generator appc-config-data-services appc-config-adaptor appc-config-audit appc-config-encryption-tool appc-config-flow-controller appc-config-params appc-artifact-handler appc-aai-client
+
+for feature in ${APPC_FEATURES_1}
+do
+ echo "Installing ${feature}"
+ start=$(date +%s)
+ ${ODL_HOME}/bin/client "feature:install -r ${feature}"
+ end=$(date +%s)
+ echo "Install of ${feature} took $(expr $end - $start) seconds"
+ sleep 7s
+ echo "Sleep Finished"
+done
+
+ echo "Installing dispatcher features"
+ start=$(date +%s)
+ ${ODL_HOME}/bin/client "feature:install -r onap-appc-request-handler onap-appc-command-executor onap-appc-lifecycle-management onap-appc-workflow-management lock-manager onap-appc-provider"
+ end=$(date +%s)
+ echo "Install of dispatcher features took $(expr $end - $start) seconds"
+ sleep 7s
+ echo "Sleep Finished"
+
+for feature in ${APPC_FEATURES_2}
+do
+ echo "Installing ${feature}"
+ start=$(date +%s)
+ ${ODL_HOME}/bin/client "feature:install -r ${feature}"
+ end=$(date +%s)
+ echo "Install of ${feature} took $(expr $end - $start) seconds"
+ sleep 7s
+ echo "Sleep Finished"
+done
+
# ============LICENSE_START=======================================================
# APPC
# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs,Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# This script takes care of installing the SDNC & APPC platform components
# if not already installed, and starts the APPC Docker Container
#
+#set -x
function enable_odl_cluster(){
if [ -z $APPC_REPLICAS ]; then
ENABLE_AAF=${ENABLE_AAF:-true}
DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim}
-appcInstallStartTime=$(date +%s)
-
#
# Wait for database to init properly
#
then
echo "Installing SDNC database"
${SDNC_HOME}/bin/installSdncDb.sh
- fi
- appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END
+ appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END
show databases like 'appcctl';
END
)
- if [ "x${appc_db_exists}" == "x" ]
- then
- echo "Installing APPC database"
- ${APPC_HOME}/bin/installAppcDb.sh
+ if [ "x${appc_db_exists}" == "x" ]
+ then
+ echo "Installing APPC database"
+ ${APPC_HOME}/bin/installAppcDb.sh
+ fi
+ else
+ sleep 30
fi
echo "Installed at `date`" > ${DBINIT_DIR}/.installed
echo "Installing ODL Host Key"
${SDNC_HOME}/bin/installOdlHostKey.sh
+# echo "Copying a working version of the logging configuration into the opendaylight etc folder"
+# cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg
+
echo "Starting OpenDaylight"
${ODL_HOME}/bin/start
echo "Waiting ${SLEEP_TIME} seconds for OpenDaylight to initialize"
sleep ${SLEEP_TIME}
- echo "Copying a working version of the logging configuration into the opendaylight etc folder"
- cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg
- echo "Copying a new version of aaf cadi shiro into the opendaylight deploy folder"
- cp ${APPC_HOME}/data/aaf-shiro-aafrealm-osgi-bundle.jar ${ODL_HOME}/deploy/aaf-shiro-aafrealm-osgi-bundle.jar
-
- echo "Installing SDNC platform features"
- ${SDNC_HOME}/bin/installFeatures.sh
if [ -x ${SDNC_HOME}/svclogic/bin/install.sh ]
then
${SDNC_HOME}/svclogic/bin/install.sh
fi
- if $ENABLE_ODL_CLUSTER ; then echo "Installing Opendaylight cluster features" ; ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering ; ${ODL_HOME}/bin/client feature:install odl-jolokia ; fi
-
- echo "Installing APPC platform features"
- ${APPC_HOME}/bin/installFeatures.sh
-
- if [ -x ${APPC_HOME}/svclogic/bin/install.sh ]
- then
- echo "Installing APPC DGs using platform-logic"
- ${APPC_HOME}/svclogic/bin/install.sh
- fi
-
if [ -x ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh ]
then
echo "Installing APPC JSON DGs converted to XML using dg-loader"
${APPC_HOME}/svclogic/bin/install-converted-dgs.sh
fi
- if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi
-
- echo "Adding a property system.properties for AAF cadi.properties location"
- echo "" >> ${ODL_HOME}/etc/system.properties
- echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties
- echo "" >> ${ODL_HOME}/etc/system.properties
+ if $ENABLE_ODL_CLUSTER
+ then
+ echo "Installing Opendaylight cluster features"
+ ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering
+ enable_odl_cluster
+ fi
echo "Copying the aaa shiro configuration into opendaylight"
if $ENABLE_AAF
done
echo "Karaf process has stopped"
sleep 10s
+
echo "Installed at `date`" > ${SDNC_HOME}/.installed
fi
- appcInstallEndTime=$(date +%s)
- echo "Total Appc install took $(expr $appcInstallEndTime - $appcInstallStartTime) seconds"
+# Move journal and snapshots directory to persistent storage
+
+hostdir=${ODL_HOME}/daexim/$(hostname -s)
+if [ ! -d $hostdir ]
+then
+ mkdir -p $hostdir
+ if [ -d ${ODL_HOME}/journal ]
+ then
+ mv ${ODL_HOME}/journal ${hostdir}
+ else
+ mkdir ${hostdir}/journal
+ fi
+ if [ -d ${ODL_HOME}/snapshots ]
+ then
+ mv ${ODL_HOME}/snapshots ${hostdir}
+ else
+ mkdir ${hostdir}/snapshots
+ fi
+fi
+
+ln -s ${hostdir}/journal ${ODL_HOME}/journal
+ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots
echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log"
java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log &
- mountPath: /opt/onap/appc/bin/installAppcDb.sh
name: onap-appc-bin
subPath: installAppcDb.sh
+ - mountPath: /opt/onap/appc/bin/installFeatures.sh
+ name: onap-appc-bin
+ subPath: installFeatures.sh
- mountPath: /opt/onap/appc/bin/health_check.sh
name: onap-appc-bin
subPath: health_check.sh
flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/appc-image:1.4.3
+image: onap/appc-image:1.5.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Clamp
name: clamp
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Clamp Dashboard Elasticsearch
name: clamp-dash-es
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Clamp Dashboard Kibana
name: clamp-dash-kibana
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Clamp Dashboard Logstash
name: clamp-dash-logstash
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: MariaDB Service
name: mariadb
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Command Line Interface
name: cli
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: DMaaP Data Router MariaDB Instance
-name: dmaap-dr-db
-version: 1.0
+description: Blueprints Processor Micro Service
+name: blueprints-processor
+version: 4.0.0
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
dependencies:
+ - name: mariadb-galera
+ version: ~4.x-0
+ repository: file://../mariadb-galera/
- name: common
- version: ~3.0.0
- repository: '@local'
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada.\r
+#\r
+# Licensed under the Apache License, Version 2.0 (the "License");\r
+# you may not use this file except in compliance with the License.\r
+# You may obtain a copy of the License at\r
+#\r
+# http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing, software\r
+# distributed under the License is distributed on an "AS IS" BASIS,\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+# See the License for the specific language governing permissions and\r
+# limitations under the License.\r
+#logging.level.web=DEBUG\r
+appName={{.Values.config.applicationName}}\r
+ms_name={{.Values.config.msName}}\r
+appVersion={{.Values.config.bundleVersion}}\r
+blueprintsprocessor.grpcEnable={{.Values.config.grpcEnabled}}\r
+blueprintsprocessor.httpPort={{.Values.service.http.internalPort}}\r
+blueprintsprocessor.grpcPort={{.Values.service.grpc.internalPort}}\r
+#Blueprint Processor File Execution and Handling Properties\r
+blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy\r
+blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive\r
+#Primary Database Configuration\r
+blueprintsprocessor.db.primary.url=jdbc:mysql://blueprints-processor-db:3306/sdnctl\r
+blueprintsprocessor.db.primary.username=sdnctl\r
+blueprintsprocessor.db.primary.password=sdnctl\r
+blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver\r
+blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update\r
+blueprintsprocessor.db.primary.hibernateDDLAuto=update\r
+blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy\r
+blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect\r
+# Web server config\r
+server.port=8080
\ No newline at end of file
--- /dev/null
+<!--
+ ~ Copyright (c) 2017-2018 AT&T Intellectual Property.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<configuration>
+
+ <property name="localPattern" value="%d{HH:mm:ss.SSS} %-5level %logger{100} - %msg%n" />
+
+ <property name="defaultPattern" value="%date{ISO8601,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
+
+ <property name="debugLoggerPattern" value="%date{ISO8601,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}|[%caller{3}]| %msg%n" />
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <!-- encoders are assigned the type
+ ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+
+ <logger name="org.springframework" level="info"/>
+ <logger name="org.springframework.web" level="info"/>
+ <logger name="org.springframework.security.web.authentication" level="warn"/>
+ <logger name="org.hibernate" level="error"/>
+ <logger name="org.onap.ccsdk.apps" level="info"/>
+
+ <root level="warn">
+ <appender-ref ref="STDOUT"/>
+ </root>
+
+</configuration>
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-settings
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
data:
-{{ tpl (.Files.Glob "resources/config/em/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ index .Values "mariadb-galera" "nameOverride" }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: APP_CONFIG_HOME
+ value: {{ .Values.config.appConfigDir }}
ports:
- - containerPort: {{.Values.global.config.mariadb.internalPort}}
+ - containerPort: {{ .Values.service.http.internalPort }}
+ {{ if .Values.config.grpcEnabled }}
+ - containerPort: {{ .Values.service.grpc.internalPort }}
+ {{ end }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- args:
- - --lower-case-table-names=1
- - --wait_timeout=28800
+ {{ if .Values.liveness.enabled }}
livenessProbe:
- tcpSocket:
- port: {{.Values.global.config.mariadb.internalPort}}
+ httpGet:
+ path: /api/v1/execution-service/ping
+ port: {{ .Values.service.http.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
+ {{ end }}
readinessProbe:
- tcpSocket:
- port: {{.Values.global.config.mariadb.internalPort}}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-root-password
- - name: MYSQL_USER
- value: {{.Values.global.config.mariadb.userName}}
- - name: MYSQL_DATABASE
- value: {{.Values.global.config.mariadb.mysqlDatabase}}
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
+ httpGet:
+ path: /api/v1/execution-service/ping
+ port: {{ .Values.service.http.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
volumeMounts:
- - mountPath: /docker-entrypoint-initdb.d/sql_init_01.sql
- name: docker-entrypoint-initdb
- subPath: sql_init_01.sql
- - mountPath: /etc/mysql/conf.d
- name: mariadb-conf
- - mountPath: /var/lib/mysql
- name: mariadb-data
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: {{ .Values.config.appConfigDir }}/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ - mountPath: {{ .Values.config.appConfigDir }}/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: localtime
hostPath:
path: /etc/localtime
- - name: docker-entrypoint-initdb
- configMap:
- name: {{ include "common.fullname" . }}-mdb-initd-configmap
- - name: mariadb-conf
+ - name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-mdb-configmap
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: application.properties
+ path: application.properties
+ - key: logback.xml
+ path: logback.xml
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-settings
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/ci/*").AsConfig . | indent 2 }}
----
apiVersion: v1
kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-secret
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
- admin_password: "Y2lhZG1pbnBhc3M="
+ db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.http.externalPort }}
+ targetPort: {{ .Values.service.http.internalPort }}
+ {{- if eq .Values.service.type "NodePort"}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- end}}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- if .Values.config.grpcEnabled}}
+ - port: {{ .Values.service.grpc.externalPort }}
+ targetPort: {{ .Values.service.grpc.internalPort }}
+ {{- if eq .Values.service.type "NodePort"}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- end}}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada
+#
+# Modifications Copyright (c) 2019 Bell Canada.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ # Change to an unused port prefix range to prevent port conflicts
+ # with other instances running within the same k8s cluster
+ nodePortPrefix: 302
+
+ # image repositories
+ repository: nexus3.onap.org:10001
+
+ # readiness check
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+ # image pull policy
+ pullPolicy: Always
+
+ persistence:
+ mountPath: /dockerdata-nfs
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/ccsdk-blueprintsprocessor:0.4.1
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config:
+ applicationName: BlueprintsProcessor
+ msName: "org.onap.ccsdk.apps.blueprintsprocessor"
+ bundleVersion: "1.0.0"
+ appConfigDir: /opt/app/onap/config
+ grpcEnabled: false
+ stickySelectorKey:
+ envContext: DEV
+
+mariadb-galera:
+ config:
+ userName: sdnctl
+ userPassword: sdnctl
+ mariadbRootPassword: sdnctl
+ mysqlDatabase: sdnctl
+ nameOverride: blueprints-processor-db
+ service:
+ name: blueprints-processor-db
+ portName: bp-db
+ replicaCount: 1
+ persistence:
+ enabled: true
+ mountSubPath: blueprints-processor/data
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ portName: blueprints-processor
+ http:
+ internalPort: 8080
+ externalPort: 8080
+ grpc:
+ internalPort: 9111
+ externalPort: 9111
+
+persistence:
+ enabled: true
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
apiVersion: v1
description: ONAP cassandra
name: cassandra
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: Common templates for inclusion in other charts
name: common
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Controller Blueprints Micro Service
name: controller-blueprints
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: mariadb-galera
- version: ~3.0.0
+ version: ~4.x-0
repository: file://../mariadb-galera/
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-controllerblueprints:0.3.2
+image: onap/ccsdk-controllerblueprints:0.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: D.G. Builder application
name: dgbuilder
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: Chart for MariaDB Galera cluster
name: mariadb-galera
-version: 3.0.0
+version: 4.0.0
keywords:
- mariadb
- mysql
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: 'file://../common'
\ No newline at end of file
apiVersion: v1
description: MongoDB Server
name: mongo
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: MUSIC - Multi-site State Coordination Service
name: music
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Cassandra Job - Run CQL Scripts after Cassandra Starts.
name: music-cassandra-job
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP - Cassandra Database
name: music-cassandra
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
storage: {{ .Values.persistence.size | quote }}
selector:
matchLabels:
+ app: {{ include "common.name" . }}
release: "{{ .Release.Name }}"
{{- end }}
apiVersion: v1
description: ONAP - MUSIC Tomcat Container
name: music-tomcat
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
containers:
- name: main
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.image.pullPolicy }}
command:
- /bin/bash
- -o
- name: zookeeper
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.image.pullPolicy }}
command:
- /bin/bash
- -xec
{{- if .Values.exporters.jmx.enabled }}
- name: jmx-exporter
image: "{{ .Values.exporters.jmx.image.repository }}:{{ .Values.exporters.jmx.image.tag }}"
- imagePullPolicy: {{ .Values.exporters.jmx.image.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.exporters.jmx.image.pullPolicy }}
ports:
{{- range $key, $port := .Values.exporters.jmx.ports }}
- name: {{ $key }}
{{- if .Values.exporters.zookeeper.enabled }}
- name: zookeeper-exporter
image: "{{ .Values.exporters.zookeeper.image.repository }}:{{ .Values.exporters.zookeeper.image.tag }}"
- imagePullPolicy: {{ .Values.exporters.zookeeper.image.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.exporters.zookeeper.image.pullPolicy }}
args:
- -bind-addr=:{{ .Values.exporters.zookeeper.ports.zookeeperxp.containerPort }}
- -metrics-path={{ .Values.exporters.zookeeper.path }}
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: MySQL Server
name: mysql
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1\r
description: Name Generation Micro Service\r
name: network-name-gen\r
-version: 3.0.0\r
+version: 4.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: '@local'\r
- name: mariadb-galera\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: file://../mariadb-galera/\r
apiVersion: v1
description: ONAP Postgres Server
name: postgres
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Postgres Server
name: pgpool
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
spec:
containers:
- image: "{{.Values.repository}}/{{.Values.image}}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
env:
- name: PG_PRIMARY_SERVICE_NAME
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Consul Agent
name: consul
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Consul Server
name: consul-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP optional tools
name: contrib
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Netbox IPAM
name: netbox
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Netbox - Application (WSGI + Gunicorn)
name: netbox-app
-version: 3.0.0
+version: 4.0.0
name: {{ include "common.fullname" . }}-initializers-configmap
- name: {{ include "common.fullname" . }}-configuration-config
configMap:
- name: {{ include "common.fullname" . }}-configuration-configmap
\ No newline at end of file
+ name: {{ include "common.fullname" . }}-configuration-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v1
description: Netbox - Nginx web server
name: netbox-nginx
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Netbox Posgres database
name: netbox-postgres
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: ONAP DCAE Gen2
name: dcaegen2
-version: 3.0.0
+version: 4.0.0
-make-dmaap:
- cd charts && helm dep up dcae-bootstrap
+make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api
+
+make-dcae-bootstrap:
+ cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
+
+make-dcae-cloudify-manager:
+ cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
+
+make-dcae-config-binding-service:
+ cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
+
+make-dcae-healthcheck:
+ cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
+
+make-dcae-redis:
+ cd charts && helm dep up dcae-redis && helm lint dcae-redis
+
+make-dcae-servicechange-handler:
+ cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
+
+make-dcae-inventory-api:
+ cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
apiVersion: v1
description: ONAP DCAE Bootstrap
name: dcae-bootstrap
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: postgres
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
policy_retry_count : 5
policy_retry_sleep : 5
+ # mode of operation for the policy-handler
+ # either active or passive
+ # in passive mode the policy-hanlder will not listen to
+ # and will not bring the policy-updates from policy-engine
+ mode_of_operation : "active"
+
# config of automatic catch_up for resiliency
catch_up :
# interval in seconds on how often to call automatic catch_up
# optional timeout_in_secs specifies the timeout for the http requests
timeout_in_secs: 60
# optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection
- ws_ping_interval_in_secs: 180
+ ws_ping_interval_in_secs: 30
# deploy_handler config
# changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
deploy_handler :
- msb-discovery\r
- --container-name\r
- kube2msb\r
+ - --container-name\r
+ - dcae-config-binding-service\r
- "-t"\r
- "15"\r
env:\r
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.5
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.7
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
- config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1
deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.1.0
holmes_rules: onap/holmes/rule-management:1.2.3
holmes_engine: onap/holmes/engine-management:1.2.2
- inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
- policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.5.0
- service_change_handler: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5
+ policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0
tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.3.1
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
apiVersion: v1
description: ONAP DCAE Cloudify Manager
name: dcae-cloudify-manager
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
global:
nodePortPrefix: 302
+ persistence: {}
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Config Binding Service
+name: dcae-config-binding-service
+version: 4.0.0
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-secret
+ name: {{ .Release.Name }}-cbs-filebeat-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-type: Opaque
data:
- db-root-password: {{ .Values.global.config.mariadb.mariadbRootPassword | b64enc | quote }}
- db-user-password: {{ .Values.global.config.mariadb.userPassword | b64enc | quote }}
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - consul-server
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/logs
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ volumes:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-cbs-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+# ============LICENSE_END=========================================================
apiVersion: v1
kind: Service
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
{{- end}}
- name: {{ .Values.service.portName | default "http" }}
selector:
app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+# ============LICENSE_END=========================================================
#################################################################
# Global configuration defaults.
#################################################################
global:
nodePortPrefix: 302
- repository: nexus3.onap.org:10001
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/vvp/test-engine:1.0.0
+image: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
# probe configuration parameters
liveness:
initialDelaySeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- enabled: true
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+ path: /healthcheck
service:
type: ClusterIP
- internalPort: 8282
+ name: config-binding-service
+ externalPort: 10000
+ internalPort: 10000
-ingress:
- enabled: false
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
apiVersion: v1
description: ONAP DCAE Health Check
name: dcae-healthcheck
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
periodSeconds: 10
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.1
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.3
# Resource Limit flavor -By Default using small
flavor: small
apiVersion: v1
description: ONAP DCAE Redis
name: dcae-redis
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Service Change Handler
+name: dcae-servicechange-handler
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Inventory API Service
+name: dcae-inventory-api
+version: 4.0.0
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
+ repository: '@local'
+ - name: postgres
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+{
+ "database": {
+ "driverClass": "org.postgresql.Driver",
+ "user": "{{ .Values.postgres.config.pgUserName }}",
+ "password": "{{ .Values.postgres.config.pgUserPassword }}",
+ "url": "jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}",
+ "properties": {
+ "charSet": "UTF-8"
+ },
+ "maxWaitForConnection": "1s",
+ "validationQuery": "/* MyService Health Check */ SELECT 1",
+ "minSize": 2,
+ "maxSize": 8,
+ "initialSize": 2,
+ "checkConnectionWhileIdle": false,
+ "evictionInterval": "10s",
+ "minIdleTime": "1 minute"
+ },
+ "databusControllerConnection": {
+ "host": "databus-controller-hostname",
+ "port": 8443,
+ "mechId": null,
+ "password": null,
+ "required": false
+ },
+ "httpClient": {
+ "minThreads": 1,
+ "maxThreads": 128,
+ "gzipEnabled": false,
+ "gzipEnabledForRequests": false,
+ "timeout": "5000milliseconds",
+ "connectionTimeout": "5000milliseconds"
+ }
+ }
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
-kind: Service
+kind: ConfigMap
metadata:
- name: {{ include "common.servicename" . }}
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.postgres.nameOverride }}
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ # Assumes that the Docker image is built with ENTRYPOINT set to
+ # ["java", "-jar", "/opt/inventory-api-x.y.z.jar", "server"]
+ # where "x.y.z" is the version number (matches the Docker image version number)
+ # The arg below adds a parameter, the path to a config file.
+ # This tells the inventory-api app to get its configuration from the file
+ # rather than querying Consul.
+ args:
+ - "/opt/config.json"
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-inv-config
+ mountPath: /opt/config.json
+ subPath: config.json
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-inv-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+# ============LICENSE_END=========================================================
apiVersion: v1
kind: Service
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- targetPort: {{ .Values.service.internalPort }}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
{{- end}}
- name: {{ .Values.service.portName | default "http" }}
selector:
app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
+
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /dcae-service-types
+
+service:
+ type: ClusterIP
+ name: inventory
+ externalPort: 8080
+ internalPort: 8080
+
+# application configuration override for postgres
+postgres:
+ nameOverride: dcae-inv-pg
+ service:
+ name: dcae-inv-postgres
+ name2: dcae-inv-pg-primary
+ name3: dcae-inv-pg-replica
+ container:
+ name:
+ primary: dcae-inv-pg-primary
+ replica: dcae-inv-pg-replica
+ config:
+ pgUserName: dcae_inv
+ pgDatabase: dcae_inventory
+ pgPrimaryPassword: onapdemodb
+ pgUserPassword: onapdemodb
+ pgRootPassword: onapdemodb
+ persistence:
+ mountSubPath: dcae-inv/data
+ mountInitPath: dcae-inv
+ pgpool:
+ nameOverride: dcae-inv-pgpool
+ service:
+ name: dcae-inv-pgpool
+ credentials:
+ pgusername: ddcae_inv
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dcae-inv-pgpool-primary
+ replica: dcae-inv-pgpool-replica
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+{
+ "asdcDistributionClient": {
+ "asdcAddress": "{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443",
+ "asdcUri": "https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443",
+ "msgBusAddress": "{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}",
+ "user": "{{ .Values.sdc.user }}",
+ "password": "{{ .Values.sdc.password }}",
+ "pollingInterval": 20,
+ "pollingTimeout": 20,
+ "consumerGroup": "dcae",
+ "consumerId": "dcae-sch",
+ "environmentName": "{{ .Values.sdc.environmentName }}",
+ "keyStorePath": null,
+ "keyStorePassword": null,
+ "activateServerTLSAuth": {{ .Values.sdc.useHttps }},
+ "useHttpsWithDmaap": {{ .Values.dmaap.useHttps }},
+ "isFilterInEmptyResources": false
+ },
+ "dcaeInventoryClient": {
+ "uri": "http://inventory:8080"
+ }
+}
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
-kind: Service
+kind: ConfigMap
metadata:
- name: {{ include "common.servicename" . }}
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - "dcae-inventory-api"
+ - --container-name
+ - "message-router"
+ - --container-name
+ - "sdc-dcae-be"
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["java"]
+ args:
+ - "-jar"
+ - "/opt/servicechange-handler.jar"
+ - "prod"
+ - "/opt/config.json"
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ exec:
+ command: [{{ .Values.liveness.script }}]
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ exec:
+ command: [{{ .Values.readiness.script }}]
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-sch-config
+ mountPath: /opt/config.json
+ subPath: config.json
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-sch-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ address:
+ # Addresses of ONAP components
+ message_router: message-router
+ sdc: sdc-be
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5
+
+pullPolicy: Always
+
+# configuration for accessing SDC
+sdc:
+ user: "dcae"
+ password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ environmentName: "AUTO"
+ useHttps: false
+
+# configuration for accessing DMaaP
+dmaap:
+ useHttps: false
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ script: /opt/health.sh
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ script: /opt/health.sh
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP DMaaP components
name: dmaap
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-prov) in Kubernetes
name: dmaap-bus-controller
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: postgres
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
csit: No
# name of this DMaaP instance (deprecated)
-DmaapName: demo
+#DmaapName: demo
#####################################################
#
#
#####################################################
# FQDN of DR Prov Server (deprecated)
-DR.provhost: dcae-drps.domain.not.set
+#DR.provhost: dcae-drps.domain.not.set
# URI to retrieve dynamic DR configuration
ProvisioningURI: /internal/prov
MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client
# MR topic ProjectID (used in certain topic name generation formats)
-MR.projectID: ONAP
+MR.projectID: mr
#####################################################
# Admin Password
aaf.AdminPassword: {{ .Values.adminPwd }}
+# Identity that is owner of any created namespaces for topics
+aaf.NsOwnerIdentity: {{ .Values.adminUser }}
+
# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
CredentialCodeKeyfile: etc/LocalKey
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ hostAliases:
+ - ip: "10.12.6.214"
+ hostnames:
+ - "aaf-onap-test.osaaf.org"
initContainers:
- command:
- /root/ready.py
# application images
repository: nexus3.onap.org:10001
-image: onap/dmaap/buscontroller:1.0.23
+image: onap/dmaap/buscontroller:1.0.26
# application configuration
dmaapMessageRouterService: message-router
-aafURL: https://aaf-authz/
+aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/
topicMgrUser: dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org
topicMgrPwd: demo123456!
adminUser: aaf_admin@people.osaaf.org
+++ /dev/null
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
+++ /dev/null
-# Example MySQL config file for medium systems.
-#
-# This is for a system with memory 8G where MySQL plays
-# an important part, or systems up to 128M where MySQL is used together with
-# other programs (such as a web server)
-#
-# In this file, you can use all long options that a program supports.
-# If you want to know which options a program supports, run the program
-# with the "--help" option.
-
-# The following options will be passed to all MySQL clients
-##[client]
-##user = root
-##port = 3306
-##socket = //opt/app/mysql/mysql.sock
-
-# Here follows entries for some specific programs
-
-# The MySQL server
-[mysqld]
-##performance_schema
-
-slow_query_log =ON
-long_query_time =2
-slow_query_log_file =//var/lib/mysql/slow_query.log
-
-skip-external-locking
-explicit_defaults_for_timestamp = true
-skip-symbolic-links
-local-infile = 0
-key_buffer_size = 16M
-max_allowed_packet = 4M
-table_open_cache = 100
-sort_buffer_size = 512K
-net_buffer_length = 8K
-read_buffer_size = 256K
-read_rnd_buffer_size = 512K
-myisam_sort_buffer_size = 8M
-max_connections = 300
-lower_case_table_names = 1
-thread_stack = 256K
-thread_cache_size = 25
-query_cache_size = 8M
-query_cache_type = 0
-query_prealloc_size = 512K
-query_cache_limit = 1M
-
-# Password validation
-##plugin-load-add=simple_password_check.so
-##simple_password_check_other_characters=0
-
-# Audit Log settings
-plugin-load-add=server_audit.so
-server_audit=FORCE_PLUS_PERMANENT
-server_audit_file_path=//var/lib/mysql/audit.log
-server_audit_file_rotate_size=50M
-server_audit_events=CONNECT,QUERY,TABLE
-server_audit_logging=on
-
-# Don't listen on a TCP/IP port at all. This can be a security enhancement,
-# if all processes that need to connect to mysqld run on the same host.
-# All interaction with mysqld must be made via Unix sockets or named pipes.
-# Note that using this option without enabling named pipes on Windows
-# (via the "enable-named-pipe" option) will render mysqld useless!
-#
-#skip-networking
-
-# Replication Master Server (default)
-# binary logging is required for replication
-##log-bin=//var/lib/mysql/mysql-bin
-
-# binary logging format - mixed recommended
-binlog_format=row
-
-# required unique id between 1 and 2^32 - 1
-# defaults to 1 if master-host is not set
-# but will not function as a master if omitted
-
-# Replication Slave (comment out master section to use this)
-#
-# To configure this host as a replication slave, you can choose between
-# two methods :
-#
-# 1) Use the CHANGE MASTER TO command (fully described in our manual) -
-# the syntax is:
-#
-# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,
-# MASTER_USER=<user>, MASTER_PASSWORD=<password> ;
-#
-# where you replace <host>, <user>, <password> by quoted strings and
-# <port> by the master's port number (3306 by default).
-#
-# Example:
-#
-# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306,
-# MASTER_USER='joe', MASTER_PASSWORD='secret';
-#
-# OR
-#
-# 2) Set the variables below. However, in case you choose this method, then
-# start replication for the first time (even unsuccessfully, for example
-# if you mistyped the password in master-password and the slave fails to
-# connect), the slave will create a master.info file, and any later
-# change in this file to the variables' values below will be ignored and
-# overridden by the content of the master.info file, unless you shutdown
-# the slave server, delete master.info and restart the slaver server.
-# For that reason, you may want to leave the lines below untouched
-# (commented) and instead use CHANGE MASTER TO (see above)
-#
-# required unique id between 2 and 2^32 - 1
-# (and different from the master)
-# defaults to 2 if master-host is set
-# but will not function as a slave if omitted
-#server-id = 2
-#
-# The replication master for this slave - required
-#master-host = <hostname>
-#
-# The username the slave will use for authentication when connecting
-# to the master - required
-#master-user = <username>
-#
-# The password the slave will authenticate with when connecting to
-# the master - required
-#master-password = <password>
-#
-# The port the master is listening on.
-# optional - defaults to 3306
-#master-port = <port>
-#
-# binary logging - not required for slaves, but recommended
-#log-bin=mysql-bin
-
-# Uncomment the following if you are using InnoDB tables
-##innodb_data_home_dir = //opt/app/mysql/data
-##innodb_data_file_path = ibdata1:20M:autoextend:max:32G
-##innodb_log_group_home_dir = //opt/app/mysql/iblogs
-# You can set .._buffer_pool_size up to 50 - 80 %
-# of RAM but beware of setting memory usage too high
-#innodb_buffer_pool_size = 6380M
-#innodb_additional_mem_pool_size = 2M
-# Set .._log_file_size to 25 % of buffer pool size
-innodb_log_file_size = 150M
-innodb_log_files_in_group = 3
-innodb_log_buffer_size = 8M
-#innodb_flush_log_at_trx_commit = 1
-innodb_lock_wait_timeout = 50
-innodb_autoextend_increment = 100
-expire_logs_days = 8
-open_files_limit = 2000
-transaction-isolation=READ-COMMITTED
-####### Galera parameters #######
-## Galera Provider configuration
-wsrep_provider=/usr/lib/galera/libgalera_smm.so
-wsrep_provider_options="gcache.size=1G; gcache.page_size=1G"
-## Galera Cluster configuration
-wsrep_cluster_name="MSO-automated-tests-cluster"
-wsrep_cluster_address="gcomm://"
-#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3"
-##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186"
-## Galera Synchronization configuration
-wsrep_sst_method=rsync
-#wsrep_sst_method=xtrabackup-v2
-#wsrep_sst_auth="sstuser:Mon#2o!6"
-## Galera Node configuration
-wsrep_node_name="mariadb1"
-##wsrep_node_address="192.169.3.184"
-wsrep_on=ON
-## Status notification
-#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify
-#######
-
-
-[mysqldump]
-quick
-max_allowed_packet = 16M
-
-[mysql]
-no-auto-rehash
-# Remove the next comment character if you are not familiar with SQL
-#safe-updates
-
-[myisamchk]
-key_buffer_size = 20971520
-
-##[mysqlhotcopy]
-##interactive-timeout
-##[mysqld_safe]
-##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1
-##log-error=//opt/app/mysql/log/mysqld.log
-
-general_log_file = /var/log/mysql/mysql.log
-general_log = 1
+++ /dev/null
-USE `datarouter`;
-
-CREATE TABLE FEEDS (
- FEEDID INT UNSIGNED NOT NULL PRIMARY KEY,
- GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0,
- NAME VARCHAR(255) NOT NULL,
- VERSION VARCHAR(20) NOT NULL,
- DESCRIPTION VARCHAR(1000),
- BUSINESS_DESCRIPTION VARCHAR(1000) DEFAULT NULL,
- AUTH_CLASS VARCHAR(32) NOT NULL,
- PUBLISHER VARCHAR(8) NOT NULL,
- SELF_LINK VARCHAR(256),
- PUBLISH_LINK VARCHAR(256),
- SUBSCRIBE_LINK VARCHAR(256),
- LOG_LINK VARCHAR(256),
- DELETED BOOLEAN DEFAULT FALSE,
- LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
- SUSPENDED BOOLEAN DEFAULT FALSE,
- CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-);
-
-CREATE TABLE FEED_ENDPOINT_IDS (
- FEEDID INT UNSIGNED NOT NULL,
- USERID VARCHAR(20) NOT NULL,
- PASSWORD VARCHAR(32) NOT NULL
-);
-
-CREATE TABLE FEED_ENDPOINT_ADDRS (
- FEEDID INT UNSIGNED NOT NULL,
- ADDR VARCHAR(44) NOT NULL
-);
-
-CREATE TABLE SUBSCRIPTIONS (
- SUBID INT UNSIGNED NOT NULL PRIMARY KEY,
- FEEDID INT UNSIGNED NOT NULL,
- GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0,
- DELIVERY_URL VARCHAR(256),
- DELIVERY_USER VARCHAR(20),
- DELIVERY_PASSWORD VARCHAR(32),
- DELIVERY_USE100 BOOLEAN DEFAULT FALSE,
- METADATA_ONLY BOOLEAN DEFAULT FALSE,
- SUBSCRIBER VARCHAR(8) NOT NULL,
- SELF_LINK VARCHAR(256),
- LOG_LINK VARCHAR(256),
- LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
- SUSPENDED BOOLEAN DEFAULT FALSE,
- CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-
-);
-
-CREATE TABLE PARAMETERS (
- KEYNAME VARCHAR(32) NOT NULL PRIMARY KEY,
- VALUE VARCHAR(4096) NOT NULL
-);
-
-CREATE TABLE LOG_RECORDS (
- TYPE ENUM('pub', 'del', 'exp', 'pbf', 'dlx') NOT NULL,
- EVENT_TIME BIGINT NOT NULL, /* time of the publish request */
- PUBLISH_ID VARCHAR(64) NOT NULL, /* unique ID assigned to this publish attempt */
- FEEDID INT UNSIGNED NOT NULL, /* pointer to feed in FEEDS */
- REQURI VARCHAR(256) NOT NULL, /* request URI */
- METHOD ENUM('DELETE', 'GET', 'HEAD', 'OPTIONS', 'PUT', 'POST', 'TRACE') NOT NULL, /* HTTP method */
- CONTENT_TYPE VARCHAR(256) NOT NULL, /* content type of published file */
- CONTENT_LENGTH BIGINT NOT NULL, /* content length of published file */
-
- FEED_FILEID VARCHAR(256), /* file ID of published file */
- REMOTE_ADDR VARCHAR(40), /* IP address of publishing endpoint */
- USER VARCHAR(50), /* user name of publishing endpoint */
- STATUS SMALLINT, /* status code returned to delivering agent */
-
- DELIVERY_SUBID INT UNSIGNED, /* pointer to subscription in SUBSCRIPTIONS */
- DELIVERY_FILEID VARCHAR(256), /* file ID of file being delivered */
- RESULT SMALLINT, /* result received from subscribing agent */
-
- ATTEMPTS INT, /* deliveries attempted */
- REASON ENUM('notRetryable', 'retriesExhausted', 'diskFull', 'other'),
-
- RECORD_ID BIGINT UNSIGNED NOT NULL PRIMARY KEY, /* unique ID for this record */
- CONTENT_LENGTH_2 BIGINT,
-
- INDEX (FEEDID) USING BTREE,
- INDEX (DELIVERY_SUBID) USING BTREE,
- INDEX (RECORD_ID) USING BTREE
-) ENGINE = MyISAM;
-
-CREATE TABLE INGRESS_ROUTES (
- SEQUENCE INT UNSIGNED NOT NULL,
- FEEDID INT UNSIGNED NOT NULL,
- USERID VARCHAR(20),
- SUBNET VARCHAR(44),
- NODESET INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE EGRESS_ROUTES (
- SUBID INT UNSIGNED NOT NULL PRIMARY KEY,
- NODEID INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE NETWORK_ROUTES (
- FROMNODE INT UNSIGNED NOT NULL,
- TONODE INT UNSIGNED NOT NULL,
- VIANODE INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE NODESETS (
- SETID INT UNSIGNED NOT NULL,
- NODEID INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE NODES (
- NODEID INT UNSIGNED NOT NULL PRIMARY KEY,
- NAME VARCHAR(255) NOT NULL,
- ACTIVE BOOLEAN DEFAULT TRUE
-);
-
-CREATE TABLE GROUPS (
- GROUPID INT UNSIGNED NOT NULL PRIMARY KEY,
- AUTHID VARCHAR(100) NOT NULL,
- NAME VARCHAR(50) NOT NULL,
- DESCRIPTION VARCHAR(255),
- CLASSIFICATION VARCHAR(20) NOT NULL,
- MEMBERS TINYTEXT,
- LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-);
-
-INSERT INTO PARAMETERS VALUES
- ('ACTIVE_POD', '{{.Values.global.config.dmaapDrProv.name}}'),
- ('PROV_ACTIVE_NAME', '{{.Values.global.config.dmaapDrProv.name}}'),
- ('STANDBY_POD', ''),
- ('PROV_NAME', '{{.Values.global.config.dmaapDrProv.name}}'),
- ('NODES', '{{.Values.global.config.dmaapDrNode.name}}'),
- ('PROV_DOMAIN', '{{ include "common.namespace" . }}'),
- ('DELIVERY_INIT_RETRY_INTERVAL', '10'),
- ('DELIVERY_MAX_AGE', '86400'),
- ('DELIVERY_MAX_RETRY_INTERVAL', '3600'),
- ('DELIVERY_RETRY_RATIO', '2'),
- ('LOGROLL_INTERVAL', '300'),
- ('PROV_AUTH_ADDRESSES', '{{.Values.global.config.dmaapDrProv.name}}|{{.Values.global.config.dmaapDrNode.name}}'),
- ('PROV_AUTH_SUBJECTS', ''),
- ('PROV_MAXFEED_COUNT', '10000'),
- ('PROV_MAXSUB_COUNT', '100000'),
- ('PROV_REQUIRE_CERT', 'false'),
- ('PROV_REQUIRE_SECURE', 'false'),
- ('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE');
+++ /dev/null
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.global.config.mariadb.servicetype }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.global.config.mariadb.servicetype }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{.Values.global.config.mariadb.externalPort}}
-{{- else if contains "ClusterIP" .Values.global.config.mariadb.servicetype }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{.Values.global.config.mariadb.internalPort}}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-mdb-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-mdb-initd-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql").AsConfig . | indent 2 }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{.Values.global.config.mariadb.name}}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{.Values.global.config.mariadb.servicetype}}
- ports:
- {{if eq .Values.global.config.mariadb.servicetype "NodePort" -}}
- - port: {{.Values.global.config.mariadb.internalPort}}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
- {{- else -}}
- - port: {{.Values.global.config.mariadb.externalPort}}
- targetPort: {{.Values.global.config.mariadb.internalPort}}
- {{- end}}
- name: {{.Values.global.config.mariadb.name}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
\ No newline at end of file
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-global: # global defaults
- persistence: {}
-
-# application image
-repository: nexus3.onap.org:10001
-image: mariadb:10.2.14
-pullPolicy: Always
-
-# application configuration - see parent values chart
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 30
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteMany
- size: 1Gi
- mountPath: /dockerdata-nfs
- mountSubPath: dmaap/dr-db/data
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
- memory: 1Gi
- large:
- limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
- memory: 2Gi
- unlimited: {}
#!/bin/sh
dr_prov_url="{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.internalPort2}}"
-ct_header="Content-Type:application/vnd.att-dr.feed"
-obo_header="X-ATT-DR-ON-BEHALF-OF:dradmin"
+ct_header="Content-Type:application/vnd.dmaap-dr.feed"
+obo_header="X-DMAAP-DR-ON-BEHALF-OF:dradmin"
feed_payload=/opt/app/datartr/etc/dedicatedFeed.json
sleep 20
{{- else }}
emptyDir: {}
{{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:1.0.3
+image: onap/dmaap/datarouter-node:2.0.0
pullPolicy: Always
# flag to enable debugging - application support required
# Database access
org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver
-org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.global.config.mariadb.name}}:{{.Values.global.config.mariadb.externalPort}}/datarouter
+org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.global.config.dmaapDrDb.mariadbServiceName}}:{{.Values.global.config.dmaapDrDb.mariadbServicePort}}/datarouter
org.onap.dmaap.datarouter.db.login = datarouter
org.onap.dmaap.datarouter.db.password = datarouter
- /root/ready.py
args:
- --container-name
- - {{.Values.global.config.mariadb.name}}
+ - {{.Values.global.config.dmaapDrDb.mariadbContName}}
env:
- name: NAMESPACE
valueFrom:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:1.0.3
+image: onap/dmaap/datarouter-prov:2.0.0
pullPolicy: Always
# flag to enable debugging - application support required
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
+ repository: '@local'
+ - name: mariadb-galera
+ alias: mariadb
+ version: ~4.x-0
repository: '@local'
# DMaap Data Router Global config defaults.
#################################################################
global:
- persistence: {}
env:
name: AUTO
ubuntuInitRepository: oomk8s
ubuntuInitImage: ubuntu-init:1.0.0
config:
-# dr db configuration
- mariadb:
- servicetype: ClusterIP
- name: dmaap-dr-db
- portName: dr-db-port
- internalPort: 3306
- externalPort: 3306
- mariadbRootPassword: datarouter
- userName: datarouter
- userPassword: datarouter
- mysqlDatabase: datarouter
# dr provisioning server configuration
dmaapDrProv:
servicetype: NodePort
servicetype: ClusterIP
name: dmaap-dr-node
externalPort: 8080
- internalPort: 8080
externalPort2: 8443
+ internalPort: 8080
internalPort2: 8443
portName: dr-node-port
portName2: dr-node-port2
+# dr-prov db configuration
+ dmaapDrDb:
+ mariadbServiceName: dmaap-dr-db-svc
+ mariadbServicePort: 3306
+ mariadbContName: dmaap-dr-db
+
+# mariadb-galera configuration
+mariadb:
+ name: dmaap-dr-db
+ nameOverride: dmaap-dr-db
+ replicaCount: 2
+ config:
+ mariadbRootPassword: datarouter
+ userName: datarouter
+ userPassword: datarouter
+ mysqlDatabase: datarouter
+ service:
+ name: dmaap-dr-db-svc
+ portName: dmaap-dr-db-svc
+ nfsprovisionerPrefix: dmaap-dr-db
+ persistence:
+ size: 1Gi
+ mountSubPath: data-router/dr-db-data
+ disableNfsProvisioner: true
\ No newline at end of file
apiVersion: v1
description: ONAP Message Router
name: message-router
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Message Router Kafka Service
name: message-router-kafka
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Dmaap Message Router Zookeeper Service
name: message-router-zookeeper
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/zookeeper:1.0.0
+image: onap/dmaap/zookeeper:2.0.0
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP External System Register
name: esr
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP External System Register GUI
name: esr-gui
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP External System Register GUI
name: esr-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: <Short application description - this is visible via 'helm search'>
name: <onap-app>
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: ONAP Logging ElasticStack
name: log
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Logging Elasticsearch
name: log-elasticsearch
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Logging Kibana
name: log-kibana
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Logging Logstash
name: log-logstash
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus
name: msb
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP MicroServices Bus Kube2MSB Registrator
name: kube2msb
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus Consul
name: msb-consul
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus Discovery
name: msb-discovery
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus Internal API Gateway
name: msb-eag
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus Internal API Gateway
name: msb-iag
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP multicloud broker
name: multicloud
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud Azure plugin
name: multicloud-azure
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud OpenStack Ocata Plugin
name: multicloud-ocata
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud OpenStack Pike Plugin
name: multicloud-pike
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Multicloud Prometheus
name: multicloud-prometheus
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Multicloud Prometheus Alert Manager
name: prometheus-alertmanager
-version: 3.0.0
+version: 4.0.0
#Service configuration for this chart
service:
- type: NodePort
+ type: ClusterIP
name: multicloud-prometheus-alertmanager
portName: prometheus-alertmanager
internalPort: 9093
- nodePort: 62
+ externalPort: 9093
meshpeer:
enabled: false
apiVersion: v1
description: ONAP Multicloud Grafana for Prometheus
name: prometheus-grafana
-version: 3.0.0
+version: 4.0.0
#Service configuration for this chart
service:
- type: NodePort
+ type: ClusterIP
name: multicloud-prometheus-grafana
portName: prometheus-grafana
internalPort: 3000
- nodePort: 63
+ externalPort: 3000
#Grafana Datasources
datasources:
# limitations under the License.
*/}}
+{{- if .Values.global.prometheus.enabled -}}
+
apiVersion: v1
kind: ConfigMap
metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+
+{{- end -}}
\ No newline at end of file
# limitations under the License.
*/}}
+{{- if .Values.global.prometheus.enabled -}}
+
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
restartPolicy: Always
+
+{{- end -}}
\ No newline at end of file
# limitations under the License.
*/}}
+{{- if .Values.global.prometheus.enabled -}}
+
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolume
apiVersion: v1
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
+
{{- end -}}
\ No newline at end of file
# limitations under the License.
*/}}
+{{- if .Values.global.prometheus.enabled -}}
+
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolumeClaim
apiVersion: v1
{{- end }}
{{- end }}
{{- end -}}
+
+{{- end -}}
\ No newline at end of file
# limitations under the License.
*/}}
+{{- if .Values.global.prometheus.enabled -}}
+
apiVersion: v1
kind: Service
metadata:
protocol: TCP
selector:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
\ No newline at end of file
+ release: {{ .Release.Name }}
+
+{{- end -}}
\ No newline at end of file
busyboxRepository: registry.hub.docker.com
busyboxImage: library/busybox:latest
alertmanager:
- enabled: true
+ enabled: false
grafana:
- enabled: true
+ enabled: false
configmapReload:
image:
repository: jimmidyson/configmap-reload
#Service configuration for this chart
service:
- type: NodePort
+ type: ClusterIP
name: multicloud-prometheus
portName: multicloud-prometheus
internalPort: 9090
- nodePort: 45
+ externalPort: 9090
# probe configuration parameters
liveness:
apiVersion: v1
description: ONAP multicloud VIO plugin
name: multicloud-vio
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud OpenStack WindRiver Plugin
name: multicloud-windriver
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
nodePortPrefix: 302
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ prometheus:
+ enabled: false
#################################################################
# Application configuration defaults.
apiVersion: v1
description: ONAP Northbound Interface
name: nbi
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP NBI MariaDB Service
name: mariadb
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: mongo
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
name: onap
-version: 3.0.0
-appVersion: Casablanca
+version: 4.0.0
+appVersion: Dublin
description: Open Network Automation Platform (ONAP)
home: https://www.onap.org/
sources:
- https://gerrit.onap.org/r/#/admin/projects/
-icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2
-tillerVersion: "~2.9.1"
+icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2
\ No newline at end of file
# > helm repo add local http://127.0.0.1:8879
dependencies:
- name: aaf
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: aaf.enabled
- name: aai
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: aai.enabled
- name: appc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: appc.enabled
- name: clamp
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: clamp.enabled
- name: cli
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: cli.enabled
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: consul
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: consul.enabled
- name: contrib
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: contrib.enabled
- name: dcaegen2
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: dcaegen2.enabled
- name: dmaap
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: dmaap.enabled
- name: esr
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: esr.enabled
- name: log
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: log.enabled
- name: sniro-emulator
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: sniro-emulator.enabled
- name: msb
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: msb.enabled
- name: multicloud
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: multicloud.enabled
- name: nbi
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: nbi.enabled
- name: pnda
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: pnda.enabled
- name: policy
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: policy.enabled
- name: pomba
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: pomba.enabled
- name: portal
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: portal.enabled
- name: oof
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: oof.enabled
- name: robot
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: robot.enabled
- name: sdc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: sdc.enabled
- name: sdnc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: sdnc.enabled
- name: so
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: so.enabled
- name: uui
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: uui.enabled
- name: vfc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: vfc.enabled
- name: vid
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: vid.enabled
- name: vnfsdk
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: vnfsdk.enabled
- - name: vvp
- version: ~3.0.0
- repository: '@local'
- condition: vvp.enabled
enabled: false
vnfsdk:
enabled: false
-vvp:
- enabled: false
vfc:
enabled: false
vnfsdk:
- enabled: false
-vvp:
- enabled: false
+ enabled: false
\ No newline at end of file
enabled: true
vnfsdk:
enabled: true
-vvp:
- enabled: false
apiVersion: v1
description: ONAP Optimization Framework
name: oof
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Chart for Change Management Service Orchestrator (CMSO)
name: oof-cmso
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Chart for Change Management Service Orchestrator (CMSO) Service
name: oof-cmso-service
-version: 3.0.0
+version: 4.0.0
name: {{ include "common.name" . }}-readiness
- name: db-init
image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}"
- imagePullPolicy: Always
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
value: {{ .Values.config.db_host }}.{{.Release.Namespace}}
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: mariadb-galera
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Homing and Allocation Service
name: oof-has
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Servicei - API
name: oof-has-api
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Sservice - Controller
name: oof-has-controller
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Service - Data Component
name: oof-has-data
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Sevice - Reservation Component
name: oof-has-reservation
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Service - Solver Component
name: oof-has-solver
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: music
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
fieldPath: metadata.namespace
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-healthcheck
command:
- "/bin/sh"
path: healthcheck.json
restartPolicy: OnFailure
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
name: {{ include "common.name" . }}-music-db-readiness
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-onboard
command:
- "/bin/sh"
path: onboard.json
restartPolicy: OnFailure
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP DCAE PNDA
name: pnda
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP DCAE PNDA Bootstrap
name: dcae-pnda-bootstrap
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP DCAE PNDA Mirror
name: dcae-pnda-mirror
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Policy Administration Point
name: policy
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Policy BRMS GW
name: brmsgw
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.3.4
+image: onap/policy-pe:1.4-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Drools Policy Engine
name: drools
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Policy Nexus
name: nexus
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
# Telemetry credentials
-ENGINE_MANAGEMENT_PORT=9696
-ENGINE_MANAGEMENT_HOST=0.0.0.0
-ENGINE_MANAGEMENT_USER=demo@people.osaaf.org
-ENGINE_MANAGEMENT_PASSWORD=demo123456!
+TELEMETRY_PORT=9696
+TELEMETRY_HOST=0.0.0.0
+TELEMETRY_USER=demo@people.osaaf.org
+TELEMETRY_PASSWORD=demo123456!
# nexus repository
-snapshotRepositoryID=policy-nexus-snapshots
-snapshotRepositoryUrl=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/
-releaseRepositoryID=policy-nexus-releases
-releaseRepositoryUrl=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/
-repositoryUsername=admin
-repositoryPassword=admin123
+SNAPSHOT_REPOSITORY_ID=policy-nexus-snapshots
+SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/
+RELEASE_REPOSITORY_ID=policy-nexus-releases
+RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/
+REPOSITORY_USERNAME=admin
+REPOSITORY_PASSWORD=admin123
# Relational (SQL) DB access
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.loggingImage }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: filebeat-onap
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-drools:1.3.4
+image: onap/policy-drools:1.4-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Policy MariaDB Service
name: mariadb
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Policy PDP
name: pdp
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.3.4
+image: onap/policy-pe:1.4-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Policy APEX PDP
name: policy-apex-pdp
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
{
- "engineServiceParameters": {
- "name": "PolicyApexPDPEngine",
- "version": "0.0.1",
- "id": 45,
- "instanceCount": 4,
- "deploymentPort": 12345,
- "engineParameters": {
- "executorParameters": {
- "JAVASCRIPT": {
- "parameterClassName": "org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters"
- }
- },
- "contextParameters": {
- "parameterClassName": "org.onap.policy.apex.context.parameters.ContextParameters",
- "schemaParameters": {
- "Avro": {
- "parameterClassName": "org.onap.policy.apex.plugins.context.schema.avro.AvroSchemaHelperParameters"
- }
- }
- }
- }
- },
- "eventInputParameters": {
- "ApexConsumer": {
- "carrierTechnologyParameters" : {
- "carrierTechnology" : "RESTSERVER",
- "parameterClassName" :
- "org.onap.policy.apex.plugins.event.carrier.restserver.RestServerCarrierTechnologyParameters",
- "parameters" : {
- "standalone" : true,
- "host" : "localhost",
- "port" : 12346
- }
- },
- "eventProtocolParameters":{
- "eventProtocol" : "JSON"
- },
- "synchronousMode" : true,
- "synchronousPeer" : "ApexProducer",
- "synchronousTimeout" : 500
- }
- },
- "eventOutputParameters": {
- "ApexProducer": {
- "carrierTechnologyParameters":{
- "carrierTechnology" : "RESTSERVER",
- "parameterClassName" :
- "org.onap.policy.apex.plugins.event.carrier.restserver.RestServerCarrierTechnologyParameters"
- },
- "eventProtocolParameters":{
- "eventProtocol" : "JSON"
- },
- "synchronousMode" : true,
- "synchronousPeer" : "ApexConsumer",
- "synchronousTimeout" : 500
- }
+ "javaProperties" : [
+ ["javax.net.ssl.trustStore", "/opt/app/policy/apex-pdp/etc/ssl/policy-truststore"],
+ ["javax.net.ssl.trustStorePassword", "UG9sMWN5XzBuYXA="]
+ ],
+ "engineServiceParameters": {
+ "name": "MyApexEngine",
+ "version": "0.0.1",
+ "id": 45,
+ "instanceCount": 4,
+ "deploymentPort": 12345,
+ "policyModelFileName": "examples/models/SampleDomain/SamplePolicyModelJAVASCRIPT.json",
+ "engineParameters": {
+ "executorParameters": {
+ "JAVASCRIPT": {
+ "parameterClassName": "org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters"
}
+ }
+ }
+ },
+ "eventOutputParameters": {
+ "FirstProducer": {
+ "carrierTechnologyParameters": {
+ "carrierTechnology": "FILE",
+ "parameters": {
+ "standardIo": true
+ }
+ },
+ "eventProtocolParameters": {
+ "eventProtocol": "JSON"
+ }
+ }
+ },
+ "eventInputParameters": {
+ "FirstConsumer": {
+ "carrierTechnologyParameters": {
+ "carrierTechnology": "FILE",
+ "parameters": {
+ "standardIo": true
+ }
+ },
+ "eventProtocolParameters": {
+ "eventProtocol": "JSON"
+ }
+ }
+ }
}
-
-
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-apex-pdp:2.0.3
+image: onap/policy-apex-pdp:2.1-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Policy Common
name: policy-common
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Policy Distribution
name: policy-distribution
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
"host":"0.0.0.0",
"port":6969,
"userName":"healthcheck",
- "password":"zb!XztG34"
+ "password":"zb!XztG34",
+ "https":true
},
"receptionHandlerParameters":{
"SDCReceptionHandler":{
"xacmlPdpConfiguration":{
"parameterClassName":"org.onap.policy.distribution.forwarding.xacml.pdp.XacmlPdpPolicyForwarderParameterGroup",
"parameters":{
- "useHttps": false,
+ "useHttps": true,
"hostname": "pdp",
"port": 8081,
"userName": "testpdp",
"password": "alpha123",
"clientAuth": "cHl0aG9uOnRlc3Q=",
"isManaged": true,
- "pdpGroup": "pdpGroup"
+ "pdpGroup": "default"
}
},
"apexForwarderConfiguration":{
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-distribution:2.0.3
+image: onap/policy-distribution:2.1.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
# Copyright © 2017 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2018 AT&T. All rights reserved.
+# Modifications Copyright © 2018-2019 AT&T. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
sleep 2
-wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl?h=casablanca
+wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl
sleep 2
exec:
command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
- image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.global.loggingImage | default .Values.loggingImage }}"
- imagePullPolicy: {{ .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: filebeat-onap
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.3.4
+image: onap/policy-pe:1.4-SNAPSHOT-latest
pullPolicy: Always
subChartsOnly:
requests:
cpu: 20m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: ONAP Post Orchestration Model Based Audit
name: pomba
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP POMBA AAI Context Builder
name: pomba-aaictxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
http.userId={{ .Values.config.httpUserId }}
http.password={{ .Values.config.httpPassword }}
-aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
+aai.searchNodeQuery=/aai/v13/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
#Servlet context parameters
server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
-<configuration scan="true" scanPeriod="10 seconds" debug="false">
- <jmxConfigurator />
- <property name="logDirectory" value="/var/log/onap/pomba-aaictxbuilder" />
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level>
- <onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter -->
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
-
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <file>${logDirectory}/error.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/error.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/debug.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>5</maxHistory>
- </rollingPolicy>
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/audit.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/audit.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="AUDIT" />
- </appender>
-
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/metric.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
- %msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/metric.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="METRIC" />
- </appender>
-
- <!-- SECURITY related loggers -->
- <appender name="SECURITY"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/security.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/security.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="SECURITY" />
- </appender>
-
- <!-- CLDS related loggers -->
- <logger name="org.onap.pomba.clds" level="INFO" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
-
- <!-- CLDS related loggers -->
- <logger name="com.att.eelf.error" level="OFF" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
- <!-- EELF related loggers -->
- <logger name="com.att.eelf.audit" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.security" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFSecurity" />
- </logger>
-
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="DEBUG" />
- <logger name="org.apache.camel.component.restlet" level="DEBUG" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="INFO" />
- <logger name="ch.qos.logback.core" level="INFO" />
-
- <!-- logback jms appenders & loggers definition starts here -->
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Audit.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Audit.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Perform.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Perform.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="perfLogs" />
- </logger>
- <!-- logback jms appenders & loggers definition ends here -->
-
- <root level="WARN">
- <appender-ref ref="DEBUG" />
- <appender-ref ref="STDOUT" />
- </root>
-
+<configuration >
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
</configuration>
name: localtime
readOnly: true
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
+ readOnly: false
- mountPath: /opt/app/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
- mountPath: /opt/app/config/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
+
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
volumes:
- name: localtime
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
-
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/pomba-aai-context-builder:1.3.2
+image: onap/pomba-aai-context-builder:1.4.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA Context Aggregator
name: pomba-contextaggregator
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
transport.consume.timeout=15000
transport.consume.batchsize=8
transport.consume.type=HTTPAUTH
+transport.message-router.apiKey=apiKeyTemp123
+transport.message-router.apiSecret=apiSecretTemp123
+transport.message-router.requiredPombaTopics=POA-AUDIT-INIT,POA-AUDIT-RESULT,POA-RULE-VALIDATION
transport.publish.host=message-router
transport.publish.port=3904
security.protocol=TLS
connection.timeout.ms=60000
read.timeout.ms=60000
-base.uri=/aaicontextbuilder/service/context
+base.uri=/aaicontextbuilder/v2/service/context
--- /dev/null
+<configuration >
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
+</configuration>
name: {{ include "common.fullname" . }}-pre-start-configmap
namespace: {{ include "common.namespace" . }}
data:
-{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
\ No newline at end of file
+{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
\ No newline at end of file
name: {{ include "common.fullname" . }}-pre-start
subPath: pre_start.sh
readOnly: false
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+ readOnly: false
+ - mountPath: /opt/app/config/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
+
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
configMap:
name: {{ include "common.fullname" . }}-pre-start-configmap
defaultMode: 0777
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Application configuration defaults.
#################################################################
# application image
-image: onap/pomba-context-aggregator:1.3.4
+image: onap/pomba-context-aggregator:1.4.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
enabled: false
apiVersion: v1
description: ONAP POMBA Data-Router
name: pomba-data-router
-version: 3.0.0
+version: 4.0.0
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 30
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 30
service:
name: pomba-data-router
apiVersion: v1
description: ONAP POMBA Elasticsearch
name: pomba-elasticsearch
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
xpack.watcher.enabled: false
#Set to false to disable Watcher.
+
apiVersion: v1
description: ONAP POMBA Kibana
name: pomba-kibana
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIID/TCCAuWgAwIBAgIJALVJyrUvH8uGMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
+VQQGEwJBVTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEd
+MBsGA1UECgwURXhhbXBsZSBPcmdhbml6YXRpb24xGzAZBgNVBAMMEmtpYmFuYS5l
+eGFtcGxlLm9yZzEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLm9yZzAe
+Fw0xNjA5MTgwMzU4NTNaFw0yNjA5MTYwMzU4NTNaMIGUMQswCQYDVQQGEwJBVTER
+MA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEdMBsGA1UECgwU
+RXhhbXBsZSBPcmdhbml6YXRpb24xGzAZBgNVBAMMEmtpYmFuYS5leGFtcGxlLm9y
+ZzEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLm9yZzCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAK3AKz7Jq8CGR75NcbuUKiLTJhSS0/TBGA9M
+k+OmradT5qWhFKbxUDoMwT4YpUTzkUGUzkGEVbUsrKK4XaYXldRoHOm8mS0aBErk
+g2ffmpi+TiGk5LHykZ0avmYeEsqVESAjVEMuU3fWJzZd4NfUcTKsBA7Ccqfnb3CB
+TS5fbAz/zw1K//XR5ZNCEBOsFD+0oFGKTNLCeMBCwccFNyVI2mNZpDA++HilNiQj
+TEJytBXGcMVZaS+Tc0vENfVWHAAtVdk8+dd6jkpNnDhK1W1TB7HvhScewyEGh9yb
+cK5asE8TBebEvUIrPaVFz+ef/o3lRev0Gq1QUYAoaG7ps9JlDcsCAwEAAaNQME4w
+HQYDVR0OBBYEFIKSLrYMY9fXpCS7OGnyxhS7JzRrMB8GA1UdIwQYMBaAFIKSLrYM
+Y9fXpCS7OGnyxhS7JzRrMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
+ABiu7+GH8WGNPqPUUHP17HHYK41xAyYoKSzCrELKmFLphYhnUQA6EeBY8rjYr3X0
+Z2O0F9J6Cik/kG/uBYW0Oi8PQ0EeSZwzvd+CsAc2EJAryOBpafWRXa2XrOtFkKjq
+jKWHSa0QJsBALiu8+JVfcwXYshbhmdVBxrktxMoY9WpGI7EcZkf77SW5enY4LtSF
+wuRr2lv29YADsa/Q7JV2I4oAbWUjW3513mR5JsefHPk7hXZbRCXqUxFTmWpnDomF
+HDeEDAdSgMgzODnbU/qHI9tmP6iDaCTz/eVfyCMKGYA0oIX1j5GdJ6HXK1OHafJK
+W/M9gDRhQKU0bTXC2CoEOAs=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCtwCs+yavAhke+
+TXG7lCoi0yYUktP0wRgPTJPjpq2nU+aloRSm8VA6DME+GKVE85FBlM5BhFW1LKyi
+uF2mF5XUaBzpvJktGgRK5INn35qYvk4hpOSx8pGdGr5mHhLKlREgI1RDLlN31ic2
+XeDX1HEyrAQOwnKn529wgU0uX2wM/88NSv/10eWTQhATrBQ/tKBRikzSwnjAQsHH
+BTclSNpjWaQwPvh4pTYkI0xCcrQVxnDFWWkvk3NLxDX1VhwALVXZPPnXeo5KTZw4
+StVtUwex74UnHsMhBofcm3CuWrBPEwXmxL1CKz2lRc/nn/6N5UXr9BqtUFGAKGhu
+6bPSZQ3LAgMBAAECggEAKE5S+d7ItAGydOf8QTpux+NZix5Agx+kGDB4gi/xSsbA
+051ZcBy8sqqwzVnkROmHwcHmUvaC92NkrN6+AsCn5j08r9ArbHYDlugJv7f0YgiL
+kWxyDQGrW9mPX5sMWuhXr6/iZS9C96K7N/ZxKUBD/jA/RLlA5chfZqboI6DJLP5s
+u03ZW4toaGItLZtPxF07eElE4MGG/TbkoBZ5t79Y98TJP2oO95IpPQa8omqQcDEM
+w0DsbV/dJV9AtyZBfmIRNaG5beiIUH26OQzUJP7FP2eIN4F/CAXLdlMnHtQA1XJz
+QRwMxbfBQ+JfKD7YWedqivrjR0iPMx80M4HSU9DFaQKBgQDa+7F7zDRy4WU0GtfP
+g+ArDUMjQv5pTXA0b2hKjHJRXM3LVo5qNJYWlirHtPjkVL4BJSY+iVl9/lfV2Xrf
+gDXQLcUhABx5HNzZ5p+NyDHWrpZamFkfw9wLwQHXZGG8I+dla/iToHRWEH2QYxdz
+VvfntpyE7XbxzhPPiS5haHGerwKBgQDLHxPn/jm2dSHa6jAidJXFJCMblcDuwIBy
+7Cm7vnRro9Mbx/hZkRPXYWHQ/4WEVlWO9Sgkf4ambPSmdFg8ksQwBBd+l3K5K4Un
+2AIL/PqgZg+anoEYYn1sqiWSc+YiO2GiRaHh5wOWtekEBBH9HcYkmKIXm3JHVdSw
+SpQsryxppQKBgDi7qqDLJ+93a7PTHIRbwzEEL5esHKOFd4NuNZPSzS89HugGVcE4
+PIY/g3fX7/+f4NYFHOJozTGyOmlh/c53tfloUkEZeUb7blBZyo5+BkN7WeLAw55S
+LOkyqNp33EZU+vcwwObmVB2UCiPlOEceif2TNvvNVdqRrFpBTS3ZVE5rAoGAJivk
+9cgU2HESt60i9paqPq4X2us9oqCSgwZWoW2dO01CMwpVZZ+Z9vPaCgi68q+2zHLN
+5G4Cw+vd3honKtr5+3wJXkTfzmSbVW2GlPIpt1L2w7vdztNTdsRS4z7clLpMEs67
+KVTcm8n7zEFnkAW0YtQ8Qet4gmdi3O5nAi65TfECgYEA0Pw2X4R37IrYM7tFDJSz
+zDF4mRmk2qfhHBd8IaIDBpsXSgLcVRduro4HBzf/JeCt8rvw3VMLEFyqwyszpHro
+xNnqPvbMPMCtOvUcr1VtXnO7CzaFNCJrfjYdV8vmDgvbYmBEHzG+LGbnVZIBUhQa
+igVjtqU1uT83+VpR703IcBI=
+-----END PRIVATE KEY-----
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#!/bin/bash
+
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-pid /nginx.pid;
-error_log /dev/stdout warn;
-
-http {
- access_log /dev/stdout;
- server {
- listen 0.0.0.0:8181;
+mkdir -p /usr/share/kibana/auth
+chmod 0777 /usr/share/kibana/auth
- location / {
- include /etc/nginx/mime.types;
- root /usr/share/nginx/html/;
- }
+cp /opt/app/auth/* /usr/share/kibana/auth/.
- }
-}
+chmod 0400 /usr/share/kibana/auth/*
-events {
- worker_connections 4096;
-}
+/usr/share/kibana/node/bin/node --no-warnings /usr/share/kibana/src/cli --cpu.cgroup.path.override=/ --cpuacct.cgroup.path.override=/
elasticsearch.password: "changeme"
# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
-#server.ssl.enabled: $server_ssl_enabled
-#server.ssl.certificate: $server_ssl_certificate
-#server.ssl.key: $server_ssl_key
+server.ssl.enabled: {{.Values.config.serverSslEnabled}}
+server.ssl.certificate: {{.Values.config.serverSslCertificate}}
+server.ssl.key: {{.Values.config.serverSslKey}}
# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files validate that your Elasticsearch backend uses the same key files.
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-auth
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/auth/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-bin
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
- name: {{ include "common.name" . }}
image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash"]
+ args: ["-c", "/opt/app/bin/kibana_start.sh"]
ports:
- containerPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.name }}
readinessProbe:
httpGet:
path: "/"
+ scheme: "HTTPS"
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
livenessProbe:
httpGet:
path: "/"
+ scheme: "HTTPS"
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /usr/share/kibana/config/
+ - mountPath: /usr/share/kibana/config
name: {{ include "common.fullname" . }}
+ - mountPath: /opt/app/auth
+ name: {{ include "common.fullname" . }}-auth
+ - mountPath: /opt/app/bin
+ name: {{ include "common.fullname" . }}-bin
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- key: kibana.yml
path: kibana.yml
- key: default.json
- path: default.json
+ path: default.json
- key: validationsDump.json
path: validationsDump.json
- key: violationsDump.json
path: violationsDump.json
- key: default-mapping.json
- path: default-mapping.json
+ path: default-mapping.json
+ - name: {{ include "common.fullname" . }}-auth
+ configMap:
+ name: {{ include "common.fullname" . }}-auth
+ defaultMode: 0777
+ - name: {{ include "common.fullname" . }}-bin
+ configMap:
+ name: {{ include "common.fullname" . }}-bin
+ defaultMode: 0777
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
elasticsearchServiceName: pomba-es
elasticsearchPort: 9200
+ #Enable HTTPS
+ serverSslEnabled: true
+ serverSslCertificate: /usr/share/kibana/auth/pomba.crt.pem
+ serverSslKey: /usr/share/kibana/auth/pomba.key.pem
+
# default number of instances
replicaCount: 1
apiVersion: v1\r
description: ONAP POMBA Network Discovery\r
name: pomba-networkdiscovery\r
-version: 3.0.0\r
+version: 4.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: '@local'\r
# limitations under the License
spring.jersey.type=filter
-spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars
-
-
-server.contextPath=/network-discovery
-spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
-
-#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma
-#tomcat.connector.attributes=allowTrace-true
-#The max number of active threads in this pool
-server.tomcat.max-threads=200
-#The minimum number of threads always kept alive
-server.tomcat.min-Spare-Threads=25
-#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
-server.tomcat.max-idle-time=60000
-
-#Servlet context parameters
-server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
#Enable HTTPS
server.port={{ .Values.config.serverSslPort }}
openstack.identity.user ={{ .Values.config.openstackUserId }}
openstack.identity.password ={{ .Values.config.openstackPassword }}
-openstack.types = vserver, l3-network
+openstack.types = vserver, l3-network, port
openstack.type.vserver.url = {{ .Values.config.openstackTypeVserverUrl }}
openstack.type.l3-network.url = {{ .Values.config.openstackTypeL3NetworkUrl }}
+openstack.type.port.url = {{ .Values.config.openstackTypePortUrl }}
openstack.api.microversion = 2.42
ports:\r
{{if eq .Values.service.type "NodePort" -}}\r
- port: {{ .Values.service.externalPort }}\r
- #Example internal target port if required\r
- #targetPort: {{ .Values.service.internalPort }}\r
+ targetPort: {{ .Values.service.internalPort }}\r
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}\r
name: {{ .Values.service.portName | default "http" }}\r
{{- else -}}\r
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/network-discovery:latest
+image: onap/network-discovery:1.5.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# Openstack Rest API URLs:
openstackTypeVserverUrl: http://10.69.36.11:8774/v2.1/servers/{0}
openstackTypeL3NetworkUrl: http://10.69.36.11:9696/v2.0/networks/{0}
+ openstackTypePortUrl: http://10.69.36.11:9696/v2.0/ports/{0}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
#service being defined.
type: NodePort
name: pomba-networkdiscovery
- externalPort: 8443
+ externalPort: 9531
internalPort: 8443
nodePort: 99
-# nodePort: <replace with unused node port suffix eg. 23>
- # optional port name override - default can be defined in service.yaml
- #portName: http
+ portName: https
ingress:
enabled: false
apiVersion: v1
description: ONAP POMBA Network Discovery Context Builder
name: pomba-networkdiscoveryctxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/pomba-network-discovery-context-builder:1.3.1
+image: onap/pomba-network-discovery-context-builder:1.4.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA SDC Context Builder
name: pomba-sdcctxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
--- /dev/null
+<configuration >
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
+</configuration>
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
\ No newline at end of file
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+ readOnly: false
+ - mountPath: /opt/app/config/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/pomba-sdc-context-builder:1.3.2
+image: onap/pomba-sdc-context-builder:1.4.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA SDNC Context Builder
name: pomba-sdncctxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
aai.http.userId={{ .Values.config.aaiHttpUserId }}
aai.http.password={{ .Values.config.aaiHttpPassword }}
-aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
-aai.customerQuery=/aai/v11/business/customers/customer/
-aai.serviceInstancePath=/aai/v11/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2}
+aai.searchNodeQuery=/aai/v13/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
+aai.customerQuery=/aai/v13/business/customers/customer/
+aai.serviceInstancePath=/aai/v13/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2}
# SDNC REST Client Configuration
sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}}
sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }}
sdnc.readTimeout={{ .Values.config.sdncReadTimeout }}
sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0}
+sdnc.portMirrorResourcePath=/restconf/config/GENERIC-RESOURCE-API:port-mirror-configurations/port-mirror-configuration/{0}/configuration-data/configuration-operation-information/port-mirror-configuration-request-input
sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0}
#Servlet context parameters
-<configuration scan="true" scanPeriod="10 seconds" debug="false">
- <jmxConfigurator />
- <property name="logDirectory" value="/var/log/onap/pomba-sdncctxbuilder" />
- <!-- Example evaluator filter applied against console appender -->
+<configuration >
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level>
- <onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter -->
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
<encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
+ <pattern>${pattern}</pattern>
</encoder>
</appender>
-
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <file>${logDirectory}/error.log</file>
- <append>true</append>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
<encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n</pattern>
+ <pattern>${pattern}</pattern>
</encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/error.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
</appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/debug.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>5</maxHistory>
- </rollingPolicy>
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/audit.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/audit.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="AUDIT" />
- </appender>
-
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/metric.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
- %msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/metric.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="METRIC" />
- </appender>
-
- <!-- SECURITY related loggers -->
- <appender name="SECURITY"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/security.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/security.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="SECURITY" />
- </appender>
-
- <!-- CLDS related loggers -->
- <logger name="org.onap.pomba.clds" level="INFO" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
-
- <!-- CLDS related loggers -->
- <logger name="com.att.eelf.error" level="OFF" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
- <!-- EELF related loggers -->
- <logger name="com.att.eelf.audit" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.security" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFSecurity" />
- </logger>
-
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="DEBUG" />
- <logger name="org.apache.camel.component.restlet" level="DEBUG" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="INFO" />
- <logger name="ch.qos.logback.core" level="INFO" />
-
- <!-- logback jms appenders & loggers definition starts here -->
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Audit.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Audit.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Perform.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Perform.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="perfLogs" />
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
</logger>
- <!-- logback jms appenders & loggers definition ends here -->
-
- <root level="WARN">
- <appender-ref ref="DEBUG" />
+ <root level="info">
<appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
</root>
-
</configuration>
name: localtime
readOnly: true
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
+ readOnly: false
- mountPath: /opt/app/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
- mountPath: /opt/app/config/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
-
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
volumes:
- name: localtime
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
-
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
aaiKeyStorePath: n/a
aaiKeyStorePassword: n/a
aaiConnectionTimeout: 5000
- aaiReadTimeout: 1000
+ aaiReadTimeout: 5000
# HTTP Basic Authorization credentials for Rest Service API
aaiHttpUserId: admin
aaiHttpPassword: OBF:1u2a1toa1w8v1tok1u30
# SDNC Rest Client Connection
sdncServiceName: sdnc
- sdncPort: 8443
- sdncUsername: SDNC
- sdncPassword: OBF:1gfr1ev31gg7
- sdncHttpProtocol: https
+ sdncPort: 8282
+ sdncUsername: admin
+ sdncPassword: OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp
+ sdncHttpProtocol: http
sdncConnectionTimeout: 5000
- sdncReadTimeout: 1000
+ sdncReadTimeout: 5000
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 30
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 30
#Example service definition with external, internal and node ports.
service:
requests:
cpu: 200m
memory: 800Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: ONAP POMBA search-data
name: pomba-search-data
-version: 3.0.0
+version: 4.0.0
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
apiVersion: v1\r
description: ONAP POMBA Network Discovery Service Decomposition\r
name: pomba-servicedecomposition\r
-version: 3.0.0\r
+version: 4.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: '@local'\r
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/service-decomposition:1.4.2
+image: onap/service-decomposition:1.5.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: POMBA Validaton-Service
name: pomba-validation-service
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+rule.datadictionary.hostport={{ .Values.config.dataDictHostPort }}
+rule.datadictionary.connect.timeout=1000
+rule.datadictionary.read.timeout=1000
+
+# basic authentication: base64 encoding of username:password
+rule.datadictionary.credentials={{ .Values.config.dataDictCredentials }}
+
+# ex: /commonModelElements/instance~nfValuesCatalog~1.0/
+rule.datadictionary.uri=/commonModelElements/{0}~{1}~1.0/validateInstance
// NDCB-AAI comparison: VF list
useRule {
name 'NDCB-AAI-attribute-comparison'
- attributes 'context-list.ndcb.vfList[*]', 'context-list.aai.vfList[*]'
+ attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]'
}
// NDCB-AAI comparison: VF-Module list
useRule {
name 'NDCB-AAI-attribute-comparison'
- attributes 'context-list.ndcb.vfList[*].vfModuleList[*]', 'context-list.aai.vfList[*].vfModuleList[*]'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
}
// NDCB-AAI comparison: VNFC list
useRule {
name 'NDCB-AAI-attribute-comparison'
- attributes 'context-list.ndcb.vfList[*].vnfcList[*]', 'context-list.aai.vfList[*].vnfcList[*]'
+ attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
}
// NDCB-AAI comparison: VM list
useRule {
name 'NDCB-AAI-attribute-comparison'
- attributes 'context-list.ndcb.vfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vfList[*].vfModuleList[*].vmList[*]'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]'
}
// NDCB-AAI comparison: Network list
useRule {
name 'NDCB-AAI-attribute-comparison'
- attributes 'context-list.ndcb.vfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vfList[*].vfModuleList[*].networkList[*]'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
}
// SDNC-AAI comparison: Context level
// SDNC-AAI comparison: VF list
useRule {
name 'SDNC-AAI-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*]', 'context-list.aai.vfList[*]'
+ attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]'
}
// SDNC-AAI comparison: VF-Module list
useRule {
name 'SDNC-AAI-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vfModuleList[*]', 'context-list.aai.vfList[*].vfModuleList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
}
// SDNC-AAI comparison: VNFC list
useRule {
name 'SDNC-AAI-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vnfcList[*]', 'context-list.aai.vfList[*].vnfcList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
}
// SDNC-AAI comparison: VM list
useRule {
name 'SDNC-AAI-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vfList[*].vfModuleList[*].vmList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]'
}
// SDNC-AAI comparison: Network list
useRule {
name 'SDNC-AAI-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vfList[*].vfModuleList[*].networkList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
}
// SDNC-NDCB comparison: Context level
// SDNC-NDCB comparison: VF list
useRule {
name 'SDNC-NDCB-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*]', 'context-list.ndcb.vfList[*]'
+ attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]'
}
// SDNC-NDCB comparison: VF-Module list
useRule {
name 'SDNC-NDCB-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vfModuleList[*]', 'context-list.ndcb.vfList[*].vfModuleList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]'
}
// SDNC-NDCB comparison: VNFC list
useRule {
name 'SDNC-NDCB-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vnfcList[*]', 'context-list.ndcb.vfList[*].vnfcList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]'
}
// SDNC-NDCB comparison: VM list
useRule {
name 'SDNC-NDCB-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vfList[*].vfModuleList[*].vmList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]'
}
// SDNC-NDCB comparison: Network list
useRule {
name 'SDNC-NDCB-attribute-comparison'
- attributes 'context-list.sdnc.vfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vfList[*].vfModuleList[*].networkList[*]'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]'
}
// SDC-AAI VNFC type
useRule {
name 'SDC-AAI-vnfc-type'
- attributes 'context-list.sdc.vfList[*].vnfcList[*]', 'context-list.aai.vfList[*].vnfcList[*]'
+ attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
}
// SDC-AAI VNFC node count
useRule {
name 'SDC-AAI-vnfc-node-count'
- attributes 'context-list.sdc.vfList[*].vnfcList[*]', 'context-list.aai.vfList[*].vnfcList[*]'
+ attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
}
// SDC-AAI VF-Module instance
useRule {
name 'SDC-AAI-vf-module-instance-check'
- attributes 'context-list.ndcb.vfList[*].vfModuleList[*]', 'context-list.aai.vfList[*].vfModuleList[*]'
+ attributes 'context-list.sdc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
}
}
}
return new Tuple2(result, details)
'''
}
+
+/*
+ * The data-dictionary rule below can be used with this useRule clause:
+ * useRule {
+ * name 'Data-Dictionary validate VF type'
+ * attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*].type'
+ * }
+ */
+rule {
+ name 'Data-Dictionary validate VF type'
+ category 'INVALID_VALUE'
+ description 'Validate all VF type values against data-dictionary'
+ errorText 'VF type [{0}] failed data-dictionary validation: {1}'
+ severity 'ERROR'
+ attributes 'typeList'
+ validate '''
+ boolean success = true
+ List<String> details = new ArrayList<>()
+ typeList.any {
+ if(!success) {
+ // break out of 'any' loop
+ return false
+ }
+ def result = org.onap.aai.validation.ruledriven.rule.builtin.DataDictionary.validate("instance", "vfModuleNetworkType", "type", "$it")
+ if(!result.isEmpty()) {
+ success = false
+ details.add("$it")
+ details.add("$result")
+ }
+ }
+ return new Tuple2(success, details)
+ '''
+}
path: validation-service-auth.properties
- key: rule-indexing.properties
path: rule-indexing.properties
+ - key: rule-data-dictionary.properties
+ path: rule-data-dictionary.properties
- key: aai-environment.properties
path: aai-environment.properties
- key: schemaIngest.properties
debugEnabled: false
# application configuration
-# Example:
config:
appDir: /opt/app/validation-service
configDir: /opt/app/validation-service/appconfig
configTopicsDir: /opt/app/validation-service/appconfig/topics
rulesDir: /opt/app/validation-service/bundleconfig/etc/rules/poa-event
maxHeap: 1024
-# username: myusername
-# password: mypassword
+ dataDictHostPort: http://dummy-host:443
+ dataDictCredentials: cG9tYmE6cG9tYmE=
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: false
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
enabled: false
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Web Portal
name: portal
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Portal application
name: portal-app
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: Portal cassandra
name: portal-cassandra
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: MariaDB Service
name: portal-mariadb
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+#!/bin/bash
+set -eo pipefail
+shopt -s nullglob
+
+# if command starts with an option, prepend mysqld
+if [ "${1:0:1}" = '-' ]; then
+ set -- mysqld "$@"
+fi
+
+# skip setup if they want an option that stops mysqld
+wantHelp=
+for arg; do
+ case "$arg" in
+ -'?'|--help|--print-defaults|-V|--version)
+ wantHelp=1
+ break
+ ;;
+ esac
+done
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+_check_config() {
+ toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
+ if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
+ cat >&2 <<-EOM
+
+ ERROR: mysqld failed while attempting to check config
+ command was: "${toRun[*]}"
+
+ $errors
+ EOM
+ exit 1
+ fi
+}
+
+# Fetch value from server config
+# We use mysqld --verbose --help instead of my_print_defaults because the
+# latter only show values present in config files, and not server defaults
+_get_config() {
+ local conf="$1"; shift
+ "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null | awk '$1 == "'"$conf"'" { print $2; exit }'
+}
+
+# allow the container to be started with `--user`
+if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then
+ _check_config "$@"
+ DATADIR="$(_get_config 'datadir' "$@")"
+ mkdir -p "$DATADIR"
+ find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
+ exec gosu mysql "$BASH_SOURCE" "$@"
+fi
+
+if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
+ # still need to check config, container may have started with --user
+ _check_config "$@"
+ # Get config
+ DATADIR="$(_get_config 'datadir' "$@")"
+
+ if [ ! -d "$DATADIR/mysql" ]; then
+ file_env 'MYSQL_ROOT_PASSWORD'
+ if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
+ echo >&2 'error: database is uninitialized and password option is not specified '
+ echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
+ exit 1
+ fi
+
+ mkdir -p "$DATADIR"
+
+ echo 'Initializing database'
+ # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
+ mysql_install_db --datadir="$DATADIR" --rpm "${@:2}"
+ echo 'Database initialized'
+
+ SOCKET="$(_get_config 'socket' "$@")"
+ "$@" --skip-networking --socket="${SOCKET}" &
+ pid="$!"
+
+ mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
+
+ for i in {60..0}; do
+ if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
+ break
+ fi
+ echo 'MySQL init process in progress...'
+ sleep 1
+ done
+ if [ "$i" = 0 ]; then
+ echo >&2 'MySQL init process failed.'
+ exit 1
+ fi
+
+ if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
+ # sed is for https://bugs.mysql.com/bug.php?id=20545
+ mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql
+ fi
+
+ if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
+ export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
+ echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
+ fi
+
+ rootCreate=
+ # default root to listen for connections from anywhere
+ file_env 'MYSQL_ROOT_HOST' '%'
+ if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
+ # no, we don't care if read finds a terminating character in this heredoc
+ # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
+ read -r -d '' rootCreate <<-EOSQL || true
+ CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
+ GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
+ EOSQL
+ fi
+
+ "${mysql[@]}" <<-EOSQL
+ -- What's done in this file shouldn't be replicated
+ -- or products like mysql-fabric won't work
+ SET @@SESSION.SQL_LOG_BIN=0;
+
+ DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
+ SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
+ GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
+ ${rootCreate}
+ DROP DATABASE IF EXISTS test ;
+ FLUSH PRIVILEGES ;
+ EOSQL
+
+ if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
+ mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
+ fi
+
+ file_env 'MYSQL_DATABASE'
+ if [ "$MYSQL_DATABASE" ]; then
+ echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
+ mysql+=( "$MYSQL_DATABASE" )
+ fi
+
+ file_env 'MYSQL_USER'
+ file_env 'MYSQL_PASSWORD'
+ if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
+ echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"
+
+ if [ "$MYSQL_DATABASE" ]; then
+ echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
+ fi
+ fi
+
+ echo
+ for f in /docker-entrypoint-initdb.d/*; do
+ case "$f" in
+ *.sh) echo "$0: running $f"; . "$f" ;;
+ *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;;
+ *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;;
+ *) echo "$0: ignoring $f" ;;
+ esac
+ echo
+ done
+
+ if ! kill -s TERM "$pid" || ! wait "$pid"; then
+ echo >&2 'MySQL init process failed.'
+ exit 1
+ fi
+
+ echo
+ echo 'MySQL init process done. Ready for start up.'
+ echo
+ fi
+fi
+
+exec "$@"
\ No newline at end of file
- mountPath: /etc/localtime
name: localtime
readOnly: true
+ - mountPath: /usr/local/bin/docker-entrypoint.sh
+ subPath: docker-entrypoint.sh
+ name: docker-entry
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: localtime
hostPath:
path: /etc/localtime
+ - name: docker-entry
+ configMap:
+ name: {{ include "common.fullname" . }}-mariadb
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v1
description: Portal software development kit
name: portal-sdk
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Portal widgets micro service application
name: portal-widget
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Zookeeper for ONAP Portal
name: portal-zookeeper
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: A helm Chart for kubernetes-ONAP Robot
name: robot
-version: 3.0.0
+version: 4.0.0
TAG="distributeVFWNG"
shift
;;
+ distributeDemoVFWDT)
+ TAG="DistributeDemoVFWDT"
+ shift
+ ;;
+ instantiateDemoVFWDT)
+ TAG="instantiateVFWDT"
+ shift
+ ;;
vfwclosedloop)
TAG="vfwclosedloop"
shift
POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-ETEHOME=/var/opt/OpenECOMP_ETE
+ETEHOME=/var/opt/ONAP
export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key
TAGS="-i $2"
-ETEHOME=/var/opt/OpenECOMP_ETE
+ETEHOME=/var/opt/ONAP
export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2
DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
"cloud_env" : "${GLOBAL_INJECTED_CLOUD_ENV}",
"install_script_version" : "${GLOBAL_INJECTED_SCRIPT_VERSION}",
},
-
-# ##
+ # ##
# heat template parameter values for heat template instances created during Vnf-Orchestration test cases
# ##
"Vnf-Orchestration" : {
"unprotected_private_net_cidr" : "192.168.10.0/24",
"protected_private_net_id" : "vofwl01_protected${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
- "vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.1",
- "vpg_private_ip_0" : "192.168.10.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.2",
- "vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.3",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.1",
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vpg_int_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.2",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.3",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'vofwl01fwl${hostid}',
'vpg_name_0':'vofwl01pgn${hostid}',
"vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vsn_name_0':'vofwl01snk${hostid}'
},
"vfwsnk_preload.template": {
+ "int_unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
+ "int_unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_cidr" : "192.168.10.0/24",
+ "int_protected_private_net_id" : "vofwlsnk_protected${hostid}",
+ "int_protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
+ "protected_private_net_cidr" : "192.168.20.0/24",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ # this should be the same value as vpg_private_ip_0
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.101",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.102",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ 'vfw_name_0':'vofwl01fwl${hostid}',
+ 'vsn_name_0':'vofwl01snk${hostid}',
+ "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ },
+ "vpkg_preload.template": {
+ "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_cidr" : "192.168.10.0/24",
+ "protected_private_net_cidr" : "192.168.20.0/24",
+ "vfw_private_ip_0" : "192.168.10.100",
+ "vpg_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103",
+ "vsn_private_ip_0" : "192.168.20.250",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ 'vpg_name_0':'vofwl01pgn${hostid}',
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ },
+ # vFWDT preload data
+ "vfwdt_vpkg_preload.template": {
"unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
"unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
- "protected_private_net_id" : "vofwlsnk_protected${hostid}",
- "protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
"vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.101",
"vpg_private_ip_0" : "192.168.10.200",
+ "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103",
"vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.102",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'vfw_name_0':'vofwl01fwl${hostid}',
- 'vsn_name_0':'vofwl01snk${hostid}',
+ 'vpg_name_0':'vofwl01pgn${hostid}',
+ "vfw_name_0": "vofwl01vfw${hostid}",
+ "vsn_name_0": "vofwl01snk${hostid}",
"image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "protected_private_net_id" : "vofwlsnk01_protected${hostid}",
+ "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}",
+ "ext_private_net_id": "onap_oam_ext",
+ "ext_private_subnet_id": "onap_oam_ext_sub",
+ "ext_private_net_cidr": "10.100.0.0/16",
+ "vfw_private_ip_1": "192.168.20.100",
+ "vfw_private_ip_2": "10.0.110.1",
+ "vfw_private_ip_3": "10.100.100.1",
+ "vsn_private_ip_1": "10.0.110.3",
+ "vsn_private_ip_0": "192.168.20.250",
+ "vsn_private_ip_2": "10.100.100.3",
},
- "vpkg_preload.template": {
+ "vfwdt_vfwsnk0_preload.template": {
"unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
"unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
"vsn_private_ip_0" : "192.168.20.250",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vpg_name_0':'vofwl01pgn${hostid}',
+ "vsn_name_0": "vofwl01snk${hostid}",
+ "vfw_name_0": "vofwl01vfw${hostid}",
+ "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "protected_private_net_id" : "vofwlsnk01_protected${hostid}",
+ "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}",
+ "ext_private_net_id": "onap_oam_ext",
+ "ext_private_subnet_id": "onap_oam_ext_sub",
+ "ext_private_net_cidr": "10.100.0.0/16",
+ "vfw_private_ip_1": "192.168.20.100",
+ "vfw_private_ip_2": "10.0.110.1",
+ "vfw_private_ip_3": "10.100.100.1",
+ "vsn_private_ip_1": "10.0.110.3",
+ "vsn_private_ip_0": "192.168.20.250",
+ "vpg_private_ip_2": "10.100.100.2",
+ "vsn_private_ip_1": "10.0.110.3",
+ "vsn_private_ip_0": "192.168.20.250",
+ "vsn_private_ip_2": "10.100.100.3"
+ },
+ "vfwdt_vfwsnk1_preload.template": {
+ "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_cidr" : "192.168.10.0/24",
+ "protected_private_net_cidr" : "192.168.20.0/24",
+ "vfw_private_ip_0" : "192.168.10.110",
+ "vpg_private_ip_0" : "192.168.10.200",
+ "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103",
+ "vsn_private_ip_0" : "192.168.20.250",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ 'vpg_name_0':'vofwl01pgn${hostid}',
+ "vsn_name_0": "vofwl01snk${hostid}",
+ "vfw_name_0": "vofwl01vfw${hostid}",
"image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "protected_private_net_id" : "vofwlsnk01_protected${hostid}",
+ "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}",
+ "ext_private_net_id": "onap_oam_ext",
+ "ext_private_subnet_id": "onap_oam_ext_sub",
+ "ext_private_net_cidr": "10.100.0.0/16",
+ "vfw_private_ip_1": "192.168.20.110",
+ "vfw_private_ip_2": "10.0.110.4",
+ "vfw_private_ip_3": "10.100.100.4",
+ "vpg_private_ip_0": "192.168.10.200",
+ "vpg_private_ip_1": "10.0.110.2",
+ "vpg_private_ip_2": "10.100.100.2",
+ "vsn_private_ip_0": "192.168.20.240",
+ "vsn_private_ip_1": "10.0.110.5",
+ "vsn_private_ip_2": "10.100.100.5"
},
"vlb_preload.template" : {
"vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
"vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
- "vlb_private_net_id" : "volb01_private${hostid}",
- "pktgen_private_net_id" : "volb01_pktgen${hostid}",
- "vlb_private_net_cidr" : "192.168.30.0/24",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
- "vdns_private_ip_0" : "192.168.30.110",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.5",
- "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vlb_name_0':'vovlblb${hostid}',
'vdns_name_0':'vovlbdns${hostid}',
+ "vpg_name_0" : "vovlbpgn${hostid}",
+ "vlb_private_net_id" : "volb01_private${hostid}",
+ "vlb_private_net_cidr" : "192.168.30.0/24",
+ "pktgen_private_net_id" : "volb01_pktgen${hostid}",
"pktgen_private_net_cidr" : "192.168.9.0/24",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.7",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.110",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.5",
+ "vpg_int_pktgen_private_ip_0" : "192.168.9.110",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.7",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
"pg_int" : "192.168.9.109",
- "vpg_private_ip_0" : "192.168.9.110",
- "vlb_private_ip_2" : "192.168.9.111",
"vip" : "192.168.9.112",
"gre_ipaddr" : "192.168.30.112",
- "vpg_name_0" : "vovlbpgn${hostid}",
"vnf_id" : "vLoadBalancer_${hostid}",
"vf_module_id" : "vLoadBalancer"
},
"dnsscaling_preload.template" : {
- "vlb_private_net_id" : "volb01_private${hostid}",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
- "vdns_private_ip_0" : "192.168.30.222",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.6",
+ "int_private_net_id" : "vLBMS_volb01_private${hostid}",
+ "int_private_subnet_id" : "vLBMS_volb01_private${hostid}_subnet",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.222",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.6",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'scaling_vdns_name_0':'vovlbscaling${hostid}',
- "vlb_private_net_cidr" : "192.168.10.0/24"
+ 'vdns_name_0':'vovlbscaling${hostid}',
+ "vlb_private_net_cidr" : "192.168.30.0/24"
},
"vims_preload.template" : {
"bono_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
},
# heat template parameter values for heat template instances created during Closed-Loop test cases
"Closed-Loop" : {
- "vfw_preload.template": {
+ "vfw_preload.template": {
"unprotected_private_net_id" : "clfwl01_unprotected${hostid}",
"unprotected_private_net_cidr" : "192.168.110.0/24",
"protected_private_net_id" : "clfwl01_protected${hostid}",
"protected_private_net_cidr" : "192.168.120.0/24",
- "vfw_private_ip_0" : "192.168.110.100",
- "vfw_private_ip_1" : "192.168.120.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
- "vpg_private_ip_0" : "192.168.110.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
- "vsn_private_ip_0" : "192.168.120.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
+ "vfw_int_unprotected_private_ip_0" : "192.168.110.100",
+ "vfw_int_protected_private_ip_0" : "192.168.120.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
+ "vfw_int_protected_private_floating_ip" : "192.168.110.200",
+ "vpg_int_unprotected_private_ip_0" : "192.168.110.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
+ "vsn_int_protected_private_ip_0" : "192.168.120.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'clfwl01fwl${hostid}',
'vpg_name_0':'clfwl01pgn${hostid}',
"vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vsn_name_0':'clfwl01snk${hostid}'
},
"vfwsnk_preload.template": {
- "unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}",
+ "int_unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}",
+ "int_unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
- "protected_private_net_id" : "clfwlsnk_protected${hostid}",
- "protected_private_subnet_id" : "clfwlsnk_protected_sub${hostid}",
+ "int_protected_private_net_id" : "clfwlsnk_protected${hostid}",
+ "int_protected_private_subnet_id" : "clfwlsnk_protected_sub${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
- "vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.111",
- "vpg_private_ip_0" : "192.168.10.200",
- "vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.112",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ # this should be the same value as vpg_private_ip_0
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.111",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.112",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'clfwl01fwl${hostid}',
'vsn_name_0':'clfwl01snk${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
},
"vpkg_preload.template": {
- "unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_id" : "vFWSNK_clfwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vFWSNK_clfwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
"protected_private_net_cidr" : "192.168.20.0/24",
"vfw_private_ip_0" : "192.168.10.100",
- "vpg_private_ip_0" : "192.168.10.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.113",
+ "vpg_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.113",
"vsn_private_ip_0" : "192.168.20.250",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vpg_name_0':'clfwl01pgn${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
},
+ # vLBMS
"vlb_preload.template" : {
"vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
"vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
- "vlb_private_net_id" : "cllb01_private${hostid}",
- "pktgen_private_net_id" : "cllb01_pktgen${hostid}",
- "vlb_private_net_cidr" : "192.168.30.0/24",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
- "vdns_private_ip_0" : "192.168.30.110",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.15",
- "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vlb_name_0':'clvlblb${hostid}',
'vdns_name_0':'clvlbdns${hostid}',
+ "vpg_name_0" : "clvlbpgn${hostid}",
+ "vlb_private_net_id" : "cllb01_private${hostid}",
+ "vlb_private_net_cidr" : "192.168.30.0/24",
+ "pktgen_private_net_id" : "cllb01_pktgen${hostid}",
"pktgen_private_net_cidr" : "192.168.9.0/24",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.17",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.110",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.15",
+ "vpg_int_pktgen_private_ip_0" : "192.168.9.110",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.17",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
"pg_int" : "192.168.9.109",
- "vpg_private_ip_0" : "192.168.9.110",
- "vlb_private_ip_2" : "192.168.9.111",
"vip" : "192.168.9.112",
"gre_ipaddr" : "192.168.30.112",
- "vpg_name_0" : "clvlbpgn${hostid}",
"vnf_id" : "vLoadBalancer_${hostid}",
"vf_module_id" : "vLoadBalancer"
},
"dnsscaling_preload.template" : {
- "vlb_private_net_id" : "cllb01_private${hostid}",
- "vlb_private_ip_0" : "192.168.130.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
- "vdns_private_ip_0" : "192.168.130.222",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.16",
+ "int_private_net_id" : "vLBMS_cllb01_private${hostid}",
+ "int_private_subnet_id" : "vLBMS_cllb01_private${hostid}_subnet",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.222",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.16",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'scaling_vdns_name_0':'clvlbscaling${hostid}',
+ 'vdns_name_0':'clvlbscaling${hostid}',
"vlb_private_net_cidr" : "192.168.10.0/24"
},
"vims_preload.template" : {
"unprotected_private_net_cidr" : "192.168.110.0/24",
"protected_private_net_id" : "demofwl_protected",
"protected_private_net_cidr" : "192.168.120.0/24",
- "vfw_private_ip_0" : "192.168.110.100",
- "vfw_private_ip_1" : "192.168.120.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
- "vpg_private_ip_0" : "192.168.110.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
- "vsn_private_ip_0" : "192.168.120.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
+ "vfw_int_unprotected_private_ip_0" : "192.168.110.100",
+ "vfw_int_protected_private_ip_0" : "192.168.120.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
+ "vpg_int_unprotected_private_ip_0" : "192.168.110.200",
+ "vfw_int_protected_private_floating_ip" : "192.168.110.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
+ "vsn_int_protected_private_ip_0" : "192.168.120.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'demofwl01fwl',
'vpg_name_0':'demofwl01pgn',
"vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vsn_name_0':'demofwl01snk'
},
"vfwsnk_preload.template": {
- "unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}",
+ "int_unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}",
+ "int_unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
- "protected_private_net_id" : "demofwlsnk_protected${hostid}",
- "protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
+ "int_protected_private_net_id" : "demofwlsnk_protected${hostid}",
+ "int_protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
- "vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.121",
- "vpg_private_ip_0" : "192.168.10.200",
- "vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.122",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ # this should be the same value as vpg_private_ip_0
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.121",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.122",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'${generic_vnf_name}',
'vsn_name_0':'demofwl01snk${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
},
"vpkg_preload.template": {
- "unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_id" : "vFWSNK_demofwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vFWSNK_demofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
"protected_private_net_cidr" : "192.168.20.0/24",
"vfw_private_ip_0" : "192.168.10.100",
- "vpg_private_ip_0" : "192.168.10.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.123",
+ "vpg_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.123",
"vsn_private_ip_0" : "192.168.20.250",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vpg_name_0':'demofwl01pgn${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}"
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}"
},
+ # vLBMS
"vlb_preload.template" : {
"vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
"vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
- "vlb_private_net_id" : "demolb_private${hostid}",
- "pktgen_private_net_id" : "demolb_pktgen${hostid}",
- "vlb_private_net_cidr" : "192.168.30.0/24",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
- "vdns_private_ip_0" : "192.168.30.110",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.25",
- "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vlb_name_0':'demovlblb${hostid}',
'vdns_name_0':'demovlbdns${hostid}',
+ "vpg_name_0" : "clvlbpgn${hostid}",
+ "vlb_private_net_id" : "demolb_private${hostid}",
+ "vlb_private_net_cidr" : "192.168.30.0/24",
+ "pktgen_private_net_id" : "demolb_pktgen${hostid}",
"pktgen_private_net_cidr" : "192.168.9.0/24",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.27",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.110",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.25",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.27",
+ "vpg_int_pktgen_private_ip_0" : "192.168.9.110",
"pg_int" : "192.168.9.109",
- "vpg_private_ip_0" : "192.168.9.110",
- "vlb_private_ip_2" : "192.168.9.111",
"vip" : "192.168.9.112",
"gre_ipaddr" : "192.168.30.112",
- "vpg_name_0" : "clvlbpgn${hostid}",
"vnf_id" : "vLoadBalancer_${hostid}",
- "vf_module_id" : "vLoadBalancer"
+ "vf_module_id" : "vLoadBalancer",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}"
},
"dnsscaling_preload.template" : {
- "vlb_private_net_id" : "demolb_private${hostid}",
- "vlb_private_ip_0" : "192.168.130.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
- "vdns_private_ip_0" : "192.168.130.222",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.26",
+ "int_private_net_id" : "vLBMS_demolb_private${hostid}",
+ "int_private_subnet_id" : "vLBMS_demolb_private${hostid}_subnet",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.222",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.26",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'scaling_vdns_name_0':'demovlbscaling${hostid}',
- "vlb_private_net_cidr" : "192.168.10.0/24"
+ 'vdns_name_0':'demovlbscaling${hostid}',
+ "vlb_private_net_cidr" : "192.168.30.0/24"
},
"vims_preload.template" : {
"bono_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530"
GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530"
GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530"
-# vvp info
-GLOBAL_VVP_SERVER_PROTOCOL = "http"
-GLOBAL_VVP_CI_UWSGI_PORT = "8282"
-GLOBAL_VVP_CMS_UWSGI_PORT1 = "80"
-GLOBAL_VVP_EM_UWSGI_PORT = "80"
-GLOBAL_VVP_EXT_HAPROXY_PORT1 = "80"
-GLOBAL_VVP_GITLAB_PORT1 = "80"
-GLOBAL_VVP_IMAGESCANNER_PORT = "80"
-GLOBAL_VVP_INT_HAPROXY_PORT1 = "80"
-GLOBAL_VVP_JENKINS_PORT = "8080"
-GLOBAL_VVP_POSTGRES_PORT = "5432"
-GLOBAL_VVP_REDIS_PORT = "6379"
# microservice bus info - everything is from the private oam network (also called onap private network)
GLOBAL_MSB_SERVER_PROTOCOL = "http"
GLOBAL_MSB_SERVER_PORT = "80"
# dns info
GLOBAL_DNS_TRAFFIC_DURATION = "600"
# location where heat templates are loaded from
-GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat"
+GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/ONAP/demo/heat"
GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}"
GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}"
GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR = "vvp-ci-uwsgi.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR = "vvp-cms-uwsgi.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR = "vvp-em-uwsgi.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR = "vvp-ext-haproxy.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR = "vvp-gitlab.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR = "vvp-imagescanner.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR = "vvp-int-haproxy.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR = "vvp-jenkins.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR = "vvp-postgres.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_REDIS_IP_ADDR = "vvp-redis.{{include "common.namespace" .}}"
GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}"
GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}"
GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}"
"GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR" : "vvp-ci-uwsgi.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR" : "vvp-cms-uwsgi.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR" : "vvp-em-uwsgi.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR" : "vvp-ext-haproxy.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR" : "vvp-gitlab.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR" : "vvp-imagescanner.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR" : "vvp-int-haproxy.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR" : "vvp-jenkins.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR" : "vvp-postgres.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_REDIS_IP_ADDR" : "vvp-redis.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}",
apiVersion: v1
description: Service Design and Creation Umbrella Helm charts
name: sdc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Service Design and Creation Backend API
name: sdc-be
-version: 3.0.0
+version: 4.0.0
- containerPort: {{ .Values.service.internalPort2 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
+ exec:
+ command:
+ - "/var/lib/ready-probe.sh"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.3.5
-backendInitImage: onap/sdc-backend-init:1.3.5
+image: onap/sdc-backend:1.4-STAGING-latest
+backendInitImage: onap/sdc-backend-init:1.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Cassandra
name: sdc-cs
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.3.5
-cassandraInitImage: onap/sdc-cassandra-init:1.3.5
+image: onap/sdc-cassandra:1.4-STAGING-latest
+cassandraInitImage: onap/sdc-cassandra-init:1.4-STAGING-latest
pullPolicy: Always
apiVersion: v1
description: ONAP SDC DCAE Backend client of TOSCALAB and SDC
name: sdc-dcae-be
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP DCAE desiner composition tool for creating customized templates
name: sdc-dcae-dt
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP SDC DCAE UI for service monitoring and MC create and configure
name: sdc-dcae-fe
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Tosca model for component monitoring and descriptors deployment
name: sdc-dcae-tosca-lab
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Service Design and Creation Elasticsearch
name: sdc-es
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-elasticsearch:1.3.5
-elasticInitImage: onap/sdc-init-elasticsearch:1.3.5
+image: onap/sdc-elasticsearch:1.4-STAGING-latest
+elasticInitImage: onap/sdc-init-elasticsearch:1.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Front End
name: sdc-fe
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+pluginsList:
+ - pluginId: DCAED
+ pluginDiscoveryUrl: "{{ .Values.config.plugins.dcae_discovery_url }}"
+ pluginSourceUrl: "{{ .Values.config.plugins.dcae_source_url }}"
+ pluginStateUrl: "dcaed"
+ pluginDisplayOptions:
+ context:
+ displayName: "Monitoring"
+ displayContext: ["SERVICE"]
+ displayRoles: ["DESIGNER"]
+ - pluginId: DCAE-DS
+ pluginDiscoveryUrl: "{{ .Values.config.plugins.dcae_dt_discovery_url }}"
+ pluginSourceUrl: "{{ .Values.config.plugins.dcae_dt_source_url }}"
+ pluginStateUrl: "dcae-ds"
+ pluginDisplayOptions:
+ tab:
+ displayName: "DCAE-DS"
+ displayRoles: ["DESIGNER"]
+ - pluginId: WORKFLOW
+ pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url }}"
+ pluginSourceUrl: "{{ .Values.config.plugins.workflow_source_url }}"
+ pluginStateUrl: "workflowDesigner"
+ pluginDisplayOptions:
+ tab:
+ displayName: "WORKFLOW"
+ displayRoles: ["DESIGNER", "TESTER"]
+
+connectionTimeout: 1000
\ No newline at end of file
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-plugins-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/plugins/*").AsConfig . | indent 2 }}
\ No newline at end of file
readOnly: true
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
+ - name: {{ include "common.fullname" . }}-configs
+ mountPath: /var/lib/jetty/config/catalog-fe/plugins-configuration.yaml
+ subPath: plugins-configuration.yaml
- name: {{ include "common.fullname" . }}-logback
mountPath: /tmp/logback.xml
subPath: logback.xml
name: {{ .Release.Name }}-sdc-filebeat-configmap
- name: {{ include "common.fullname" . }}-data-filebeat
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-configs
+ configMap:
+ name : {{ include "common.fullname" . }}-plugins-configmap
+ defaultMode: 0777
- name: {{ include "common.fullname" . }}-logback
configMap:
name : {{ include "common.fullname" . }}-logging-configmap
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.3.5
+image: onap/sdc-frontend:1.4-STAGING-latest
pullPolicy: Always
config:
javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=6000,server=y,suspend=n -Xmx256m -Xms256m"
+ plugins:
+ dcae_discovery_url: "http://sdc-dcae-fe:8183/dcaed/#/home"
+ dcae_source_url: "http://sdc.dcae.plugin.simpledemo.onap.org:30263/dcaed/#/home"
+ dcae_dt_discovery_url: "http://sdc-dcae-dt:8186/dcae/#/dcae/home"
+ dcae_dt_source_url: "http://sdc.dcae.plugin.simpledemo.onap.org:30265/dcae/#/dcae/home"
+ workflow_discovery_url: "http://sdc-wfd-fe:8080/workflows"
+ workflow_source_url: "http://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/"
# default number of instances
replicaCount: 1
apiVersion: v1
description: ONAP Service Design and Creation Kibana
name: sdc-kb
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-kibana:1.3.5
+image: onap/sdc-kibana:1.4-STAGING-latest
pullPolicy: Always
config:
apiVersion: v1
description: ONAP Service Design and Creation Onboarding API
name: sdc-onboarding-be
-version: 3.0.0
+version: 4.0.0
- containerPort: {{ .Values.service.internalPort2 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
+ exec:
+ command:
+ - "/var/lib/ready-probe.sh"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.3.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.3.5
+image: onap/sdc-onboard-backend:1.4-STAGING-latest
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Workflow Designer backend
name: sdc-wfd-be
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-backend:1.3.2
-configInitImage: onap/workflow-init:1.3.2
+image: onap/workflow-backend:1.4.0-SNAPSHOT
+configInitImage: onap/workflow-init:1.4.0-SNAPSHOT
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Workflow Designer frontend
name: sdc-wfd-fe
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-frontend:1.3.2
+image: onap/workflow-frontend:1.4.0-SNAPSHOT
pullPolicy: Always
# flag to enable debugging - application support required
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
],
"KB": "sdc-kb.{{include "common.namespace" .}}"
},
- "Plugins": {
- "DCAE": {
- "dcae_discovery_url": "http://sdc-dcae-fe.{{include "common.namespace" .}}:8183/dcaed/#/home",
- "dcae_source_url": "http://sdc.dcae.plugin.simpledemo.onap.org:30263/dcaed/#/home"
- },
- "DCAE-TAB": {
- "dcae_dt_discovery_url": "http://sdc-dcae-dt.{{include "common.namespace" .}}:8186/dcae/#/dcae/home",
- "dcae_dt_source_url": "http://sdc.dcae.plugin.simpledemo.onap.org:30265/dcae/#/dcae/home"
- },
- "WORKFLOW": {
- "workflow_discovery_url": "http://sdc-wfd-fe.{{include "common.namespace" .}}:8080",
- "workflow_source_url": "http://sdc.workflow.plugin.simpledemo.onap.org:30256"
- }
- },
"VnfRepo": {
"vnfRepoPort": "{{.Values.config.environment.vnfRepoPort}}",
"vnfRepoHost": "refrepo.{{include "common.namespace" .}}"
apiVersion: v1
description: SDN Controller
name: sdnc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: SDNC DMaaP Listener
name: dmaap-listener
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.4.3
+image: onap/sdnc-dmaap-listener-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
requests:
cpu: 1
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: SDN-C Ansible Server
name: sdnc-ansible-server
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
- name: {{ include "common.name" . }}
command: ["/bin/bash"]
args: ["-c", "cd /opt/onap/ccsdk && ./startAnsibleServer.sh"]
+
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.4.3
+image: onap/sdnc-ansible-server-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: SDN-C Admin Portal
name: sdnc-portal
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.4.3
+image: onap/admportal-sdnc-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: SDNC UEB Listener
name: ueb-listener
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.4.3
+image: onap/sdnc-ueb-listener-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: controller-blueprints
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: mysql
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: network-name-gen
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: dgbuilder
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: sdnc-prom
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: config.geoEnabled
apiVersion: v1
description: ONAP SDNC Policy Driven Ownership Management
name: sdnc-prom
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
value: "{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}"
+ - name: JAVA_HOME
+ value: "{{ .Values.config.javaHome}}"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.4.3
+image: onap/sdnc-image:1.5-STAGING-latest
# flag to enable debugging - application support required
debugEnabled: false
logstashPort: 5044
ansibleServiceName: sdnc-ansible-server
ansiblePort: 8000
+ javaHome: /usr/lib/jvm/java-1.8-openjdk
# dependency / sub-chart configuration
dmaap-listener:
apiVersion: v1
description: ONAP Mock Sniro Emulator
name: sniro-emulator
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Service Orchestrator
name: so
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-bpmn-infra
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
rollback:
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ use:
+ qualified:
+ host: false
global:
dmaap:
username: testuser
host: http://10.42.111.36:904
publisher:
topic: replaceme
+ naming:
+ endpoint: http://naming.demo.onap.com:8081/web/service/v1/genNetworkElementName
+ auth: Basic bTA0NzY4QG5vbi1wcm9kLm1zby5lY29tcC5hdHQuY29tOkF0dG0wNDc2OExpZmUhQA==
policy:
auth: Basic dGVzdHBkcDphbHBoYTEyMw==
+ default:
+ disposition: Skip
client:
auth: Basic bTAzNzQzOnBvbGljeVIwY2sk
endpoint: http://pdp.{{ include "common.namespace" . }}:8081/pdp/api/
spring:
datasource:
driver-class-name: org.mariadb.jdbc.Driver
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
dbcp2:
apiVersion: v1
description: A Helm chart for so-catalog-db-adapter
name: so-catalog-db-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: A Helm chart for DB secrets
name: so-db-secrets
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: MariaDB Service
name: so-mariadb
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: A Helm chart for ONAP Service Orchestration Monitoring
name: so-monitoring
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-openstack-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
port: {{ index .Values.containerPort }}
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
username: ${DB_ADMIN_USERNAME}
password: ${DB_ADMIN_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
apiVersion: v1
description: A Helm chart for request-db-adapter
name: so-request-db-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
context-path: /manage
flyway:
baseline-on-migrate: true
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
user: ${DB_ADMIN_USERNAME}
password: ${DB_ADMIN_PASSWORD}
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-sdc-controller
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
port: {{ index .Values.containerPort }}
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
role: ACTUATOR
request:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
pollingInterval: 60
pollingTimeout: 60
relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
+ useHttpsWithDmaap: false
activateServerTLSAuth: false
keyStorePassword:
keyStorePath:
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-sdnc-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
activate: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
assign: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
delete: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
+ vnf-topology-aic-operation:
+ activate: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic
+ assign: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic
tunnelxconn-topology-operation:
activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf
bpelauth: 023A0244AB819A0DE0131DBC3AC5FAB4D8544E1CB1A7FE3CE60F6E3292AC0D93
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
+ gammainternet:
+ '':
+ query: GET|60000|sdncurl4|sdnc-request-header|com:att:sdnctl:firewallapi
+ service-configuration-operation:
+ activate: POST|90000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ changeactivate: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ changedelete: POST|250000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ changereserve: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ delete: POST|250000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ reserve: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ turnup: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ svc-topology-operation:
+ assign: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ delete: POST|250000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
generic-resource:
network-topology-operation:
create: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
+ sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:'
sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
service:
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-vfc-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
topic: com.att.ecomp.mso.operationalEnvironmentEvent
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
role: ACTUATOR
request:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
apiVersion: v1
description: ONAP uui
name: uui
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP uui server
name: uui-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Virtual Function Controller (VF-C)
name: vfc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP VFC - Catalog
name: vfc-catalog
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - DB
name: vfc-db
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP VFC - EMS Driver
name: vfc-ems-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Generic VNFM Driver
name: vfc-generic-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Huawei VNFM Driver
name: vfc-huawei-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Juju VNFM Driver
name: vfc-juju-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - MultiVIM Proxy
name: vfc-multivim-proxy
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Nokia V2VNFM Driver
name: vfc-nokia-v2vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Nokia VNFM Driver
name: vfc-nokia-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - NS Life Cycle Management
name: vfc-nslcm
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Resource Manager
name: vfc-resmgr
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - VNF Life Cycle Management
name: vfc-vnflcm
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - VNF Manager
name: vfc-vnfmgr
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - VNF Resource Manager
name: vfc-vnfres
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Workflow Engine
name: vfc-workflow-engine
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Workflow
name: vfc-workflow
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - ZTE SDNC Driver
name: vfc-zte-sdnc-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - ZTE VNFM Driver
name: vfc-zte-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: ONAP Virtual Infrastructure Deployment
name: vid
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP VID MariaDB Galera cluster
name: vid_mariadb_galera
-version: 3.0.0
+version: 4.0.0
keywords:
- mariadb
- mysql
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
containers:
- name: {{ include "common.name" . }}-job
image: {{ .Values.mariadb_image }}
- imagePullPolicy: "{{ .Values.pullPolicy }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: /dbcmd-config/db_cmd.sh
name: {{ include "common.fullname" . }}-config
apiVersion: v1
description: ONAP VNF SDK
name: vnfsdk
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: postgres
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy}}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
resources:
{{ include "common.resources" . | indent 12 }}
apiVersion: v1
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy}}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy}}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}-job
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP VNF Validation Platform
-name: vvp
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: end-to-end flow tests based on Seleniunm
-name: vvp-ci-uwsgi
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-from datetime import datetime
-
-# With this file at web/settings/__init__.py, we need three applications of
-# dirname() to find the project root.
-PROJECT_PATH = os.path.realpath(os.path.dirname(os.path.dirname(os.path.dirname(__file__))))
-LOGS_PATH = os.path.join(PROJECT_PATH, "logs")
-
-ICE_ENVIRONMENT = os.environ['ICE_ENVIRONMENT']
-PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX']
-SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER']
-PROGRAM_NAME = os.environ['PROGRAM_NAME']
-SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts
-# Anything in the Host header that does not match our expected domain should
-# raise SuspiciousOperation exception.
-ALLOWED_HOSTS = ['*']
-
-if ICE_ENVIRONMENT == 'production':
- DEBUG = False
-
- EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
- EMAIL_HOST = os.environ.get('ICE_EMAIL_HOST')
- EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD']
- EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER']
- EMAIL_PORT = os.environ['EMAIL_PORT']
-else:
- DEBUG = True
- EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-REST_FRAMEWORK = {
- 'DEFAULT_AUTHENTICATION_CLASSES': (
- 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
- ),
- 'PAGE_SIZE': 10,
- # Use Django's standard `django.contrib.auth` permissions,
- # or allow read-only access for unauthenticated users.
- 'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',),
-}
-APPEND_SLASH = False
-
-# Application definition
-
-INSTALLED_APPS = [
-
- 'django.contrib.auth',
- 'django.contrib.contenttypes', # required by d.c.admin
- 'django.contrib.sessions', # required by d.c.admin
- 'django.contrib.messages', # required by d.c.admin
- 'django.contrib.staticfiles',
- 'django.contrib.admin', # django admin site
- 'rest_framework',
- 'iceci.apps.IceCiConfig',
-]
-
-MIDDLEWARE_CLASSES = [
- 'django.middleware.security.SecurityMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
-]
-
-ROOT_URLCONF = 'web.urls'
-
-TEMPLATES = [
- {
- 'BACKEND': 'django.template.backends.django.DjangoTemplates',
- 'DIRS': [PROJECT_PATH + '/web/templates'],
- 'APP_DIRS': True,
- 'OPTIONS': {
- 'context_processors': [
- 'django.template.context_processors.debug',
- 'django.template.context_processors.request',
- 'django.contrib.auth.context_processors.auth', # required by d.c.admin
- 'django.contrib.messages.context_processors.messages', # required by d.c.admin
- ],
- },
- },
-]
-
-WSGI_APPLICATION = 'web.wsgi.application'
-
-# Database
-# https://docs.djangoproject.com/en/1.9/ref/settings/#databases
-
-DATABASES = {
- 'default': { # CI DB details.
- 'NAME': '/app/ice_ci_db.db' ,
- 'ENGINE': 'django.db.backends.sqlite3',
- 'TEST_NAME': '/app/ice_ci_db.db',
- },
-}
-SINGLETONE_DB = {
- 'default': { # CI DB details.
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ.get('CI_DB_NAME', 'ice_ci_db'),
- 'USER': os.environ.get('CI_DB_USER', 'iceci'),
- 'PASSWORD': os.environ.get('CI_DB_PASSWORD', 'Aa123456'),
- 'HOST': os.environ.get('CI_DB_HOST', 'localhost'),
- 'PORT': os.environ.get('CI_DB_PORT', '5433'),
- },
- 'em_db': { # ICE DB details.
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ.get('EM_DB_NAME', 'icedb'),
- 'USER': os.environ.get('EM_DB_USER', 'iceuser'),
- 'PASSWORD': os.environ.get('EM_DB_PASSWORD', 'Aa123456'),
- 'HOST': os.environ.get('EM_DB_HOST', 'localhost'),
- 'PORT': os.environ.get('EM_DB_PORT', '5433'),
- },
- 'cms_db': { # ICE CMS details.
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ.get('CMS_DB_NAME', 'icecmsdb'),
- 'USER': os.environ.get('CMS_DB_USER', 'icecmsuser'),
- 'PASSWORD': os.environ.get('CMS_DB_PASSWORD', 'Aa123456'),
- 'HOST': os.environ.get('CMS_DB_HOST', 'localhost'),
- 'PORT': os.environ.get('CMS_DB_PORT', '5433'),
- }
-}
-
-# Password validation
-# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators
-
-AUTH_PASSWORD_VALIDATORS = [
- {
- 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
- },
-]
-
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.9/topics/i18n/
-
-LANGUAGE_CODE = 'en-us'
-
-TIME_ZONE = 'UTC'
-
-USE_I18N = True
-
-USE_L10N = True
-
-USE_TZ = False
-
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.9/howto/static-files/
-STATIC_ROOT = os.environ['STATIC_ROOT']
-STATIC_URL = '/static/'
-
-LOGGING = {
- 'version': 1,
- 'disable_existing_loggers': False,
- 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes
- 'verbose': {
- 'format': '%(asctime)s %(levelname)s %(module)s %(filename)s:%(lineno)d %(process)d %(thread)d %(message)s'
- },
- 'simple': {
- 'format': '%(asctime)s %(levelname)s %(filename)s:%(lineno)d %(message)s'
- },
- },
- 'handlers': {
- 'console': {
- 'class': 'logging.StreamHandler',
- 'formatter': 'simple'
- },
- 'file1': {
- 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL)
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-info.log',
- 'formatter': 'verbose'
- },
- 'file2': {
- 'level': 'DEBUG',
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-debug.log',
- 'formatter': 'verbose'
- },
- 'file3': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-requests.log',
- 'formatter': 'verbose'
- },
- 'file4': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-db.log',
- 'formatter': 'verbose'
- }
- },
- 'loggers': {
- 'vvp-ci.logger': {
- 'handlers': ['file1', 'file2', 'file3', 'file4','console'],
- 'level': os.getenv('ICE_ICE_LOGGER_LEVEL', 'DEBUG'),
- },
- 'django': {
- 'handlers': ['console'],
- 'level': os.getenv('ICE_DJANGO_LOGGER_LEVEL', 'DEBUG'),
- },
- 'django.request': {
- 'handlers': ['file3'],
- 'level': os.getenv('ICE_ICE_REQUESTS_LOGGER_LEVEL', 'ERROR'),
- },
- 'django.db.backends': {
- 'handlers': ['file4'],
- 'level': os.getenv('ICE_ICE_DB_LOGGER_LEVEL', 'ERROR'),
- }
- }
-}
-
-
-#############################
-# ICE-CI Related Configuration
-#############################
-ICE_CONTACT_FROM_ADDRESS = os.getenv('ICE_CONTACT_FROM_ADDRESS')
-ICE_CONTACT_EMAILS = list(os.getenv('ICE_CONTACT_EMAILS','user@example.com').split(','))
-ICE_CI_ENVIRONMENT_NAME = os.getenv('ICE_CI_ENVIRONMENT_NAME', 'Dev') # Dev / Docker / Staging
-ICE_EM_URL = "{domain}/{prefix}".format(domain=os.environ['ICE_EM_DOMAIN_NAME'], prefix=PROGRAM_NAME_URL_PREFIX)
-ICE_PORTAL_URL = os.environ['ICE_DOMAIN']
-EM_REST_URL = ICE_EM_URL + '/v1/engmgr/'
-
-#Number of test results presented in admin page. Illegal values: '0' or 'Null'
-NUMBER_OF_TEST_RESULTS = int(os.getenv('NUMBER_OF_TEST_RESULTS', '30'))
-ICE_BUILD_REPORT_NUM = os.getenv('ICE_BUILD_REPORT_NUM',"{:%Y-%m-%d-%H-%M-%S}".format(datetime.now()))
-IS_JUMP_STATE=os.getenv('IS_JUMP_STATE', "True")
-DATABASE_TYPE = 'sqlite'
-
-# FIXME: Does this authentication scheme actually gain us anything? What's the
-# threat model
-WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN']
-
-# The authentication token and URL needed for us to issue requests to the GitLab API.
-GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN']
-GITLAB_URL = "http://vvp-gitlab/"
-
-JENKINS_URL = "http://vvp-jenkins:8080/"
-JENKINS_USERNAME = "admin"
-JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD']
-
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":8282"
-chdir = '/app'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 8282
- - containerPort: 9000
- volumeMounts:
- - name: ci-settings
- mountPath: /opt/configmaps/settings/
- - name: site-crt
- mountPath: /opt/secrets/site-crt/
- env:
- - name: ICE_ENVIRONMENT
- value: "development"
- - name: PROGRAM_NAME_URL_PREFIX
- value: "vvp"
- - name: SERVICE_PROVIDER
- value: "NA"
- - name: PROGRAM_NAME
- value: "VVP"
- - name: SERVICE_PROVIDER_DOMAIN
- value: "na.com"
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: key}
- - name: EM_DB_HOST
- value: postgresql
- - name: EM_DB_PORT
- value: "5432"
- - name: EM_DB_NAME
- value: icedb
- - name: EM_DB_USER
- value: "em_postgresuser"
- - name: EM_DB_PASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: emPassword}
- - name: CMS_DB_HOST
- value: postgresql
- - name: CMS_DB_PORT
- value: "5432"
- - name: CMS_DB_NAME
- value: "icecmsdb"
- - name: CMS_DB_USER
- value: "cms_postgresuser"
- - name: CMS_DB_PASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: cmsPassword}
- - name: CI_DB_HOST
- value: postgresql
- - name: CI_DB_PORT
- value: "5432"
- - name: CI_DB_NAME
- value: icedb
- - name: CI_DB_USER
- value: "em_postgresuser"
- - name: CI_DB_PASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: ciPassword}
- - name: STATIC_ROOT
- value: "/app/htdocs"
- - name: ICE_CONTACT_FROM_ADDRESS
- value: "example"
- - name: SECRET_WEBHOOK_TOKEN
- valueFrom:
- secretKeyRef: {name: em-secret, key: em_webhook_token}
- - name: SECRET_GITLAB_AUTH_TOKEN
- valueFrom:
- secretKeyRef: {name: gitlab-password, key: auth-token}
- - name: SECRET_JENKINS_PASSWORD
- valueFrom:
- secretKeyRef: {name: em-secret, key: jenkins_admin_password}
- - name: ICE_DOMAIN
- value: https://development.vvp.example.com
- - name: ICE_EM_DOMAIN_NAME
- value: https://development.vvp.example.com
- - name: OAUTHLIB_INSECURE_TRANSPORT
- value: "1"
- - name: CI_ADMIN_USER
- value: "ciadminuser"
- - name: CI_ADMIN_MAIL
- value: "ciadminmail@example.com"
- - name: CI_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: admin_password}
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- command: ["/app/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "web.wsgi:application", ]
- volumes:
- - name: ci-settings
- configMap:
- name: {{ include "common.fullname" . }}-settings
- - name: site-crt
- secret:
- secretName: site-crt
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: backend uwsgi server which hosts django application
-name: vvp-cms-uwsgi
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from __future__ import absolute_import, unicode_literals
-import os
-from cms.envbool import envbool
-
-from django import VERSION as DJANGO_VERSION
-from django.utils.translation import ugettext_lazy as _
-from boto.s3.connection import OrdinaryCallingFormat
-
-
-######################
-# MEZZANINE SETTINGS #
-######################
-
-# The following settings are already defined with default values in
-# the ``defaults.py`` module within each of Mezzanine's apps, but are
-# common enough to be put here, commented out, for conveniently
-# overriding. Please consult the settings documentation for a full list
-# of settings Mezzanine implements:
-# http://mezzanine.jupo.org/docs/configuration.html#default-settings
-
-# Controls the ordering and grouping of the admin menu.
-#
-# ADMIN_MENU_ORDER = (
-# ("Content", ("pages.Page", "blog.BlogPost",
-# "generic.ThreadedComment", (_("Media Library"), "media-library"),)),
-# ("Site", ("sites.Site", "redirects.Redirect", "conf.Setting")),
-# ("Users", ("auth.User", "auth.Group",)),
-# )
-
-# A three item sequence, each containing a sequence of template tags
-# used to render the admin dashboard.
-#
-# DASHBOARD_TAGS = (
-# ("blog_tags.quick_blog", "mezzanine_tags.app_list"),
-# ("comment_tags.recent_comments",),
-# ("mezzanine_tags.recent_actions",),
-# )
-
-# A sequence of templates used by the ``page_menu`` template tag. Each
-# item in the sequence is a three item sequence, containing a unique ID
-# for the template, a label for the template, and the template path.
-# These templates are then available for selection when editing which
-# menus a page should appear in. Note that if a menu template is used
-# that doesn't appear in this setting, all pages will appear in it.
-
-# PAGE_MENU_TEMPLATES = (
-# (1, _("Top navigation bar"), "pages/menus/dropdown.html"),
-# (2, _("Left-hand tree"), "pages/menus/tree.html"),
-# (3, _("Footer"), "pages/menus/footer.html"),
-# )
-
-# A sequence of fields that will be injected into Mezzanine's (or any
-# library's) models. Each item in the sequence is a four item sequence.
-# The first two items are the dotted path to the model and its field
-# name to be added, and the dotted path to the field class to use for
-# the field. The third and fourth items are a sequence of positional
-# args and a dictionary of keyword args, to use when creating the
-# field instance. When specifying the field class, the path
-# ``django.models.db.`` can be omitted for regular Django model fields.
-#
-# EXTRA_MODEL_FIELDS = (
-# (
-# # Dotted path to field.
-# "mezzanine.blog.models.BlogPost.image",
-# # Dotted path to field class.
-# "somelib.fields.ImageField",
-# # Positional args for field class.
-# (_("Image"),),
-# # Keyword args for field class.
-# {"blank": True, "upload_to": "blog"},
-# ),
-# # Example of adding a field to *all* of Mezzanine's content types:
-# (
-# "mezzanine.pages.models.Page.another_field",
-# "IntegerField", # 'django.db.models.' is implied if path is omitted.
-# (_("Another name"),),
-# {"blank": True, "default": 1},
-# ),
-# )
-
-# Setting to turn on featured images for blog posts. Defaults to False.
-#
-# BLOG_USE_FEATURED_IMAGE = True
-
-# If True, the django-modeltranslation will be added to the
-# INSTALLED_APPS setting.
-USE_MODELTRANSLATION = False
-
-
-########################
-# MAIN DJANGO SETTINGS #
-########################
-
-# Hosts/domain names that are valid for this site; required if DEBUG is False
-# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = ['*']
-
-# Set UTC time zone:
-TIME_ZONE = 'UTC'
-USE_TZ = True
-
-# Local time zone for this installation. Choices can be found here:
-# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
-# although not all choices may be available on all operating systems.
-# On Unix systems, a value of None will cause Django to use the same
-# timezone as the operating system.
-# If running in a Windows environment this must be set to the same as your
-# system time zone.
-TIME_ZONE = 'UTC'
-
-# If you set this to True, Django will use timezone-aware datetimes.
-USE_TZ = True
-
-# Language code for this installation. All choices can be found here:
-# http://www.i18nguy.com/unicode/language-identifiers.html
-LANGUAGE_CODE = "en"
-
-# Supported languages
-LANGUAGES = (
- ('en', _('English')),
-)
-
-ENVIRONMENT = os.environ['ENVIRONMENT']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# A boolean that turns on/off debug mode. When set to ``True``, stack traces
-# are displayed for error pages. Should always be set to ``False`` in
-# production. Best set to ``True`` in local_settings.py
-DEBUG = envbool('DJANGO_DEBUG_MODE', False)
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-# Whether a user's session cookie expires when the Web browser is closed.
-SESSION_EXPIRE_AT_BROWSER_CLOSE = True
-
-SITE_ID = 1
-
-# If you set this to False, Django will make some optimizations so as not
-# to load the internationalization machinery.
-USE_I18N = False
-
-AUTHENTICATION_BACKENDS = ("mezzanine.core.auth_backends.MezzanineBackend",)
-
-# The numeric mode to set newly-uploaded files to. The value should be
-# a mode you'd pass directly to os.chmod.
-FILE_UPLOAD_PERMISSIONS = 0o644
-
-
-#############
-# DATABASES #
-#############
-
-DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ['PGDATABASE'],
- 'USER': os.environ['PGUSER'],
- 'PASSWORD': os.environ['PGPASSWORD'],
- 'HOST': os.environ['PGHOST'],
- 'PORT': os.environ['PGPORT'],
- }
-}
-
-
-#########
-# PATHS #
-#########
-
-# Full filesystem path to the project.
-PROJECT_APP_PATH = os.path.dirname(os.path.abspath(__file__))
-PROJECT_APP = os.path.basename(PROJECT_APP_PATH)
-PROJECT_ROOT = BASE_DIR = os.path.dirname(PROJECT_APP_PATH)
-
-# Every cache key will get prefixed with this value - here we set it to
-# the name of the directory the project is in to try and use something
-# project specific.
-CACHE_MIDDLEWARE_KEY_PREFIX = PROJECT_APP
-
-# Package/module name to import the root urlpatterns from for the project.
-ROOT_URLCONF = 'cms.urls'
-
-TEMPLATES = [
- {
- "BACKEND": "django.template.backends.django.DjangoTemplates",
- "DIRS": [
- os.path.join(PROJECT_ROOT, "templates")
- ],
- "APP_DIRS": True,
- "OPTIONS": {
- "context_processors": [
- "django.contrib.auth.context_processors.auth",
- "django.contrib.messages.context_processors.messages",
- "django.template.context_processors.debug",
- "django.template.context_processors.i18n",
- "django.template.context_processors.static",
- "django.template.context_processors.media",
- "django.template.context_processors.request",
- "django.template.context_processors.tz",
- "mezzanine.conf.context_processors.settings",
- "mezzanine.pages.context_processors.page",
- ],
- "builtins": [
- "mezzanine.template.loader_tags",
- ],
- },
- },
-]
-
-if DJANGO_VERSION < (1, 9):
- del TEMPLATES[0]["OPTIONS"]["builtins"]
-
-
-################
-# APPLICATIONS #
-################
-
-INSTALLED_APPS = (
- "mezzanine_api",
- "rest_framework",
- "rest_framework_swagger",
- "oauth2_provider",
- "django.contrib.admin",
- "django.contrib.auth",
- "django.contrib.contenttypes",
- "django.contrib.redirects",
- "django.contrib.sessions",
- "django.contrib.sites",
- "django.contrib.sitemaps",
- "django.contrib.staticfiles",
- "mezzanine.boot",
- "mezzanine.conf",
- "mezzanine.core",
- "mezzanine.generic",
- "mezzanine.pages",
- "mezzanine.blog",
- "mezzanine.forms",
- "mezzanine.galleries",
- "mezzanine.twitter",
- # "mezzanine.accounts",
- # "mezzanine.mobile",
- "cms" ,
- "storages",
-)
-
-# List of middleware classes to use. Order is important; in the request phase,
-# these middleware classes will be applied in the order given, and in the
-# response phase the middleware will be applied in reverse order.
-MIDDLEWARE_CLASSES = (
- "mezzanine.core.middleware.UpdateCacheMiddleware",
- "mezzanine_api.middleware.ApiMiddleware",
- 'django.contrib.sessions.middleware.SessionMiddleware',
- # Uncomment if using internationalisation or localisation
- # 'django.middleware.locale.LocaleMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
-
- "mezzanine.core.request.CurrentRequestMiddleware",
- "mezzanine.core.middleware.RedirectFallbackMiddleware",
- "mezzanine.core.middleware.TemplateForDeviceMiddleware",
- "mezzanine.core.middleware.TemplateForHostMiddleware",
- "mezzanine.core.middleware.AdminLoginInterfaceSelectorMiddleware",
- "mezzanine.core.middleware.SitePermissionMiddleware",
- "mezzanine.pages.middleware.PageMiddleware",
- "mezzanine.core.middleware.FetchFromCacheMiddleware",
-)
-
-# Store these package names here as they may change in the future since
-# at the moment we are using custom forks of them.
-PACKAGE_NAME_FILEBROWSER = "filebrowser_safe"
-PACKAGE_NAME_GRAPPELLI = "grappelli_safe"
-
-#########################
-# OPTIONAL APPLICATIONS #
-#########################
-
-# These will be added to ``INSTALLED_APPS``, only if available.
-OPTIONAL_APPS = (
- "debug_toolbar",
- "django_extensions",
- "compressor",
- PACKAGE_NAME_FILEBROWSER,
- PACKAGE_NAME_GRAPPELLI,
-)
-
-#####################
-# REST API SETTINGS #
-#####################
-try:
- from mezzanine_api.settings import *
-except ImportError:
- pass
-
-
-##################
-# LOCAL SETTINGS #
-##################
-
-# Allow any settings to be defined in local_settings.py which should be
-# ignored in your version control system allowing for settings to be
-# defined per ma chine.
-
-# Instead of doing "from .local_settings import *", we use exec so that
-# local_settings has full access to everything defined in this module.
-# Also force into sys.modules so it's visible to Django's autoreload.
-
-f = os.path.join(PROJECT_APP_PATH, "local_settings/__init__.py")
-if os.path.exists(f):
- import sys
- import imp
- module_name = "%s.local_settings" % PROJECT_APP
- module = imp.new_module(module_name)
- module.__file__ = f
- sys.modules[module_name] = module
- exec(open(f, "rb").read())
-
-
-####################
-# DYNAMIC SETTINGS #
-####################
-
-# set_dynamic_settings() will rewrite globals based on what has been
-# defined so far, in order to provide some better defaults where
-# applicable. We also allow this settings module to be imported
-# without Mezzanine installed, as the case may be when using the
-# fabfile, where setting the dynamic settings below isn't strictly
-# required.
-try:
- from mezzanine.utils.conf import set_dynamic_settings
-except ImportError:
- pass
-else:
- set_dynamic_settings(globals())
-
-# default settings for mezzanine
-NEVERCACHE_KEY = os.getenv('CMS_NEVERCACHE_KEY', ''),
-# Application User
-CMS_APP_USER = os.getenv('CMS_APP_USER')
-CMS_APP_USER_PASSWORD = os.getenv('CMS_APP_USER_PASSWORD')
-CMS_APP_USER_MAIL = os.getenv('CMS_APP_USER_MAIL')
-# Client App (EM)
-CMS_APP_CLIENT_ID = os.getenv('CMS_APP_CLIENT_ID')
-CMS_APP_CLIENT_SECRET = os.getenv('CMS_APP_CLIENT_SECRET')
-CMS_APP_NAME = 'Engagement_Manager_App'
-REST_FRAMEWORK['DEFAULT_RENDERER_CLASSES'] = (
- 'rest_framework.renderers.JSONRenderer',
-)
-
-# S3 configuration for static resources storage and media upload
-
-# used by our custom storage.py
-MEDIA_BUCKET = "cms-media"
-STATIC_BUCKET = "cms-static"
-
-# django-storages configuration
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
-AWS_AUTO_CREATE_BUCKET = True
-AWS_PRELOAD_METADATA = True
-
-# Set by custom subclass.
-# AWS_STORAGE_BUCKET_NAME = "em-static"
-AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat()
-DEFAULT_FILE_STORAGE = 'cms.settings.storage.S3MediaStorage'
-STATICFILES_STORAGE = 'cms.settings.storage.S3StaticStorage'
-
-# These seem to have no effect even when we don't override with custom_domain?
-STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET)
-MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET)
-
-STATIC_ROOT = os.environ['STATIC_ROOT']
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":80"
-chdir = '/srv'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-storage.py
-
-In order to make Django store trusted static files and untrusted media
-(user-uploaded) files in separate s3 buckets, we must create two different
-storage classes.
-
-https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/
-http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/
-
-"""
-
-# FIXME this module never changes so might not need not be kept in a
-# configmap. Also it is (almost) the same as what we use in em; that does
-# not use S3BotoStorageMixin.
-
-# There is a newer storage based on boto3 but that doesn't support changing
-# the HOST, as we need to for non-amazon s3 services. It does support an
-# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work.
-from storages.backends.s3boto import S3BotoStorage
-from filebrowser_safe.storage import S3BotoStorageMixin
-from django.conf import settings
-
-
-# NOTE for some reason, collectstatic uploads to bucket/location but the
-# urls constructed are domain/location
-class S3StaticStorage(S3BotoStorage, S3BotoStorageMixin):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET)
- bucket_name = settings.STATIC_BUCKET
- # location = ...
-
-
-class S3MediaStorage(S3BotoStorage, S3BotoStorageMixin):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET)
- bucket_name = settings.MEDIA_BUCKET
- # location = ...
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-settings
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/cms/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-secret
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- key: "KCtkbV9yaigwMDU9XmV2emVzZDMjeHB5JC0kY15qI2NsemlsYngmXz0wbGg3by0zNCM="
- app_user: "Y21zYXBwdXNlcg=="
- app_user_mail: "Y21zYXBwdXNlckBleGFtcGxlLmNvbQ=="
- app_user_password: "Y21zYXBwdXNlcnBhc3N3b3Jk"
- app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ=="
- app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU="
- nevercache_key: "YV9qLWc1aCszKW9AMndpYXNtYmcoaHV4cHVqaD05NShwLSR2ejF4aiZ0K20pKy11ODQ="
----
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort1 }}
- - containerPort: {{ .Values.service.internalPort2 }}
- env:
- - name: ENVIRONMENT
- value: "development"
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: key}
- - name: EMAIL_HOST
- value: "localhost"
- - name: EMAIL_HOST_USER
- value: "example"
- - name: EMAIL_PORT
- value: "25"
- - name: EMAIL_HOST_PASSWORD
- valueFrom:
- secretKeyRef: {name: email-secret, key: password}
- - name: PGHOST
- value: vvp-postgres
- - name: PGPORT
- value: "5432"
- - name: PGDATABASE
- value: "icecmsdb"
- - name: PGUSER
- value: "cms_postgresuser"
- - name: PGPASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: cmsPassword}
- - name: ICE_CONTACT_FROM_ADDRESS
- value: "example"
- - name: CMS_NEVERCACHE_KEY
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: nevercache_key}
- - name: CMS_APP_USER
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user}
- - name: CMS_APP_USER_MAIL
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_mail}
- - name: CMS_APP_USER_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_password}
- - name: CMS_APP_CLIENT_ID
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_id}
- - name: CMS_APP_CLIENT_SECRET
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_secret}
- - name: STATIC_ROOT
- value: "/app/htdocs"
- - name: DJANGO_DEBUG_MODE
- value: "True"
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "cms.wsgi:application", ]
- volumeMounts:
- - name: settings
- mountPath: /opt/configmaps/settings/
- - name: site-crt
- mountPath: /opt/secrets/site-crt/
- volumes:
- - name: settings
- configMap:
- name: {{ include "common.fullname" . }}-settings
- - name: site-crt
- secret:
- secretName: site-crt
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/cms:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort1: 80
- internalPort2: 9000
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: backend uwsgi server which hosts django application
-name: vvp-em-uwsgi
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-Django settings for VVP project.
-
-Environment variables that must exist:
-
- ENVIRONMENT
- SECRET_KEY
- SECRET_WEBHOOK_TOKEN
- SECRET_GITLAB_AUTH_TOKEN
- SECRET_JENKINS_PASSWORD
- SECRET_CMS_APP_CLIENT_ID
- SECRET_CMS_APP_CLIENT_SECRET
-
-Environment variables that must exist in production:
-
- EMAIL_HOST
- EMAIL_HOST_PASSWORD
- EMAIL_HOST_USER
- EMAIL_PORT
-
-"""
-
-import os
-from vvp.settings.envbool import envbool
-from corsheaders.defaults import default_headers
-from boto.s3.connection import OrdinaryCallingFormat
-import datetime
-
-# With this file at ice/settings/__init__.py, we need three applications of
-# dirname() to find the project root.
-import engagementmanager
-PROJECT_PATH = os.path.dirname(os.path.dirname(engagementmanager.__file__))
-LOGS_PATH = os.path.join(PROJECT_PATH, "logs")
-
-ENVIRONMENT = os.environ['ENVIRONMENT']
-PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX']
-SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER']
-PROGRAM_NAME = os.environ['PROGRAM_NAME']
-SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts
-# Anything in the Host header that does not match our expected domain should
-# raise SuspiciousOperation exception.
-ALLOWED_HOSTS = ['*']
-
-DEBUG = envbool('DJANGO_DEBUG_MODE', False)
-
-if ENVIRONMENT == 'production':
- EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
- EMAIL_HOST = os.environ['EMAIL_HOST']
- EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD']
- EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER']
- EMAIL_PORT = os.environ['EMAIL_PORT']
-else:
- EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-REST_FRAMEWORK = {
- # Use Django's standard `django.contrib.auth` permissions,
- # or allow read-only access for unauthenticated users.
- 'EXCEPTION_HANDLER': 'engagementmanager.utils.exception_handler.ice_exception_handler',
- 'PAGE_SIZE': 10,
- 'DEFAULT_PERMISSION_CLASSES': (
- 'rest_framework.permissions.IsAuthenticated',
- ),
- 'DEFAULT_AUTHENTICATION_CLASSES': (
- 'rest_framework.authentication.SessionAuthentication',
- 'rest_framework.authentication.BasicAuthentication',
- 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
- ),
- 'DEFAULT_PARSER_CLASSES': (
- 'engagementmanager.rest.parsers.XSSJSONParser',
- 'engagementmanager.rest.parsers.XSSFormParser',
- 'engagementmanager.rest.parsers.XSSMultiPartParser',
- )
-}
-
-JWT_AUTH = {
- 'JWT_AUTH_HEADER_PREFIX': 'token',
- 'JWT_ALGORITHM': 'HS256',
- 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),
- 'JWT_DECODE_HANDLER': 'engagementmanager.utils.authentication.ice_jwt_decode_handler',
-}
-
-APPEND_SLASH = False
-
-# Application definition
-INSTALLED_APPS = [
- 'django.contrib.auth', # required by d.c.admin
- 'corsheaders',
- 'django.contrib.contenttypes', # required by d.c.admin
- 'django.contrib.sessions', # required by d.c.admin
- 'django.contrib.messages', # required by d.c.admin
- 'django.contrib.staticfiles',
- 'django.contrib.admin', # django admin site
- 'rest_framework',
- 'engagementmanager.apps.EngagementmanagerConfig',
- 'validationmanager.apps.ValidationmanagerConfig',
-]
-
-MIDDLEWARE_CLASSES = [
- 'django.middleware.security.SecurityMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware', # required by d.c.admin
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
- 'corsheaders.middleware.CorsMiddleware',
-]
-
-ROOT_URLCONF = 'vvp.urls'
-
-TEMPLATES = [
- {
- 'BACKEND': 'django.template.backends.django.DjangoTemplates',
- 'DIRS': [PROJECT_PATH + '/web/templates'],
- 'APP_DIRS': True,
- 'OPTIONS': {
- 'context_processors': [
- 'django.template.context_processors.debug',
- 'django.template.context_processors.request',
- 'django.contrib.auth.context_processors.auth', # required by d.c.admin
- 'django.contrib.messages.context_processors.messages', # required by d.c.admin
- ],
- },
- },
-]
-
-WSGI_APPLICATION = 'vvp.wsgi.application'
-
-
-# Database
-# https://docs.djangoproject.com/en/1.9/ref/settings/#databases
-DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ['PGDATABASE'],
- 'USER': os.environ['PGUSER'],
- 'PASSWORD': os.environ['PGPASSWORD'],
- 'HOST': os.environ['PGHOST'],
- 'PORT': os.environ['PGPORT'],
- }
-}
-
-
-# Password validation
-# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators
-AUTH_PASSWORD_VALIDATORS = [
- {'NAME': 'django.contrib.auth.password_validation.%s' % s} for s in [
- 'UserAttributeSimilarityValidator',
- 'MinimumLengthValidator',
- 'CommonPasswordValidator',
- 'NumericPasswordValidator',
- ]]
-
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.9/topics/i18n/
-LANGUAGE_CODE = 'en-us'
-TIME_ZONE = 'UTC'
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-CORS_ALLOW_HEADERS = default_headers + ('ICE-USER-ID',)
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.9/howto/static-files/
-STATIC_ROOT = os.environ['STATIC_ROOT']
-
-
-LOGGING = {
- 'version': 1,
- 'disable_existing_loggers': False,
- 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes
- 'verbose': {
- 'format': '%(asctime)s %(levelname)s %(name)s %(module)s %(lineno)d %(process)d %(thread)d %(message)s'
- },
- 'simple': {
- 'format': '%(asctime)s %(levelname)s %(name)s %(message)s'
- },
- },
- 'handlers': {
- 'console': {
- 'class': 'logging.StreamHandler',
- 'formatter': 'simple'
- },
- 'vvp-info.log': {
- 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL)
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-info.log'),
- 'formatter': 'verbose'
- },
- 'vvp-debug.log': {
- 'level': 'DEBUG',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-debug.log'),
- 'formatter': 'verbose'
- },
- 'vvp-requests.log': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-requests.log'),
- 'formatter': 'verbose'
- },
- 'vvp-db.log': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-db.log'),
- 'formatter': 'verbose',
- },
- },
- 'loggers': {
- 'vvp.logger': {
- 'handlers': ['vvp-info.log', 'vvp-debug.log', 'vvp-requests.log', 'vvp-db.log', 'console'],
- 'level': 'DEBUG' if DEBUG else 'INFO',
- },
- 'django': {
- 'handlers': ['console'],
- 'level': 'INFO' if DEBUG else 'ERROR',
- },
- 'django.request': {
- 'handlers': ['vvp-requests.log', 'console'],
- 'level': 'INFO' if DEBUG else 'ERROR',
- },
- 'django.db.backends': {
- 'handlers': ['vvp-db.log', 'console'],
- 'level': 'DEBUG' if DEBUG else 'ERROR',
- 'propagate': False,
- },
- # silence the hundred lines of useless "missing variable in template"
- # complaints per admin pageview.
- 'django.template': {
- 'level': 'DEBUG',
- 'handlers': ['vvp-info.log', 'vvp-debug.log', 'console'],
- 'propagate': False,
- },
- }
-}
-
-
-#############################
-# VVP Related Configuration
-#############################
-CONTACT_FROM_ADDRESS = os.getenv('CONTACT_FROM_ADDRESS', 'dummy@example.com')
-CONTACT_EMAILS = [s.strip() for s in os.getenv('CONTACT_EMAILS', 'user@example.com').split(',') if s]
-DOMAIN = os.getenv('EM_DOMAIN_NAME')
-TOKEN_EXPIRATION_IN_HOURS = 48
-DAILY_SCHEDULED_JOB_HOUR = 20
-NUMBER_OF_POLLED_ACTIVITIES = 5
-TEMP_PASSWORD_EXPIRATION_IN_HOURS = 48
-# This is the DNS name pointing to the private-network ip of the host machine
-# running (a haproxy that points to) (an nginx frontend for) this app
-API_DOMAIN = 'em'
-
-# The authentication token needed by Jenkins or Gitlab to issue webhook updates
-# to us. This is a "secret" shared by Jenkins and Django. It must be part of
-# the URL path component for the Jenkins webhook in ValidationManager to accept
-# a notification. It should be a set of random URL-path-safe characters, with
-# no slash '/'.
-# FIXME: Does this authentication scheme actually gain us anything? What's the
-# threat model
-WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN']
-
-# The authentication token and URL needed for us to issue requests to the GitLab API.
-GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN']
-GITLAB_URL = "http://vvp-gitlab/"
-
-JENKINS_URL = "http://vvp-jenkins:8080/"
-JENKINS_USERNAME = "admin"
-JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD']
-
-IS_CL_CREATED_ON_REVIEW_STATE = envbool('IS_CL_CREATED_ON_REVIEW_STATE', False) # Options: True, False
-IS_SIGNAL_ENABLED = envbool('IS_SIGNAL_ENABLED', True)
-RECENT_ENG_TTL = 3 # In days
-CMS_URL = "http://vvp-cms-uwsgi/api/"
-CMS_APP_CLIENT_ID = os.environ['SECRET_CMS_APP_CLIENT_ID']
-CMS_APP_CLIENT_SECRET = os.environ['SECRET_CMS_APP_CLIENT_SECRET']
-
-# slack integration
-SLACK_API_TOKEN = os.environ['SLACK_API_TOKEN']
-ENGAGEMENTS_CHANNEL = os.getenv('ENGAGEMENTS_CHANNEL', '')
-ENGAGEMENTS_NOTIFICATIONS_CHANNEL = os.getenv('ENGAGEMENTS_NOTIFICATIONS_CHANNEL:', '')
-DEVOPS_CHANNEL = os.getenv('DEVOPS_CHANNEL', '')
-DEVOPS_NOTIFICATIONS_CHANNEL = os.getenv('DEVOPS_NOTIFICATIONS_CHANNEL', '')
-
-# S3 configuration for static resources storage and media upload
-
-# used by our custom storage.py
-MEDIA_BUCKET = "em-media"
-STATIC_BUCKET = "em-static"
-
-# django-storages configuration
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
-AWS_AUTO_CREATE_BUCKET = True
-AWS_PRELOAD_METADATA = True
-
-# Set by custom subclass.
-# AWS_STORAGE_BUCKET_NAME = "em-static"
-AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat()
-DEFAULT_FILE_STORAGE = 'vvp.settings.storage.S3MediaStorage'
-STATICFILES_STORAGE = 'vvp.settings.storage.S3StaticStorage'
-
-# These seem to have no effect even when we don't override with custom_domain?
-STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET)
-MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET)
-
-STATIC_ROOT = os.environ['STATIC_ROOT']
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-envbool.py
-
-Return which environment is currently running on (to setting.py).
-
-"""
-import os
-
-
-def envbool(key, default=False, unknown=True):
- """Return a boolean value based on that of an environment variable.
-
- Environment variables have no native boolean type. They are always strings, and may be empty or
- unset (which differs from empty.) Furthermore, notions of what is "truthy" in shell script
- differ from that of python.
-
- This function converts environment variables to python boolean True or False in
- case-insensitive, expected ways to avoid pitfalls:
-
- "True", "true", and "1" become True
- "False", "false", and "0" become False
- unset or empty becomes False by default (toggle with 'default' parameter.)
- any other value becomes True by default (toggle with 'unknown' parameter.)
-
- """
- return {
- 'true': True, '1': True, # 't': True,
- 'false': False, '0': False, # 'f': False.
- '': default,
- }.get(os.getenv(key, '').lower(), unknown)
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":80"
-chdir = '/srv'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-storage.py
-
-In order to make Django store trusted static files and untrusted media
-(user-uploaded) files in separate s3 buckets, we must create two different
-storage classes.
-
-https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/
-http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/
-
-"""
-
-# FIXME this module never changes so might not need not be kept in a
-# configmap. Also it is (almost) the same as what we use in cms.
-
-# There is a newer storage based on boto3 but that doesn't support changing
-# the HOST, as we need to for non-amazon s3 services. It does support an
-# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work.
-from storages.backends.s3boto import S3BotoStorage
-from django.conf import settings
-
-
-# NOTE for some reason, collectstatic uploads to bucket/location but the
-# urls constructed are domain/location
-class S3StaticStorage(S3BotoStorage):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET)
- bucket_name = settings.STATIC_BUCKET
- # location = ...
-
-
-class S3MediaStorage(S3BotoStorage):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET)
- bucket_name = settings.MEDIA_BUCKET
- # location = ...
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 9000
- volumeMounts:
- - name: em-settings
- mountPath: /opt/configmaps/settings/
- - name: site-crt
- mountPath: /opt/secrets/site-crt/
- env:
- - name: ENVIRONMENT
- value: "development"
- - name: PROGRAM_NAME_URL_PREFIX
- value: "vvp"
- - name: SERVICE_PROVIDER
- value: "NA"
- - name: PROGRAM_NAME
- value: "VVP"
- - name: SERVICE_PROVIDER_DOMAIN
- value: "na.com"
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: key}
- - name: EMAIL_HOST
- value: "localhost"
- - name: EMAIL_HOST_USER
- value: "example"
- - name: EMAIL_PORT
- value: "25"
- - name: EMAIL_HOST_PASSWORD
- valueFrom:
- secretKeyRef: {name: email-secret, key: password}
- - name: PGHOST
- value: vvp-postgres
- - name: PGPORT
- value: "5432"
- - name: PGDATABASE
- value: icedb
- - name: PGUSER
- value: "em_postgresuser"
- - name: PGPASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: emPassword}
- - name: DOMAIN
- value: https://development.vvp.example.com
- - name: ICE_EM_DOMAIN_NAME
- value: https://development.vvp.example.com
- - name: CONTACT_FROM_ADDRESS
- value: "example"
- - name: OAUTHLIB_INSECURE_TRANSPORT
- value: "1"
- - name: SECRET_WEBHOOK_TOKEN
- valueFrom:
- secretKeyRef: {name: em-secret, key: em_webhook_token}
- - name: SECRET_GITLAB_AUTH_TOKEN
- valueFrom:
- secretKeyRef: {name: gitlab-password, key: auth-token}
- - name: SECRET_JENKINS_PASSWORD
- valueFrom:
- secretKeyRef: {name: em-secret, key: jenkins_admin_password}
- - name: SECRET_CMS_APP_CLIENT_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: cms_app_client_id}
- - name: SECRET_CMS_APP_CLIENT_SECRET
- valueFrom:
- secretKeyRef: {name: em-secret, key: cms_app_client_secret}
- - name: STATIC_ROOT
- value: "/app/htdocs"
- - name: DJANGO_DEBUG_MODE
- value: "True"
- - name: SLACK_API_TOKEN
- valueFrom:
- secretKeyRef: {name: em-secret, key: slack_api_token}
- - name: ENGAGEMENTS_CHANNEL
- value: ""
- - name: ENGAGEMENTS_NOTIFICATIONS_CHANNEL
- value: ""
- - name: DEVOPS_CHANNEL
- value: ""
- - name: DEVOPS_NOTIFICATIONS_CHANNEL
- value: ""
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "vvp.wsgi:application", ]
- volumes:
- - name: site-crt
- secret:
- secretName: site-crt
- - name: em-settings
- configMap:
- name: {{ include "common.fullname" . }}-settings
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/engagementmgr:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort: 80
- portName: em
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: load balancer for external transport
-name: vvp-ext-haproxy
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resolvers dns
- nameserver pod_dns "10.3.0.10:53"
- resolve_retries 3
- timeout retry 1s
- hold valid 30s
-
-defaults
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- option httpclose
- option redispatch
- option abortonclose
- option httplog
- option dontlognull
- default-server init-addr last,libc,none
-
-backend gitlab_ssh
- mode tcp
- option tcplog
- timeout server 2h
- server gitlabssh vvp-gitlab:22 resolvers dns
-
-frontend gitlab_ssh_frontend
- mode tcp
- option tcplog
- timeout client 2h
- bind 0.0.0.0:22
- acl is_ssh dst_port 22
- use_backend gitlab_ssh if is_ssh
-
-backend portal_backend
- mode http
- server ice_portal vvp:8181 resolvers dns
-
-backend api
- mode http
- server engagement_manager vvp-em-uwsgi:80 resolvers dns
-
-backend s3
- mode http
- balance roundrobin
- option httpchk HEAD /
- server ceph-01 10.252.0.21:8080 check inter 10000ms
-
-frontend portal
- mode http
- acl is_api_call path_beg -i /vvp
- acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3.
- use_backend api if is_api_call
- use_backend s3 if is_s3
- bind 0.0.0.0:80
- bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12
- default_backend portal_backend
-
-listen stats
- bind 0.0.0.0:9001
- mode http
- stats enable # Enable stats page
- stats realm Haproxy\ Statistics
- stats uri /haproxy_stats
- stats auth "${HAPROXY_USER}:${HAPROXY_PASS}"
- acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16
- http-request deny if !network_allowed
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 22
- - containerPort: 443
- - containerPort: 9001
- env:
- - name: HAPROXY_USER
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: user
- - name: HAPROXY_PASS
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: pass
- volumeMounts:
- - mountPath: /usr/local/etc/haproxy/
- name: ext-haproxy-cfg
- - mountPath: /etc/haproxy/
- name: site-pem
- volumes:
- - name: ext-haproxy-cfg
- configMap:
- name: {{ include "common.fullname" . }}-cfg
- items:
- - key: file
- path: haproxy.cfg
- - name: site-pem
- secret:
- secretName: site-pem
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName1 }}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- - port: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName3 }}
- - port: {{ .Values.service.internalPort4 }}
- name: {{ .Values.service.portName4 }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: docker.io
-image: haproxy:1.7.2-alpine
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- portName1: web
- internalPort1: 80
- portName2: ssl
- internalPort2: 443
- portName3: ssh
- internalPort3: 22
- portName4: stats
- internalPort4: 9000
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: holds all customers files in repos
-name: vvp-gitlab
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitlab-password
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- password: "YW82aWo2d29oV2VpcXU0ZQ=="
- auth-token: "amFkdTZ5b2hqYWl5OFdvYjBJZUs="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: jenkins-deploykey
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- deploykey.pub: "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlQWFNQT2ppSkYvWEdicmNpVXNja1hMbFA0Q0ZHNS9POHErQ0xRZW1CTlE="
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "common.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort1 }}
- - containerPort: {{ .Values.service.internalPort2 }}
- securityContext:
- privileged: true
- volumeMounts:
- - mountPath: /var/opt/gitlab
- name: gitlab
- subPath: var/opt/gitlab
- - mountPath: /etc/gitlab
- name: gitlab
- subPath: etc/gitlab
- - mountPath: /var/log/gitlab
- name: gitlab
- subPath: var/log/gitlab
- - mountPath: /tmp/deploykey
- name: jenkins-deploykey
- env:
- - name: ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: gitlab-password
- key: password
- - name: AUTHENTICATION_TOKEN
- valueFrom:
- secretKeyRef:
- name: gitlab-password
- key: auth-token
- - name: EXTERNAL_URL
- value: "http://vvp-gitlab"
- volumes:
- - name: gitlab
- emptyDir: {}
- - name: jenkins-deploykey
- secret:
- secretName: jenkins-deploykey
- imagePullSecrets:
- - name: onapkey
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName1 }}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/gitlab:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- internalPort1: 80
- internalPort2: 22
- portName1: web
- portName2: ssh
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: scan for validity and viruses on users files
-name: vvp-imagescanner
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-from pathlib import Path
-from awsauth import S3Auth
-# A mapping from host names to Requests Authentication Objects; see
-# http://docs.python-requests.org/en/master/user/authentication/
-AUTHS = {}
-if 'S3_HOST' in os.environ:
- AUTHS[os.environ['S3_HOST']] = S3Auth(
- os.environ['AWS_ACCESS_KEY_ID'],
- os.environ['AWS_SECRET_ACCESS_KEY'],
- service_url='https://%s/' % os.environ['S3_HOST']
- )
-LOGS_PATH = Path(os.environ['IMAGESCANNER_LOGS_PATH'])
-STATUSFILE = LOGS_PATH/'status.txt'
-# A dict passed as kwargs to jenkins.Jenkins constructor.
-JENKINS = {
- 'url': 'http://jenkins:8080',
- 'username': 'admin',
- 'password': os.environ['SECRET_JENKINS_PASSWORD'],
- }
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: imagescanner-settings
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/imagescanner/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: slack-tokens
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- notifications: ""
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: imagescanner-ssh
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- # FIXME the imagescanner really should have its own private key, but then we
- # have to adjust the gitlab wrapper script to set two public keys as
- # deploykeys.
- id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K"
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: site-certificate
- namespace: {{ include "common.namespace" . }}
-data:
- site.crt: |
- -----BEGIN CERTIFICATE-----
- MIIDEDCCAfgCCQDhahVKE9/eUjANBgkqhkiG9w0BAQsFADBKMRAwDgYDVQQKDAdF
- eGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtkZXZlbG9wbWVudC52
- dnAuZXhhbXBsZS5jb20wHhcNMTcxMjI0MTUzOTA3WhcNMTgxMjI0MTUzOTA3WjBK
- MRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtk
- ZXZlbG9wbWVudC52dnAuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQCkvNGXe+bdvL2kvrP2L3WABt2WCFoZ2Pn8Px0eEsRiJHVD0eWz
- rgJYHFJu0C0cK9NYSKxVVI8LnKH7Ny5MFfM4Tqyr3UEOLs+fSwaAqM5tSyZU/tEK
- ractA7bi9fDk2lkcs+LLuZMqGPZ37UZcZwsUQ0BONHP668LqkWqT9hNLIN4ejInr
- 32WA3Y7hPNd8Cj+AaLt1x2cXYzi9hrE5l3h9ofkOpXsgDzeIHlp4jJ6kXXQf8UM5
- 1viqa2CWXHBHEG+5eftLSaeE6LAlNt5IJ6LcWEZgNtXr2es4LJC3FjXrv0gc04Cp
- U2OfizpbhT11cLGaeXOq1cUCXNIb4FcJApoXAgMBAAEwDQYJKoZIhvcNAQELBQAD
- ggEBAFGPDG9iurAhUKbFkY97xLA443U01bdwi7eAT5T9qo/RzOwcbuKWXVm1k5HK
- CQO81nlLqLQwhI1+uTTmR41epuJxyGIaDgUySB+8fLzyRSIFaxKD+UeVPgipDNZs
- h0sKSKrO6MoWzMLUYvdZRw6VIc+UpSCqPY+FKUBUHZtMpSFLnhHjRvVkiP4VvFXj
- b7jQzHughzeITygws42fKK/MK7wQ6byaMVRbPbQKPAXNxd/UrSPeX+RzKRWOZ6R8
- Ulyp7dezXCP77UaTZTsxwlurPQIZNMshDxE/SbWt0Q1g28rj5KfAjoZs5Tg/gmQ8
- LLKI/b1OvKohaANGZ6We5U+ceeU=
- -----END CERTIFICATE-----
- wrapper.sh: |
- #!/bin/sh
- # This script is meant to be used as a wrapper, so that it can be easily
- # used with docker or kubernetes' container command specification.
- #
- # Kubernetes' volumeMount creates symlinks for configMapped files at the
- # target directory.
- # Alpine's update-ca-certificates ignores symlinks.
- # So we must contrive to copy the contents of the mounted cert (a symlink)
- # into place as a normal file.
- dev_cert="${0%/*}/site.crt"
- echo >&2 "$0: Checking for site CA certificate at $dev_cert..."
- if [ -s "$dev_cert" ]; then
- echo >&2 "$0: Updating container CA certificate bundle with site certificate..."
- cp -L "$dev_cert" /usr/local/share/ca-certificates/
- update-ca-certificates
- else
- echo >&2 "$0: No site CA certificate found."
- fi
- echo >&2 "$0: Launching command: $@"
- exec "$@"
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: imagescanner-worker
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- command:
- - "sh"
- - "/opt/site-certificate/wrapper.sh"
- - "/usr/local/bin/imagescanner-worker"
- securityContext:
- privileged: true
- volumeMounts:
- - name: imagescanner-ssh
- mountPath: /root/.ssh
- - name: dev
- mountPath: /dev
- - name: logs
- mountPath: /var/log/imagescanner
- - name: imagescanner-settings
- mountPath: /opt/imagescanner-settings
- - name: site-certificate
- mountPath: /opt/site-certificate
- env:
- - name: PYTHONPATH
- value: /opt/imagescanner-settings
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- - name: SECRET_JENKINS_PASSWORD
- value: ''
- - name: REQUESTS_CA_BUNDLE
- value: /etc/ssl/certs/ca-certificates.crt
-
- - name: notifications-worker
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- command: ["/usr/local/bin/notifications-worker"]
- securityContext:
- privileged: true
- env:
- - name: SLACK_TOKEN
- valueFrom:
- secretKeyRef: {name: slack-tokens, key: notifications}
- - name: DOMAIN
- value: "dev-em.vvp.example.com"
- - name: PYTHONPATH
- value: /opt/imagescanner-settings
- - name: SECRET_JENKINS_PASSWORD
- valueFrom:
- secretKeyRef: {name: em-secret, key: jenkins_admin_password}
- volumeMounts:
- - name: imagescanner-settings
- mountPath: /opt/imagescanner-settings
-
- - name: imagescanner-frontend
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- command: ["/usr/local/bin/imagescanner-frontend"]
- securityContext:
- privileged: true
- ports:
- - containerPort: 80
- volumeMounts:
- - name: logs
- mountPath: /var/log/imagescanner
- - name: imagescanner-settings
- mountPath: /opt/imagescanner-settings
- env:
- - name: DEFAULT_SLACK_CHANNEL
- value: "#notifications"
- - name: SECRET_JENKINS_PASSWORD
- value: ''
-
- volumes:
- - name: imagescanner-ssh
- secret:
- secretName: imagescanner-ssh
- defaultMode: 0600
- - name: dev
- hostPath:
- path: /dev
- - name: logs
- emptyDir: {}
- - name: imagescanner-settings
- configMap:
- name: imagescanner-settings
- - name: site-certificate
- configMap:
- name: site-certificate
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/image-scanner:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort: 80
- portName: web
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: load balancer for internal (container to container) transport
-name: vvp-int-haproxy
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resolvers dns
- nameserver pod_dns "10.3.0.10:53"
- resolve_retries 3
- timeout retry 1s
- hold valid 30s
-
-defaults
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- option httpclose
- option redispatch
- option abortonclose
- option httplog
- option dontlognull
- default-server init-addr last,libc,none
-
-backend gitlab_web_backend
- mode http
- server gitlab_web_1 vvp-gitlab:80 resolvers dns
-
-frontend gitlab_web
- mode http
- bind 0.0.0.0:80
-
- acl is_scanner path_beg /imagescanner
- acl is_em_admin hdr_beg(host) em. staging-em. dev-em.
- acl is_cms hdr_beg(host) cms. staging-cms. dev-cms.
- acl is_ci_admin hdr_beg(host) staging-ci. dev-ci.
- acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3.
-
- use_backend imagescanner if is_em_admin is_scanner
- use_backend cms if is_cms
- use_backend api if is_em_admin
- use_backend ci if is_ci_admin
- use_backend s3 if is_s3
-
- default_backend gitlab_web_backend
-
-backend s3
- mode http
- balance roundrobin
- server ceph-01 10.252.0.21:8080
-
-backend cms
- mode http
- server cms_server vvp-cms-uwsgi:80 resolvers dns
-
-backend api
- mode http
- server engagement_manager vvp-em-uwsgi:80 resolvers dns
-
-backend ci
- mode http
- server ci_test vvp-ci-uwsgi:8282 resolvers dns
-
-listen jenkins
- bind 0.0.0.0:8080
- server jenkins vvp-jenkins:8080 resolvers dns
-
-backend imagescanner
- mode http
- server imagescanner vvp-imagescanner:80 resolvers dns
-
-listen stats
- bind 0.0.0.0:9000
- mode http
- stats enable # Enable stats page
- stats realm Haproxy\ Statistics
- stats uri /haproxy_stats
- stats auth "${HAPROXY_USER}:${HAPROXY_PASS}"
- acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16
- block if !network_allowed
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-cfg
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/int-haproxy-cfg/*").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 8080
- - containerPort: 9000
- env:
- - name: HAPROXY_USER
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: user
- - name: HAPROXY_PASS
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: pass
- volumeMounts:
- - mountPath: /usr/local/etc/haproxy/
- name: int-haproxy-cfg
- volumes:
- - name: int-haproxy-cfg
- configMap:
- name: {{ include "common.fullname" . }}-cfg
- items:
- - key: file
- path: haproxy.cfg
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName1 }}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- - port: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName3 }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: docker.io
-image: haproxy:1.7.2-alpine
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- portName1: web
- internalPort1: 80
- portName2: jenkins
- internalPort2: 8080
- portName3: stats
- internalPort3: 9000
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: run validation tasks
-name: vvp-jenkins
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-kind: Secret
-apiVersion: v1
-metadata:
- name: jenkins-users-admin
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- config.xml: "PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0nVVRGLTgnPz4KPHVzZXI+CiAgPGZ1bGxOYW1lPmFkbWluPC9mdWxsTmFtZT4KICA8ZGVzY3JpcHRpb24+PC9kZXNjcmlwdGlvbj4KICA8cHJvcGVydGllcz4KICAgIDxodWRzb24uc2VjdXJpdHkuSHVkc29uUHJpdmF0ZVNlY3VyaXR5UmVhbG1fLURldGFpbHM+CiAgICAgIDxwYXNzd29yZEhhc2g+I2piY3J5cHQ6JDJhJDEwJERyaXVLdThPcTdpaWhtdi80bzlKOHV6cmg2QlVBaUtuejMuM21EMXBDb2dzUHJnOW42M1pXPC9wYXNzd29yZEhhc2g+CiAgICA8L2h1ZHNvbi5zZWN1cml0eS5IdWRzb25Qcml2YXRlU2VjdXJpdHlSZWFsbV8tRGV0YWlscz4KICA8L3Byb3BlcnRpZXM+CjwvdXNlcj4K"
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: jenkins-ssh
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- # .ssh/config isn't really a secret, but it's the easiest way to get it into
- # the same directory as the key
- config: "SG9zdCAqClVzZXJLbm93bkhvc3RzRmlsZSAvZGV2L251bGwKU3RyaWN0SG9zdEtleUNoZWNraW5nIG5vCklkZW50aXR5RmlsZSAiL3Zhci9qZW5raW5zX2hvbWUvLnNzaC9pZF9lZDI1NTE5Igo="
- id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K"
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- ports:
- - containerPort: 8080
- volumeMounts:
- - name: jenkins-home
- mountPath: /var/jenkins_home
- - name: jenkins-users-admin
- mountPath: /var/jenkins_home/users/admin
- - name: jenkins-ssh
- mountPath: /var/jenkins_home/.ssh
- volumes:
- - name: jenkins-home
- emptyDir: {}
- - name: jenkins-users-admin
- secret:
- secretName: jenkins-users-admin
- - name: jenkins-ssh
- secret:
- secretName: jenkins-ssh
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/jenkins:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- internalPort: 8080
- portName: jenkins
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: store all data of engagement manager
-name: vvp-postgres
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# initdb defaults
-#
-listen_addresses = '*' # what IP address(es) to listen on;
-max_connections = 100 # (change requires restart)
-shared_buffers = 32MB # min 128kB
-datestyle = 'iso, mdy'
-lc_messages = 'en_US.UTF-8' # locale for system error message
-lc_monetary = 'en_US.UTF-8' # locale for monetary formatting
-lc_numeric = 'en_US.UTF-8' # locale for number formatting
-lc_time = 'en_US.UTF-8' # locale for time formatting
-default_text_search_config = 'pg_catalog.english'
-log_line_prefix = 'user=%u,db=%d '
-#
-# our customizations
-#
-dynamic_shared_memory_type = posix
-log_timezone = 'UTC'
-timezone = 'UTC'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# sourced, not executed, by docker-entrypoint.sh (/bin/bash)
-
-# defaults
-: ${ICE_CMS_DB_USER:="icecmsuser"}
-: ${ICE_CMS_DB_NAME:="icecmsdb"}
-: ${ICE_CMS_DB_PASSWORD:="na"}
-
-psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<- EOF
- CREATE USER ${ICE_CMS_DB_USER} WITH CREATEDB PASSWORD '${ICE_CMS_DB_PASSWORD}';
- CREATE DATABASE ${ICE_CMS_DB_NAME} WITH OWNER ${ICE_CMS_DB_USER} ENCODING 'utf-8';
-EOF
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# sourced, not executed, by docker-entrypoint.sh (/bin/bash)
-ln -sf /etc/postgresql/conf.d/postgresql.conf "${PGDATA}"/postgresql.conf
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: postgresql-conf
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/postgres/conf/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: postgresql-initdb
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/postgres/init/*").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- ports:
- - containerPort: 5432
- volumeMounts:
- - mountPath: /var/lib/postgresql/data
- name: postgresql-data
- - mountPath: /etc/postgresql/conf.d/
- name: postgresql-conf
- - mountPath: /docker-entrypoint-initdb.d/
- name: postgresql-initdb
- env:
- - name: POSTGRES_DB
- value: icedb
- - name: ICE_CMS_DB_NAME
- value: icecmsdb
- - name: POSTGRES_USER
- value: em_postgresuser
- - name: ICE_CMS_DB_USER
- value: cms_postgresuser
- - name: ICE_CMS_DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: postgresql-passwords
- key: cmsPassword
- - name: POSTGRES_PASSWORD
- valueFrom:
- secretKeyRef:
- name: postgresql-passwords
- key: emPassword
- volumes:
- - name: postgresql-data
- emptyDir: {}
- - name: postgresql-conf
- configMap:
- name: postgresql-conf
- - name: postgresql-initdb
- configMap:
- name: postgresql-initdb
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/postgresql:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- name: vvp-postgres
- portName: vvp-postgres
- internalPort: 5432
- externalPort: 5432
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: in memory key-value store for all project
-name: vvp-redis
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- name: {{ include "common.name" . }}
- spec:
- hostname: {{ include "common.name" . }}
- containers:
- - args:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- name: {{ include "common.name" . }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: docker.io
-image: redis:alpine
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- name: vvp-redis
- portName: vvp-redis
- internalPort: 6379
- externalPort: 6379
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{
- "serviceProvider": {
- "name": "NA"
- },
- "program": {
- "name": "VVP"
- }
-}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portal-nginx-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/vvp/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: onapkey
-data:
- .dockercfg: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOiB7InVzZXJuYW1lIjogImRvY2tlciIsICJwYXNzd29yZCI6ICJkb2NrZXIiLCAiZW1haWwiOiAiZW1haWxAZW1haWwuY29tIn19
-type: kubernetes.io/dockercfg
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: em-secret
-type: Opaque
-data:
- key: "IzkxZV9fdzNrPTc4MUB5KGVfIzZodTZ0JmgyNTQjdSkmYmorbTl0aHglayE2XiowNnI="
- em_webhook_token: "QWlwN29oeDFlaUhhZXNob2g5c2hhaWx1OWVleDd0aGE="
- gitlab_admin_password: "YW82aWo2d29oV2VpcXU0ZQ=="
- jenkins_admin_password: "a29peWVCYWlUaDNrYWlOZw=="
- cms_app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ=="
- cms_app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU="
- slack_api_token: ""
- aws_access_key_id: "MlpCMTlVOUQ4SzZYVkpHNzVWWDA="
- aws_secret_access_key: "N3hWV2Vxc0xJb3RLT3VhMHh2aGFwSXNDdDFWVTB4Nk0yRTRmVFJLTw=="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: email-secret
-type: Opaque
-data:
- password: "RVhBTVBMRQ=="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: site-crt
-type: Opaque
-data:
- # the public part of the certificate, not actually a secret.
- site.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=="
----
-piVersion: v1
-kind: Secret
-metadata:
- name: postgresql-passwords
-type: Opaque
-data:
- emPassword: "ZW1fcG9zdGdyZXNwYXNz"
- cmsPassword: "Y21zX3Bvc3RncmVzcGFzcw=="
- ciPassword: "Y2lkYnBhc3M="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: site-pem
-type: Opaque
-data:
- site.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgotLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0KTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDa3ZOR1hlK2Jkdkwyawp2clAyTDNXQUJ0MldDRm9aMlBuOFB4MGVFc1JpSkhWRDBlV3pyZ0pZSEZKdTBDMGNLOU5ZU0t4VlZJOExuS0g3Ck55NU1GZk00VHF5cjNVRU9McytmU3dhQXFNNXRTeVpVL3RFS3JhY3RBN2JpOWZEazJsa2NzK0xMdVpNcUdQWjMKN1VaY1p3c1VRMEJPTkhQNjY4THFrV3FUOWhOTElONGVqSW5yMzJXQTNZN2hQTmQ4Q2orQWFMdDF4MmNYWXppOQpockU1bDNoOW9ma09wWHNnRHplSUhscDRqSjZrWFhRZjhVTTUxdmlxYTJDV1hIQkhFRys1ZWZ0TFNhZUU2TEFsCk50NUlKNkxjV0VaZ050WHIyZXM0TEpDM0ZqWHJ2MGdjMDRDcFUyT2ZpenBiaFQxMWNMR2FlWE9xMWNVQ1hOSWIKNEZjSkFwb1hBZ01CQUFFQ2dnRUFmaXVua3cvd2FBK3daOGN2YWZRN1dBenFGWWpjQ1VQbllzeXI3bWFOUm1XSgo4cUdGL2pIZDFjSUxXSmZVbE9qeiszL2RqWlV2NGNMYlJONmtkTjJ5NUlOTk9HeEM4U3ZsRkttUGwyYXlnMzYxCkl3L3U1dkROUTJxKzNlRmoyTU5xME5MdGR2N3d1YU5ZMGMxR3dHcWpUNmVhVHN0WnNPcDA1TmJ1KzlmU093ejgKcHJFOUVxU2FpbHBjMFpIMDNUb0JDY1ZpTFBRN0RDeWkzd0QvTHFaWXlqbnNKdnBWVjFGV2paTWRNQjVCTHlQNQp2Wkg5Qk1iQ0Eva2YrUDVYVjBtUU9rcWk3OVN0bEhHc21id3A5YzVEUnZiUHZ3TWdsdUpqVDRRNXZldXNtY1ozClF4ZGpXVVpLeXZUU2w2QmFVV0tmSkxhMGhPWHR1UXB5VHhhMDY3S1RNUUtCZ1FEU2tTUXM4aGhnYVhMQVJDMWUKcWwxK29ZNVNjckxVb3dBbHJoNXYxRjlzcTAyNEkrRXRPa3dUZHZkbDNTQjg0bmhyRDVZQ2JhcXlWRi9uNFRaQQpoMnZkUHVsZ3pOT0FPQUh5bjQyanpuQm5kcWtqaXQrdUhOUVBWVjA3bzVwaDk1N05DT25XNFFPZ01IeFhrbDRzCllROTlVYkJmTmdwTC9PY0NUOWhFbnl3d3pRS0JnUURJU0QvV2poMFZ3Nmd0VXlUcjFUMlQ0S3FzS09HTXNIZ1gKbWVqRkJnQVpoeTNSQTRxSnBLWkdPOWUyK0VvMWRSN1ErVjIzOXhaVy9WdEZDcmdLYUNENm9EWFFQM0grcC93VgpvRXozbDJoMWRrSmxYSVd1Z1ZUY05uOGNHeU1TUi9BMUEycFVQNkMwRTJqSTFXWURpT2VQdnFSVTZpczE4dGYwCkNwMjdnNU5tY3dLQmdGSEUvMUZjNms1MlpKTjVaa3oreDdQbk5RZWJkd3JRQ2J5WU0wV21LVEJnRFp4V2dwazMKckZkYXVaUWJIUVNpUmJUOXBubG04UVN6YzFMdXlFeWl5aVp1eWQ1SGJGSzhiVFUwOUtJS0J1aUcwZ1AxYUF1TApNbWFKOWR5MUdieTFsanQxSEtuUFU4TWZVUW9JMHYxVTY5ajBvaE0zUHlSbkg2WnNMMFhtc2hoNUFvR0FZT0tLCmR5a0NLdUFlUCtiRHFvM2FIdW9FeGdsMHFwRkhWdXR1TGJrc1hTMEdYZURmcUp3TWoxY3RqK1ptUjV2amoyWEMKRDFjbzZHWGhPL0htZTZwSm9kUFVsR3ZNb2tyeTZDZEdkRk03QmU5eVNRUkw2dEhIa2t1T2k3TVk4U1A1c0R0NQp1VTJhV09JMncwaHY4Ky9MVEw4RlVjcUJvclJhQVVVTmJvTkV6NzhDZ1lFQXF0bXI0YmJYeWRnNFpFckY5c2ZWCkh4NUhZdDQweU1QajJrR3hSWm9uQXYvaXBwaHpCNFRXZmZFckdCNlgvdzNnUWpla2Z6S2pFNU5rSGVvMytEQisKbzFqc1BySXhrcFlYSzAydlNWN3RZdnlaczBBWGlGcm5sZFBkSzlhNHRtWHhhZEQwZm1OSkxmU0hwd0tVNXdQagpOR2UzUG5rT1pMUlQ4MHVPWkVpMUx4Zz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: haproxy-auth
-type: Opaque
-data:
- user: "aGFwcm94eXVzZXI="
- pass: "aGFwcm94eXBhc3M="
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- volumeMounts:
- - mountPath: /tmp/
- name: portal-nginx-config
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- command: ["nginx", "-g", "daemon off;", "-c", "/tmp/nginx.conf"]
- volumes:
- - name: portal-nginx-config
- configMap:
- name: portal-nginx-config
- items:
- - key: file
- path: nginx.conf
- - key: service_provider.json
- path: service_provider.json
- imagePullSecrets:
- - name: onapkey
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/portal:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort: 8181
- externalPort: 8181
-
-ingress:
- enabled: false