+# Unit tests
+__snapshot__
+
# Application
kubernetes/config/onap-parameters.yaml
kubernetes/dist/*
# Mac OS
*DS_Store*
-
> sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
-**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override
-file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the
-OpenStack tenant information.
+**Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override
+file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment
+with items like the OpenStack tenant information.
.. note::
- Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in
- the oom/kubernetes/onap/resources/overrides/ directory.
+ Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in
+ the `oom/kubernetes/onap/resources/overrides/` directory.
a. You may want to selectively enable or disable ONAP components by changing
- the `enabled: true/false` flags.
+ the ``enabled: true/false`` flags.
- b. Encyrpt the OpenStack password using the shell tool for robot and put it in
- the robot helm charts or robot section of openstack.yaml
+ b. Encrypt the OpenStack password using the shell tool for robot and put it in
+ the robot helm charts or robot section of `openstack.yaml`
c. Encrypt the OpenStack password using the java based script for SO helm charts
- or SO section of openstack.yaml.
+ or SO section of `openstack.yaml`.
d. Update the OpenStack parameters that will be used by robot, SO and APPC helm
Here is an example of the nominal entries that need to be provided.
We have different values file available for different contexts.
-.. literalinclude:: onap-values.yaml
+.. literalinclude:: ../kubernetes/onap/values.yaml
:language: yaml
openssl algorithm that works with the python based Robot Framework.
.. note::
- To generate ROBOT openStackEncryptedPasswordHere :
+ To generate ROBOT ``openStackEncryptedPasswordHere``::
- ``cd so/resources/config/mso/``
-
- ``/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
+ cd so/resources/config/mso/
+ /oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
c. Generating SO Encrypted Password:
The SO Encrypted Password uses a java based encryption utility since the
ROBOT uses in Dublin.
.. note::
- To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword:
-
- SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
-
- OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
-
- git clone http://gerrit.onap.org/r/integration
+ To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword``
+ ensure `default-jdk` is installed::
- cd integration/deployment/heat/onap-rke/scripts
+ apt-get update; apt-get install default-jdk
+ Then execute::
- javac Crypto.java
+ SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
+ OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
- [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ]
-
- java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
+ git clone http://gerrit.onap.org/r/integration
+ cd integration/deployment/heat/onap-rke/scripts
+ javac Crypto.java
+ java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
d. Update the OpenStack parameters:
automation that can help confirm the setup is correct, please observe the following
constraints.
-openStackPublicNetId:
-
-This network should allow heat templates to add interfaces.
-This need not be an external network, floating IPs can be assigned to the ports on
-the VMs that are created by the heat template but its important that neutron allow
-ports to be created on them.
-
-openStackPrivateNetCidr: "10.0.0.0/16"
+``openStackPublicNetId:``
+ This network should allow heat templates to add interfaces.
+ This need not be an external network, floating IPs can be assigned to the ports on
+ the VMs that are created by the heat template but its important that neutron allow
+ ports to be created on them.
-This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
-The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
-demonstration ip addressing plan embodied in the preload template prevent conflicts when
-instantiating the various VNFs. If you need to change this, you will need to modify the preload
-data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
-in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
-to create.
+``openStackPrivateNetCidr: "10.0.0.0/16"``
+ This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
+ The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
+ demonstration ip addressing plan embodied in the preload template prevent conflicts when
+ instantiating the various VNFs. If you need to change this, you will need to modify the preload
+ data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
+ in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
+ to create.
-openStackOamNetworkCidrPrefix: "10.0"
-
-This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
-robot scripts for demonstration. A production deployment need not worry about this
-setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
+``openStackOamNetworkCidrPrefix: "10.0"``
+ This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
+ robot scripts for demonstration. A production deployment need not worry about this
+ setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
Example Keystone v2.0
+
.. literalinclude:: example-integration-override.yaml
:language: yaml
Example Keystone v3 (required for Rocky and later releases)
+
.. literalinclude:: example-integration-override-v3.yaml
:language: yaml
.. literalinclude:: helm-search.txt
.. note::
- The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository.
+ The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository.
**Step 8.** Once the repo is setup, installation of ONAP can be done with a
single command
.. note::
- The --timeout 900 is currently required in Dublin to address long running initialization tasks
+ The ``--timeout 900`` is currently required in Dublin to address long running initialization tasks
for DMaaP and SO. Without this timeout value both applications may fail to deploy.
To deploy all ONAP applications use this command::
All override files may be customized (or replaced by other overrides) as per needs.
-onap-all.yaml
-
+`onap-all.yaml`
Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file.
-environment.yaml
-
+`environment.yaml`
Includes configuration values specific to the deployment environment.
Example: adapt readiness and liveness timers to the level of performance of your infrastructure
-openstack.yaml
-
+`openstack.yaml`
Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests.
**Step 9.** Verify ONAP installation
.. note::
While all pods may be in a Running state, it is not a guarantee that all components are running fine.
- Launch the healthcheck tests using Robot to verify that the components are healthy.
+ Launch the healthcheck tests using Robot to verify that the components are healthy::
- > ~/oom/kubernetes/robot/ete-k8s.sh onap health
+ > ~/oom/kubernetes/robot/ete-k8s.sh onap health
-**Step 10.** Undeploy ONAP
+**Step 10.** Undeploy ONAP::
-> helm undeploy dev --purge
+ > helm undeploy dev --purge
More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
The top level onap/values.yaml file contains the values required to be set
before deploying ONAP. Here is the contents of this file:
-.. include:: onap_values.yaml
+.. include:: ../kubernetes/onap/values.yaml
:code: yaml
One may wish to create a value file that is specific to a given deployment such
echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log"
java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log &
+echo "Starting dmaap-event-service jar, logging to ${APPC_HOME}/dmaap-event-service/jar.log"
+java -jar -Dorg_onap_appc_bootstrap_path=/opt/onap/appc/data/properties -Dorg_onap_appc_bootstrap_file=appc.properties ${APPC_HOME}/dmaap-event-service/dmaap-event-service.jar > ${APPC_HOME}/dmaap-event-service/jar.log &
+
echo "Adding a property system.properties for AAF cadi.properties location"
echo "" >> ${ODL_HOME}/etc/system.properties
echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties
# Properties used by EventSenderDmaapImpl.java
DCAE.dmaap.event.topic.write=EventSenderTest
-DCAE.dmaap.appc.username=test
-DCAE.dmaap.appc.password=test
-DCAE.dmaap.event.pool.members=message-router.{{.Release.Namespace}}:3904
+DCAE.dmaap.event.username=test
+DCAE.dmaap.event.password=test
+DCAE.dmaap.event.poolMembers=message-router.{{.Release.Namespace}}:3904
#OAM Listener
appc.OAM.disabled=true
appc.OAM.provider.pass={{.Values.config.odlPassword}}
appc.asdc.env={{.Values.config.dmaapTopicEnv}}
+
+#Properties for communication between appc dmaap microservice and appc
+appc.srvcomm.messaging.username={{.Values.config.dmaapServiceUser}}
+appc.srvcomm.messaging.password={{.Values.config.dmaapServicePassword}}
+appc.srvcomm.messaging.url={{.Values.config.dmaapServiceUrl}}
openStackUserName: admin
openStackEncryptedPassword: enc:LDEbHEAvTF1R
odlUser: admin
+ dmaapServiceUrl: http://localhost:8080/publish
+ dmaapServiceUser: appc
+ dmaapServicePassword: onapappc
appc-ansible-server:
service:
value: {{ .Values.config.api.controller.http.baseUrl }}
- name: API_BLUEPRINT_CONTROLLER_HTTP_AUTH_TOKEN
value: {{ .Values.config.api.controller.http.authToken }}
- - name: API_BLUEPRINT_PROCESSOR_HHTP_BASE_URL
+ - name: API_BLUEPRINT_PROCESSOR_HTTP_BASE_URL
value: {{ .Values.config.api.processor.http.baseUrl }}
- name: API_BLUEPRINT_PROCESSOR_HTTP_AUTH_TOKEN
value: {{ .Values.config.api.processor.http.authToken }}
api:
controller:
http:
- baseUrl: http://cds-controller-blueprints:8080/api/v1
+ baseUrl: http://cds-blueprints-processor-http:8081/api/v1
authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
processor:
http:
--- /dev/null
+{{/*
+# Copyright © 2019 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Resolve the master password to be used to derive other passwords. The value of
+ .Values.masterPassword is used by default, unless either override mechanism is
+ used:
+
+ - .Values.global.masterPassword : override default master password for all charts
+ - .Values.masterPasswordOverride : override global and default masterPassword on a per chart basis
+*/}}
+{{- define "common.masterPassword" -}}
+ {{ if .Values.masterPasswordOverride }}
+ {{- printf "%d" .Values.masterPasswordOverride -}}
+ {{ else if .Values.global.masterPassword }}
+ {{- printf "%d" .Values.global.masterPassword -}}
+ {{ else if .Values.masterPassword }}
+ {{- printf "%d" .Values.masterPassword -}}
+ {{ else }}
+ {{ fail "masterPassword not provided" }}
+ {{ end }}
+{{- end -}}
+
+{{/*
+ Generate a new password based on masterPassword. The new password is not
+ random, it is derived from masterPassword, fully qualified chart name and
+ additional uid provided by the user. This ensures that every time when we
+ run this function from the same place, with the same password and uid we
+ get the same results. This allows to avoid password changes while you are
+ doing upgrade.
+
+ The function can take from one to three arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .uid : unique identifier of password to be generated within this particular chart. Use only when you create more than a single password within one chart
+ - .strength : complexity of derived password. See derivePassword documentation for more details
+
+ Example calls:
+
+ {{ include "common.createPassword" . }}
+ {{ include "common.createPassword" (dict "dot" . "uid" "mysqlRootPasswd") }}
+
+*/}}
+{{- define "common.createPassword" -}}
+ {{- $dot := default . .dot -}}
+ {{- $uid := default "onap" .uid -}}
+ {{- $strength := default "long" .strength -}}
+ {{- $mp := include "common.masterPassword" $dot -}}
+ {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Choose the name of the mariadb service to use.
+*/}}
+{{- define "common.mariadbService" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{- index .Values "mariadb-galera" "service" "name" -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.service -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of mariadb port to use.
+*/}}
+{{- define "common.mariadbPort" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{- index .Values "mariadb-galera" "service" "internalPort" -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.internalPort -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of secret to retrieve user value.
+*/}}
+{{- define "common.mariadbSecret" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{ printf "%s-%s" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}}
+ {{- else -}}
+ {{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of secret param to retrieve user value.
+*/}}
+{{- define "common.mariadbSecretParam" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{ printf "user-password" -}}
+ {{- else -}}
+ {{ printf "db-user-password" -}}
+ {{- end -}}
+{{- end -}}
{{- define "common.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+
+{{/*
+ Retrieve the "original" release from the component release:
+ if ONAP is deploy with "helm deploy --name toto", then cassandra components
+ will have "toto-cassandra" as release name.
+ this function would answer back "toto".
+*/}}
+{{- define "common.release" -}}
+ {{- regexReplaceAll "-[a-zA-Z0-9]*$" .Release.Name "" }}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Expand the name of the storage class.
+ The value "common.fullname"-data is used by default,
+ unless either override mechanism is used.
+
+ - .Values.global.persistence.storageClass : override default storageClass for all charts
+ - .Values.persistence.storageClassOverride : override global and default storage class on a per chart basis
+ - .Values.persistence.storageClass : override default storage class on a per chart basis
+*/}}
+{{- define "common.storageClass" -}}
+ {{- if .Values.persistence.storageClassOverride -}}
+ {{- if ne "-" .Values.persistence.storageClassOverride -}}
+ {{- printf "%s" .Values.persistence.storageClassOverride -}}
+ {{- else -}}
+ {{- $storage_class := "" -}}
+ {{- printf "%q" $storage_class -}}
+ {{- end -}}
+ {{- else -}}
+ {{- if or .Values.persistence.storageClass .Values.global.persistence.storageClass }}
+ {{- if ne "-" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}}
+ {{- printf "%s" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}}
+ {{- else -}}
+ {{- $storage_class := "" -}}
+ {{- printf "%q" $storage_class -}}
+ {{- end -}}
+ {{- else -}}
+ {{- printf "%s-data" (include "common.fullname" .) -}}
+ {{- end -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Calculate if we need a PV. If a storageClass is provided, then we don't need.
+*/}}
+{{- define "common.needPV" -}}
+{{- if or (or .Values.persistence.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}}
+ False
+{{- else -}}
+ True
+{{- end -}}
+{{- end -}}
.project
.idea/
*.tmproj
+
+# Unit tests folder
+tests
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-confd
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
----
{{- if .Values.externalConfig }}
apiVersion: v1
kind: ConfigMap
data:
my_extra.cnf: |
{{ .Values.externalConfig | indent 4 }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
{{- $global := . }}
-{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}}
-{{- range $i, $t := until (int $global.Values.replicaCount)}}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" $global }}-data{{$i}}
+ name: {{ include "common.fullname" $global }}-data-{{$i}}
namespace: {{ include "common.namespace" $global }}
labels:
app: {{ include "common.fullname" $global }}
persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}}
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
---
{{- end -}}
{{- end -}}
+{{- end -}}
+{{- end -}}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
- storageClassName: {{ include "common.fullname" . }}-data
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
{{- end }}
--- /dev/null
+---
+suite: test pv behavior
+templates:
+ - pv.yaml
+tests:
+ - it: 'should render "" (global case))'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+
+ - it: 'should "" (override case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ persistence.storageClassOverride: "-"
+ asserts:
+ - isEmpty:
+
+ - it: 'should "" (local case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+
+ - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname'
+ asserts:
+ - equal:
+ path: spec.storageClassName
+ value: "RELEASE-NAME-mariadb-galera-data"
--- /dev/null
+---
+suite: test storage class behavior
+templates:
+ - statefulset.yaml
+tests:
+ - it: 'should render "" as storageClassname (global case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+
+ - it: 'should "" as storageClassname (override case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ persistence.storageClassOverride: "-"
+ asserts:
+ - isEmpty:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+
+ - it: 'should "" as storageClassname (local case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+
+ - it: 'should render "global" as storageClassname'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "global"
+
+ - it: 'should render "local" as storageClassname'
+ values:
+ - ./values/persistence.yaml
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "local"
+
+ - it: 'should render "override" as storageClassname'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ persistence.storageClassOverride: "override"
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "override"
+
+ - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname'
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "RELEASE-NAME-mariadb-galera-data"
--- /dev/null
+---
+persistence:
+ enabled: true
+ existingClaim: false
+ size: 10Gb
+ storageClass: "local"
#repository: mysql
repository: nexus3.onap.org:10001
image: adfinissygroup/k8s-mariadb-galera-centos:v002
-backupImage: library/mariadb:10.1.38
+backupImage: library/mariadb:10.1.38
imageInit: busybox
pullPolicy: IfNotPresent
mountSubPath: "mariadb-galera/data"
mysqlPath: /var/lib/mysql
backup:
- mountPath: /dockerdata-nfs/backup
+ mountPath: /dockerdata-nfs/backup{{- if or (or .Values.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}}
service:
internalPort: 3306
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+
+tests
-# Copyright (c) 2019 Lenovo
+# Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: ONAP multicloud OpenStack Lenovo Plugin
-name: multicloud-lenovo
+description: Chart for MariaDB Galera init job
+name: mariadb-init
version: 5.0.0
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~5.x-0
+ repository: 'file://../common'
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+echo "Creating database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}..."
+
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ .Values.config.userName }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ .Values.config.mysqlDatabase }}"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ .Values.config.mysqlDatabase }}.* TO '{{ .Values.config.userName }}'@'%'"
+
+echo "Created database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}."
+
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases -}}
+echo "Creating database {{ $db }} and user {{ $dbInfos.user }}..."
+
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ $dbInfos.user }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_{{ $db | upper }}}'"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ $db }}"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ $db }}.* TO '{{ $dbInfos.user }}'@'%'"
+
+echo "Created database {{ $db }} and user {{ $dbInfos.user }}."
+{{ end }}
--- /dev/null
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Choose the name of the configmap to use.
+*/}}
+{{- define "mariadbInit.configMap" -}}
+ {{- if (eq "default" .Values.config.config_map) -}}
+ {{- include "common.fullname" . -}}
+ {{- else -}}
+ {{- printf "%s-%s" (include "common.release" .) .Values.config.config_map -}}
+ {{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Choose the name of the mariadb secret to use.
+*/}}
+{{- define "mariadbInit.mariadbClusterSecret" -}}
+ {{- if (eq "default" .Values.global.mariadbGalera.userRootSecret) -}}
+ {{- printf "%s-mariadb-galera-%s" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.userRootSecret -}}
+ {{- end -}}
+{{- end -}}
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Orange
# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# limitations under the License.
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-secret
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-type: Opaque
data:
- db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }}
- db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }}
-
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-config-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.global.mariadbGalera.nameOverride }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - bash
+ - /db_init/db_init.sh
+ env:
+ - name: DB_HOST
+ value: "{{ .Values.global.mariadbGalera.nameOverride }}"
+ - name: DB_PORT
+ value: "{{ .Values.global.mariadbGalera.servicePort }}"
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mariadbInit.mariadbClusterSecret" . }}
+ key: {{ .Values.global.mariadbGalera.userRootSecretKey }}
+ - name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
+{{- $root := . }}
+{{ range $db, $_value := .Values.config.mysqlAdditionalDatabases }}
+ - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" $root }}-secret
+ key: {{ printf "db-%s-user-password" $db }}
+{{ end }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - name: mariadb-conf
+ mountPath: /db_init/
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: mariadb-conf
+ configMap:
+ name: {{ include "mariadbInit.configMap" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ db-user-password: {{ index .Values.config.userPassword | b64enc | quote }}
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
+ {{ printf "db-%s-user-password" $db}}: {{ $dbInfos.password | b64enc | quote }}
+{{ end }}
--- /dev/null
+---
+suite: test configmap behavior
+templates:
+ - configmap.yaml
+tests:
+ - it: "should render with default value"
+ asserts:
+ - isKind:
+ of: ConfigMap
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-mariadb-init
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init
+ - equal:
+ path: data
+ value:
+ db_init.sh: |
+ #!/bin/sh
+ # Copyright © 2019 Orange
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ echo "Creating database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE DATABASE IF NOT EXISTS ynsaUCru6mUNwGal;
+ GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'%';
+ GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'localhost';
+ EOF
+
+ echo "Created database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF."
+ - it: "shoud render with other databases"
+ set:
+ config:
+ userName: testUser
+ mysqlDatabase: testDB
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - equal:
+ path: data
+ value:
+ db_init.sh: |
+ #!/bin/sh
+ # Copyright © 2019 Orange
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ echo "Creating database testDB and user testUser..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'testUser'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE OR REPLACE USER 'testUser'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE DATABASE IF NOT EXISTS testDB;
+ GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'%';
+ GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'localhost';
+ EOF
+
+ echo "Created database testDB and user testUser."
+
+ echo "Creating database dbOne and user one..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'one'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}';
+ CREATE OR REPLACE USER 'one'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}';
+ CREATE DATABASE IF NOT EXISTS dbOne;
+ GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'%';
+ GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'localhost';
+ EOF
+
+ echo "Created database dbOne and user one."
+ echo "Creating database dbTwo and user two..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'two'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}';
+ CREATE OR REPLACE USER 'two'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}';
+ CREATE DATABASE IF NOT EXISTS dbTwo;
+ GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'%';
+ GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'localhost';
+ EOF
+
+ echo "Created database dbTwo and user two."
--- /dev/null
+---
+suite: test job behavior
+templates:
+ - job.yaml
+tests:
+ - it: "should render with default value (global)"
+ asserts:
+ - isKind:
+ of: Job
+ - matchRegex:
+ path: metadata.name
+ pattern: -mariadb-init-config-job$
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: mariadb-init
+ - matchRegex:
+ path: spec.template.metadata.name
+ pattern: mariadb-init
+ - isNull:
+ path: spec.template.spec.nodeSelector
+ - isNull:
+ path: spec.template.spec.affinity
+ - it: "should render with default value (init container)"
+ asserts:
+ - matchRegex:
+ path: spec.template.spec.initContainers[0].name
+ pattern: mariadb-init-readiness
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: mariadb-galera
+ - equal:
+ path: spec.template.spec.initContainers[0].image
+ value: oomk8s/readiness-check:2.0.2
+ - equal:
+ path: spec.template.spec.initContainers[0].imagePullPolicy
+ value: IfNotPresent
+ - it: "should render with default value (container)"
+ asserts:
+ - matchRegex:
+ path: spec.template.spec.containers[0].name
+ pattern: mariadb-init
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: nexus3.onap.org:10001/mariadb:10.1.38
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: IfNotPresent
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: mariadb-galera
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "3306"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-galera-mariadb-galera
+ key: db-root-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].volumeMounts
+ content:
+ name: mariadb-conf
+ mountPath: /db_init/
+ readOnly: true
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 100m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 500Mbi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 10m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 10Mbi
+ - it: "should render with default value (volumes)"
+ asserts:
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-mariadb-init
+
+ - it: "should render with nameOverride set"
+ set:
+ nameOverride: myJob
+ asserts:
+ - matchRegex:
+ path: metadata.name
+ pattern: -myJob-config-job$
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.metadata.name
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.spec.initContainers[0].name
+ pattern: myJob-readiness
+ - matchRegex:
+ path: spec.template.spec.containers[0].name
+ pattern: myJob
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ # replicating name from mariadb galera cluster, kind of hardcoded...
+ name: RELEASE-NAME-myJob-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myJob
+
+ - it: "should render with configmap set"
+ set:
+ config:
+ config_map: myCM
+ asserts:
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myCM
+
+ - it: "should render with mariadbGalera changes"
+ set:
+ global:
+ mariadbGalera:
+ nameOverride: myMaria
+ servicePort: 545
+ asserts:
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "545"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-galera-myMaria
+ key: db-root-password
+
+ - it: "should render with full mariadbGalera changes"
+ set:
+ global:
+ mariadbGalera:
+ nameOverride: myMaria
+ servicePort: 545
+ userRootSecret: galera-secret
+ userRootSecretKey: root-password
+ asserts:
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "545"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: galera-secret
+ key: root-password
+
+ - it: "should set the right nodeSelector"
+ set:
+ nodeSelector:
+ disktype: ssd
+ asserts:
+ - equal:
+ path: spec.template.spec.nodeSelector.disktype
+ value: ssd
+
+ - it: "should set the right affinity"
+ set:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
+ asserts:
+ - equal:
+ path: spec.template.spec.affinity
+ value:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
+ - it: "should use large flavor"
+ set:
+ flavor: large
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 200m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 500Mbi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 20m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 20Mbi
+ - it: "should use unlimited flavor"
+ set:
+ flavor: unlimited
+ asserts:
+ - isEmpty:
+ path: spec.template.spec.containers[0].resources
+ - it: "shoud render with other databases"
+ set:
+ config:
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD_DBONE
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-dbOne-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD_DBTWO
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-dbTwo-user-password
--- /dev/null
+---
+suite: test secret behavior
+templates:
+ - secret.yaml
+tests:
+ - it: "should render with default values"
+ asserts:
+ - isKind:
+ of: Secret
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-mariadb-init
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init-config-job
+ - equal:
+ path: data.db-user-password
+ value: Q2lAc2hzT2QzcGt5MVZqaQ==
+ - it: "should render specific password value base64 encoded"
+ set:
+ config:
+ userPassword: yolo
+ asserts:
+ - equal:
+ path: data.db-user-password
+ value: eW9sbw==
+ - it: "shoud render with other databases"
+ set:
+ config:
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - equal:
+ path: data.db-user-password
+ value: Q2lAc2hzT2QzcGt5MVZqaQ==
+ - equal:
+ path: data.db-dbOne-user-password
+ value: cHdkMQ==
+ - equal:
+ path: data.db-dbTwo-user-password
+ value: cHdkMg==
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ repository: nexus3.onap.org:10001
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ mariadbGalera:
+ nameOverride: mariadb-galera
+ servicePort: 3306
+ # set these two values if you want to access an 'out of ONAP' mariadb
+ userRootSecret: default
+ userRootSecretKey: db-root-password
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+image: mariadb:10.1.38
+pullPolicy: IfNotPresent
+
+# Set it if you want to change the name of the different components
+# nameOverride:
+
+config:
+ userPassword: Ci@shsOd3pky1Vji
+ userName: u5WZ1GMSIS1wHZF
+ mysqlDatabase: ynsaUCru6mUNwGal
+ mysqlAdditionalDatabases: {}
+ # add addtional dabases
+ # this is an dict
+ # Example:
+ # mysqlAdditionalDatabases:
+ # dbOne:
+ # user: one
+ # password: pwd1
+ # dbTwo:
+ # user: two
+ # password: pwd2
+ config_map: default
+
+nodeSelector: {}
+
+affinity: {}
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 100m
+ memory: 500Mi
+ requests:
+ cpu: 10m
+ memory: 10Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 500Mi
+ requests:
+ cpu: 20m
+ memory: 20Mi
+ unlimited: {}
apiVersion: v1
description: ONAP DCAE Gen2
name: dcaegen2
-version: 5.0.0
+version: 6.0.0
+# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard
make-dcae-bootstrap:
- cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
+ cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
make-dcae-cloudify-manager:
- cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
+ cd components && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
make-dcae-config-binding-service:
- cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
+ cd components && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
make-dcae-healthcheck:
- cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
+ cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
make-dcae-redis:
- cd charts && helm dep up dcae-redis && helm lint dcae-redis
+ cd components && helm dep up dcae-redis && helm lint dcae-redis
make-dcae-servicechange-handler:
- cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
+ cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
make-dcae-inventory-api:
- cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
+ cd components && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
make-dcae-deployment-handler:
- cd charts && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler
+ cd components && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler
make-dcae-policy-handler:
- cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
+ cd components && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
make-dcae-dashboard:
- cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard
+ cd components && helm dep up dcae-dashboard && helm lint dcae-dashboard
+
+clean:
+ @find . -type f -name '*.tgz' -delete
+ @find . -type f -name '*.lock' -delete
apiVersion: v1
description: ONAP DCAE Bootstrap
name: dcae-bootstrap
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Cloudify Manager
name: dcae-cloudify-manager
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Config Binding Service
name: dcae-config-binding-service
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
appVersion: "1.0"
description: DCAE Dashboard
name: dcae-dashboard
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Deployment Handler
name: dcae-deployment-handler
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Health Check
name: dcae-healthcheck
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Inventory API Service
name: dcae-inventory-api
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Policy Handler
name: dcae-policy-handler
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Redis
name: dcae-redis
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Service Change Handler
name: dcae-servicechange-handler
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
- name: common
version: ~5.x-0
repository: '@local'
+ - name: dcae-bootstrap
+ version: ~6.x-0
+ repository: 'file://components/dcae-bootstrap'
+ condition: dcae-bootstrap.enabled
+ - name: dcae-cloudify-manager
+ version: ~6.x-0
+ repository: 'file://components/dcae-cloudify-manager'
+ condition: dcae-cloudify-manager.enabled
+ - name: dcae-config-binding-service
+ version: ~6.x-0
+ repository: 'file://components/dcae-config-binding-service'
+ condition: dcae-config-binding-service.enabled
+ - name: dcae-healthcheck
+ version: ~6.x-0
+ repository: 'file://components/dcae-healthcheck'
+ condition: dcae-healthcheck.enabled
+ - name: dcae-redis
+ version: ~6.x-0
+ repository: 'file://components/dcae-redis'
+ condition: dcae-redis.enabled
+ - name: dcae-servicechange-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-servicechange-handler'
+ condition: dcae-servicechange-handler.enabled
+ - name: dcae-inventory-api
+ version: ~6.x-0
+ repository: 'file://components/dcae-inventory-api'
+ condition: dcae-inventory-api.enabled
+ - name: dcae-deployment-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-deployment-handler'
+ condition: dcae-deployment-handler.enabled
+ - name: dcae-policy-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-policy-handler'
+ condition: dcae-policy-handler.enabled
+ - name: dcae-dashboard
+ version: ~6.x-0
+ repository: 'file://components/dcae-dashboard'
+ condition: dcae-dashboard.enabled
+
periodSeconds: 10
service:
- type: NodePort
+ type: ClusterIP
name: msb-consul
externalPort: 8500
internalPort: 8500
periodSeconds: 10
service:
- type: NodePort
+ type: ClusterIP
name: msb-discovery
externalPort: 10081
internalPort: 10081
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPortHttps }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }}
name: https-{{ .Values.service.name }}
name: msb-eag
externalPort: 80
internalPort: 80
- nodePort: 82
externalPortHttps: 443
internalPortHttps: 443
nodePortHttps: 84
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPortHttps }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }}
name: https-{{ .Values.service.name }}
+++ /dev/null
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
+++ /dev/null
-# Copyright (c) 2019 Lenovo Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-version: 1
-disable_existing_loggers: False
-
-loggers:
- thinkcloud:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
- newton_base:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
- common:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
-
-handlers:
- thinkcloud_handler:
- level: "DEBUG"
- class: "logging.handlers.RotatingFileHandler"
- filename: "/var/log/onap/multicloud/openstack/lenovo/thinkcloud.log"
- formatter: "mdcFormat"
- maxBytes: 1024*1024*50
- backupCount: 10
-
-formatters:
- standard:
- format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
- mdcFormat:
- format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
- mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
- datefmt: "%Y-%m-%d %H:%M:%S"
- (): onaplogging.mdcformatter.MDCFormatter
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-log-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- name: {{ include "common.name" . }}
- annotations:
- sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
- spec:
- containers:
- - env:
- - name: MSB_ADDR
- value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- - name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
- - name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
- - name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
- - name: AAI_SCHEMA_VERSION
- value: "{{ .Values.config.aai.schemaVersion }}"
- - name: AAI_USERNAME
- value: "{{ .Values.config.aai.username }}"
- - name: AAI_PASSWORD
- value: "{{ .Values.config.aai.password }}"
- name: {{ include "common.name" . }}
- volumeMounts:
- - mountPath: /var/log/onap
- name: lenovo-log
- - mountPath: /opt/lenovo/thinkcloud/pub/config/log.yml
- name: lenovo-logconfig
- subPath: log.yml
- resources:
-{{ include "common.resources" . | indent 12 }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- httpGet:
- path: /api/multicloud-thinkcloud/v1/swagger.json
- port: {{ .Values.service.internalPort }}
- scheme: HTTP
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- successThreshold: {{ .Values.liveness.successThreshold }}
- failureThreshold: {{ .Values.liveness.failureThreshold }}
- {{ end }}
- # side car containers
- - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: filebeat-onap
- volumeMounts:
- - mountPath: /usr/share/filebeat/filebeat.yml
- name: filebeat-conf
- subPath: filebeat.yml
- - mountPath: /var/log/onap
- name: lenovo-log
- - mountPath: /usr/share/filebeat/data
- name: lenovo-data-filebeat
-
- volumes:
- - name: lenovo-log
- emptyDir: {}
- - name: lenovo-data-filebeat
- emptyDir: {}
- - name: filebeat-conf
- configMap:
- name: multicloud-filebeat-configmap
- - name: lenovo-logconfig
- configMap:
- name: {{ include "common.fullname" . }}-log-configmap
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- restartPolicy: Always
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
- annotations:
- msb.onap.org/service-info: '[
- {
- "serviceName": "multicloud-thinkcloud",
- "version": "v0",
- "url": "/api/multicloud-thinkcloud/v0",
- "protocol": "REST",
- "port": "{{ .Values.service.externalPort }}",
- "visualRange": "1"
- },
- {
- "serviceName": "multicloud-thinkcloud",
- "version": "v1",
- "url": "/api/multicloud-thinkcloud/v1",
- "protocol": "REST",
- "port": "{{ .Values.service.externalPort }}",
- "visualRange": "1"
- }
- ]'
-
-spec:
- ports:
- {{ if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- type: {{ .Values.service.type }}
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 304
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/multicloud/openstack-lenovo:1.3.4
-pullPolicy: Always
-
-#Istio sidecar injection policy
-istioSidecar: true
-
-# application configuration
-config:
- msbgateway: msb-iag
- msbPort: 80
- aai:
- port: 8443
- schemaVersion: v13
- username: AAI
- password: AAI
-
-service:
- type: ClusterIP
- name: multicloud-thinkcloud
- portName: multicloud-thinkcloud
- externalPort: 9010
- internalPort: 9010
- nodePort: 86
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 5
- enabled: true
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 10m
- memory: 1Gi
- large:
- limits:
- cpu: 2
- memory: 8Gi
- requests:
- cpu: 20m
- memory: 2Gi
- unlimited: {}
- name: mariadb-galera
version: ~5.x-0
repository: '@local'
+ condition: global.mariadbGalera.localCluster
+ - name: mariadb-init
+ version: ~5.x-0
+ repository: '@local'
+ condition: not global.mariadbGalera.localCluster
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}
spec:
containers:
- name: {{ include "common.name" . }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: SPRING_DATASOURCE_URL
- value: jdbc:mariadb://{{ index .Values "mariadb-galera" "service" "name" }}.{{ include "common.namespace" . }}:3306/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
+ value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: SPRING_DATASOURCE_USERNAME
value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
+ name: {{ include "common.mariadbSecret" . }}
+ key: {{ include "common.mariadbSecretParam" . }}
- name: SPRING_DATA_MONGODB_HOST
value: {{ .Values.mongo.service.name }}.{{ include "common.namespace" . }}
- name: SPRING_DATA_MONGODB_PORT
--- /dev/null
+---
+suite: test deployment behavior
+templates:
+ - deployment.yaml
+tests:
+ - it: "should render with default values (global)"
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-nbi
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: nbi
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: nbi
+ - equal:
+ path: spec.template.metadata.name
+ value: RELEASE-NAME-nbi
+ - equal:
+ path: spec.replicas
+ value: 1
+ - isNull:
+ path: spec.template.spec.nodeSelector
+ - isNull:
+ path: spec.template.spec.affinity
+
+ - it: "should render with default value (container)"
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].name
+ value: nbi
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: nexus3.onap.org:10001/onap/externalapi/nbi:5.0.1
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: IfNotPresent
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_URL
+ value: jdbc:mariadb://mariadb-galera:3306/nbi
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_USERNAME
+ value: rene
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-nbi-config
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATA_MONGODB_HOST
+ value: nbi-mongohost.NAMESPACE
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATA_MONGODB_PORT
+ value: "27017"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATA_MONGODB_DATABASE
+ value: ServiceOrderDB
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: ONAP_LCPCLOUDREGIONID
+ value: RegionOne
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: ONAP_TENANTID
+ value: 31047205ce114b60833b23e400d6a535
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: ONAP_CLOUDOWNER
+ value: CloudOwner
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: NBI_URL
+ value: http://nbi.NAMESPACE:8080/nbi/api/v4
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SDC_HOST
+ value: https://sdc-be.NAMESPACE:8443
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SDC_HEADER_ECOMPINSTANCEID
+ value: OOM
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SDC_HEADER_AUTHORIZATION
+ value: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: AAI_HOST
+ value: https://aai.NAMESPACE:8443
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: AAI_HEADER_AUTHORIZATION
+ value: Basic QUFJOkFBSQ==
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SO_HOST
+ value: http://so.NAMESPACE:8080
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DMAAP_HOST
+ value: http://message-router.NAMESPACE:3904
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: LOGGING_LEVEL_ORG_ONAP_NBI
+ value: INFO
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MSB_ENABLED
+ value: "true"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MSB_DISCOVERY_HOST
+ value: msb-discovery.NAMESPACE
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MSB_DISCOVERY_PORT
+ value: "10081"
+ - equal:
+ path: spec.template.spec.containers[0].livenessProbe
+ value:
+ initialDelaySeconds: 180
+ periodSeconds: 30
+ tcpSocket:
+ port: 8080
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe
+ value:
+ initialDelaySeconds: 185
+ periodSeconds: 30
+ tcpSocket:
+ port: 8080
+ - contains:
+ path: spec.template.spec.containers[0].ports
+ content:
+ containerPort: 8080
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 1
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 2Gi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 100m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 1Gi
+ - it: "should render when deciding to use local cluster (container)"
+ set:
+ global:
+ mariadbGalera:
+ localCluster: true
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_URL
+ value: jdbc:mariadb://nbi-galera:3306/nbi
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_USERNAME
+ value: rene
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-nbi-nbi-galera
+ key: user-password
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:1.1.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ mariadbGalera: &mariadbGalera
+ #This flag allows SO to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
subChartsOnly:
enabled: true
# application image
repository: nexus3.onap.org:10001
image: onap/externalapi/nbi:5.0.1
-pullPolicy: Always
+pullPolicy: IfNotPresent
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
so_authorization:
openStackVNFTenantId: 31047205ce114b60833b23e400d6a535
mariadb-galera:
- config:
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
+ config: &mariadbConfig
userName: rene
userPassword: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb
mariadbRootPassword: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs
service:
name: nbi-galera
portName: nbi-galera
+ internalPort: 3306
replicaCount: 1
persistence:
enabled: true
mountSubPath: nbi/maria/data
+mariadb-init:
+ config: *mariadbConfig
+ nameOverride: nbi-config
+
mongo:
nameOverride: nbi-mongo
config:
repository: '@local'
condition: contrib.enabled
- name: dcaegen2
- version: ~5.x-0
+ version: ~6.x-0
repository: '@local'
condition: dcaegen2.enabled
- name: dmaap
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
#################################################################
# Application configuration defaults.
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
ubuntuInitRepository: oomk8s
ubuntuInitImage: ubuntu-init:1.0.0
persistence: {}
JVM_OPTIONS={{.Values.server.jvmOpts}}
-# SYSTEM software configuration
+# SYSTEM software configuration
POLICY_HOME=/opt/app/policy
POLICY_LOGS=/var/log/onap/policy/pdpd
RELEASE_REPOSITORY_ID=policy-nexus-releases
RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/releases/
-# Relational (SQL) DB access
+# Relational (SQL) DB access
-SQL_HOST={{.Values.global.mariadb.nameOverride}}
+SQL_HOST={{ .Values.global.mariadb.service.name }}
# AAF
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
- --container-name
- {{ .Values.global.nexus.nameOverride }}
env:
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Policy MariaDB Service
-name: mariadb
-version: 5.0.0
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~5.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
+++ /dev/null
-# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- args:
- - --lower-case-table-names=1
- - --wait_timeout=28800
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-root-password
- - name: MYSQL_USER
- value: policy_user
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /docker-entrypoint-initdb.d
- name: mariadb-conf
- - mountPath: /var/lib/mysql
- name: mariadb-data
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: mariadb-conf
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: mariadb:10.2.25
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config:
- mysqlRootPassword: secret
- mysqlUserName: policy_user
- mysqlPassword: policy_user
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 120
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: mariadb/data
-
-service:
- type: ClusterIP
- name: policydb
- portName: policydb
- externalPort: 3306
- internalPort: 3306
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 10m
- memory: 0.5Gi
- large:
- limits:
- cpu: 2
- memory: 4Gi
- requests:
- cpu: 20m
- memory: 1Gi
- unlimited: {}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
"name": "PolicyProviderParameterGroup",
"implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
"databaseDriver": "org.mariadb.jdbc.Driver",
- "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin",
- "databaseUser": "policy_user",
- "databasePassword": "cG9saWN5X3VzZXI=",
+ "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/policyadmin",
+ "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
+ "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
"persistenceUnit": "PolicyMariaDb"
}
}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
env:
- name: NAMESPACE
valueFrom:
TRUSTSTORE_PASSWD=Pol1cy_0nap
JDBC_DRIVER=org.mariadb.jdbc.Driver
-JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
-JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
-JDBC_USER=policy_user
-JDBC_PASSWORD=policy_user
+JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
+JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
+JDBC_USER={{ .Values.global.mariadb.config.userName }}
+JDBC_PASSWORD={{ .Values.global.mariadb.config.userPassword }}
site_name=site_1
fp_monitor_interval=30
echo "Found existing installation, will not reinstall"
. /opt/app/policy/etc/profile.d/env.sh
-else
+else
if [[ -d config ]]; then
cp config/*.conf .
fi
# (which does nothing if the db is already up-to-date)
dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=))
dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=))
- db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.nameOverride}}
+ db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.service.name}}
fi
fi
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
config:
logstashServiceName: log-ls
logstashPort: 5044
- mariadbPort: 3306
# default number of instances
replicaCount: 1
"name": "PolicyProviderParameterGroup",
"implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
"databaseDriver": "org.mariadb.jdbc.Driver",
- "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin",
- "databaseUser": "policy_user",
- "databasePassword": "cG9saWN5X3VzZXI=",
+ "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/{{ .Values.global.mariadb.config.mysqlDatabase }}",
+ "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
+ "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
"persistenceUnit": "PolicyMariaDb"
},
"topicParameterGroup": {
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Values.global.mariadb.service.name }}
env:
- name: NAMESPACE
valueFrom:
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
{
- "name": "XacmlPdpGroup",
+ "name": "XacmlPdpParameters",
+ "pdpGroup": "defaultGroup",
"restServerParameters": {
"host": "0.0.0.0",
"port": 6969,
# JPA Properties
#
javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver
-javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:3306/operationshistory
-javax.persistence.jdbc.user=policy_user
-javax.persistence.jdbc.password=cG9saWN5X3VzZXI=
+javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/operationshistory
+javax.persistence.jdbc.user={{ .Values.global.mariadb.config.userName }}
+javax.persistence.jdbc.password={{ .Values.global.mariadb.config.userPassword | b64enc }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
env:
- name: NAMESPACE
valueFrom:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
# limitations under the License.
#!/bin/bash -xv
-
+mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; };
for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory
do
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
-
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-db-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
env:
- name: NAMESPACE
valueFrom:
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ .Release.Name }}-galera-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+spec:
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+#This container checks that all galera instances are up before initializing it.
+ - name: {{ include "common.name" . }}-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ - --container-name
+ - {{ index .Values "mariadb-galera" "service" "name" }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ .Release.Name }}-galera-config
+ image: {{ .Values.mariadb_image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /dbcmd-config/db.sh
+ name: {{ include "common.fullname" . }}-config
+ subPath: db.sh
+ command:
+ - /bin/sh
+ args:
+ - -x
+ - /dbcmd-config/db.sh
+ env:
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-secret
+ key: db-root-password
+ - name: MYSQL_HOST
+ value: "{{ index .Values "mariadb-galera" "service" "name" }}"
+ - name: MYSQL_USER
+ value: "{{ index .Values "mariadb-galera" "config" "userName" }}"
+ - name: MYSQL_PORT
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
+ restartPolicy: Never
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-db-configmap
+ items:
+ - key: db.sh
+ path: db.sh
-# Copyright © 2017 Amdocs, Bell Canada, Orange
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
- mariadb:
- nameOverride: policydb
pdp:
nameOverride: pdp
pap:
- nameOverride: pap
+ nameOverride: policy
drools:
nameOverride: drools
brmwgw:
nameOverride: brmsgw
nexus:
nameOverride: nexus
+ mariadb:
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
+ config: &mariadbConfig
+ userName: policy_user
+ userPassword: policy_user
+ mariadbRootPassword: secret
+ mysqlDatabase: policyadmin
+ service: &mariadbService
+ name: policy-mariadb
+ portName: mysql-policy
+ internalPort: 3306
#################################################################
# Application configuration defaults.
# application image
repository: nexus3.onap.org:10001
image: onap/policy-pe:1.5.2
+mariadb_image: library/mariadb:10
pullPolicy: Always
subChartsOnly:
enabled: true
-nameOverride: pap
-
+pap:
+ nameOverride: pap
pdp:
nameOverride: pdp
-mariadb:
- nameOverride: policydb
drools:
nameOverride: drools
brmwgw:
ingress:
enabled: false
+mariadb-galera:
+ # mariadb-galera.config and global.mariadb.config must be equals
+ config: *mariadbConfig
+ nameOverride: policy-mariadb
+ # mariadb-galera.service and global.mariadb.service must be equals
+ service: *mariadbService
+ replicaCount: 1
+ persistence:
+ enabled: true
+ mountSubPath: policy/maria/data
+
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
-Subproject commit 5526182fa60a7a61c8158c98b6be8dfc66c8330b
+Subproject commit 6e38b492acd3ec44a869055092399b6f18c659b8
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.7.4
+image: onap/sdnc-dmaap-listener-image:1.7.6
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.7.4
+image: onap/sdnc-ansible-server-image:1.7.6
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.7.4
+image: onap/admportal-sdnc-image:1.7.6
config:
dbRootPassword: secretpassword
dbSdnctlPassword: gamma
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.7.4
+image: onap/sdnc-ueb-listener-image:1.7.6
pullPolicy: Always
# flag to enable debugging - application support required
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.7.4
+image: onap/sdnc-image:1.7.6
# flag to enable debugging - application support required
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP VID MariaDB Galera cluster
-name: vid_mariadb_galera
-version: 5.0.0
-keywords:
- - mariadb
- - mysql
- - database
- - sql
- - galera
- - cluster
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-MariaDB-Galera service can be accessed via port 3306 on the following DNS name from within your cluster:
-{{ include "common.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
-
-To connect to your database:
-
-1. Run a pod that you can use as a client:
-
- kubectl run {{ include "common.fullname" . }}-client --rm --tty -i --image mariadb --command -- bash
-
-2. Connect using the mysql cli, then provide your password:
- $ mysql -h {{ include "common.fullname" . }} {{- if .Values.mysqlRootPassword }} -p {{ .Values.mysqlRootPassword }}{{- end -}}
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-confd
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
----
-{{- if .Values.externalConfig }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-externalconfig
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
- my_extra.cnf: |-
- [mysqld]
- lower_case_table_names = 1
-
-#{{ toYaml .Values.externalConfig | indent 4 }}
-#{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
- user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- annotations:
- service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
-# name: {{ include "common.servicename" . }}
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-spec:
- ports:
- - name: {{ .Values.service.portName }}
- port: {{ .Values.service.internalPort }}
- clusterIP: None
- selector:
- app: {{ include "common.fullname" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-spec:
-# serviceName: {{ include "common.fullname" . }}
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.fullname" . }}
- release: {{ .Release.Name }}
- annotations:
- pod.alpha.kubernetes.io/initialized: "true"
- spec:
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end }}
- volumes:
- {{- if .Values.externalConfig }}
- - name: config
- configMap:
- name: {{ include "common.fullname" . }}-externalconfig
- {{- end}}
- - name: localtime
- hostPath:
- path: /etc/localtime
- imagePullSecrets:
- - name: {{ include "common.namespace" . }}-docker-registry-key
- containers:
- - name: {{ include "common.fullname" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: MYSQL_USER
- value: {{ default "" .Values.config.userName | quote }}
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: user-password
- - name: MYSQL_DATABASE
- value: {{ default "" .Values.config.mysqlDatabase | quote }}
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- - containerPort: {{ .Values.service.sstPort }}
- name: {{ .Values.service.sstName }}
- - containerPort: {{ .Values.service.replicationPort }}
- name: {{ .Values.service.replicationName }}
- - containerPort: {{ .Values.service.istPort }}
- name: {{ .Values.service.istName }}
- readinessProbe:
- exec:
- command:
- - /usr/share/container-scripts/mysql/readiness-probe.sh
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command: ["mysqladmin", "ping"]
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{- end }}
- resources:
-{{ include "common.resources" . | indent 12 }}
- volumeMounts:
- {{- if .Values.externalConfig }}
- - mountPath: /etc/config
- name: config
- {{- end}}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-{{- if .Values.persistence.enabled }}
- - mountPath: /var/lib/mysql
- name: {{ include "common.fullname" . }}-data
- subPath: data
- initContainers:
- - name: mariadb-galera-prepare
- image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
- command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
- volumeMounts:
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/mysql
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-data
- labels:
- name: {{ include "common.fullname" . }}
- annotations:
- {{- if .Values.persistence.storageClass }}
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }}
- {{- else }}
- volume.alpha.kubernetes.io/storage-class: default
- {{- end }}
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- repository: nexus3.onap.org:10001
-
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-#repository: mysql
-repository: nexus3.onap.org:10001
-image: adfinissygroup/k8s-mariadb-galera-centos:v004
-imageInit: busybox
-pullPolicy: IfNotPresent
-
-# application configuration
-config:
- mariadbRootPassword: secretpassword
-# userName: my-user
-# userPassword: my-password
-# mysqlDatabase: my-database
- userName: vidadmin
- userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- mysqlDatabase: vid_openecomp_epsdk
-
-
-# default number of instances in the StatefulSet
-replicaCount: 2
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: false
-
-readiness:
- initialDelaySeconds: 15
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: false
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
-
-
-service:
- internalPort: 3306
- name: vid-galera
- portName: vid-galera
- sstPort: 4444
- sstName: sst
- replicationPort: 4567
- replicationName: replication
- istPort: 4568
- istName: ist
-
-ingress:
- enabled: false
-
-
-## Configure MariaDB-Galera with a custom my.cnf file
-## ref: https://mariadb.com/kb/en/mariadb/configuring-mariadb-with-mycnf/#example-of-configuration-file
-##
-#externalConfig: {}
-externalConfig: |-
- lower_case_table_names = 1
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 10m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 500Mi
- large:
- limits:
- cpu: 20m
- memory: 2Gi
- requests:
- cpu: 20m
- memory: 1Gi
- unlimited: {}
-# Name for mariadb-galera cluster - should be unique accross all projects or other clusters
-nameOverride: vid-mariadb-galera
-
-# DNS name for mariadb-galera cluster - should be unique accross all projects other clusters
-#dnsnameOverride: mariadb-galera
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
- name: VID_UEB_URL_LIST
value: message-router.{{ include "common.namespace" . }}
- name: VID_MYSQL_HOST
- value: "{{ .Values.config.vidmysqlhost }}"
+ value: {{ index .Values "mariadb-galera" "service" "name" }}
- name: VID_MYSQL_PORT
- value: "{{ .Values.config.vidmysqlport }}"
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
- name: VID_MYSQL_DBNAME
- value: "{{ .Values.config.vidmysqldbname }}"
+ value: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: VID_MYSQL_USER
- value: "{{ .Values.config.vidmysqluser }}"
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: VID_MYSQL_PASS
- value: "{{ .Values.config.vidmysqlpassword }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-db
+ key: db-user-password
#valueFrom:
# secretKeyRef: {name: {{ include "common.fullname" . }}, key: vid-password}
- name: VID_MYSQL_MAXCONNECTIONS
name: {{ include "common.fullname" . }}-log-configmap
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- /root/ready.py
-{{- $fullname := include "common.fullname" . -}}
-{{- range $i,$t := until (int .Values.vid_mariadb_galera.replicaCount)}}
- --container-name
- - {{ $fullname }}-mariadb-galera-{{$i}}
-{{- end }}
+ - {{ index .Values "mariadb-galera" "service" "name" }}
env:
- name: NAMESPACE
valueFrom:
- /dbcmd-config/db_cmd.sh
env:
- name: MYSQL_PASSWORD
- value: "{{ .Values.config.vidmysqlpassword }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-db
+ key: db-user-password
- name: MYSQL_HOST
- value: "{{ .Values.config.vidmysqlhost }}"
+ value: {{ index .Values "mariadb-galera" "service" "name" }}
- name: MYSQL_USER
- value: "{{ .Values.config.vidmysqluser }}"
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: MYSQL_PORT
- value: "{{ .Values.config.vidmysqlport }}"
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
restartPolicy: Never
volumes:
- name: {{ include "common.fullname" . }}-config
path: db_cmd.sh
- key: vid-pre-init.sql
path: vid-pre-init.sql
-
type: Opaque
data:
{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-db
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+ db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }}
+ db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.1
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz
msodme2serverurl: http://localhost:8081
vidcontactuslink: https://todo_contact_us_link.com
- vidmysqlhost: vid-galera
- vidmysqlport: "3306"
- vidmysqldbname: vid_openecomp_epsdk
- vidmysqluser: vidadmin
vidmysqlmaxconnections: "5"
logstashServiceName: log-ls
logstashPort: 5044
roleaccesscentralized: remote
-# subchart configuration
-vid_mariadb_galera:
-# nameOverride: vid-mariadb-galera
- replicaCount: 1
+mariadb-galera:
+ config:
+ userName: vidadmin
+ userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ mariadbRootPassword: kjgsdhjqhawxvnbpoiawsfgjsqhsgjhjhdqihhjqdvcbxkjchizpw
+ mysqlDatabase: vid_openecomp_epsdk
+ nameOverride: vid-galera
+ service:
+ name: vid-galera
+ portName: mysql-vid
+ internalPort: "3306"
+ replicaCount: 3
+ persistence:
+ enabled: true
+ mountSubPath: vid/maria/data
+ externalConfig: |-
+ lower_case_table_names = 1
# default number of instances
replicaCount: 1