-#!/bin/bash
+#!/bin/sh
usage () {
echo "Usage:"
#Update the /etc/exports
NFS_EXP=""
for i in $@; do
- NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) "
+ NFS_EXP="${NFS_EXP}$i(rw,sync,no_root_squash,no_subtree_check) "
done
echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports
-#!/bin/bash
+#!/bin/sh
DOCKER_VERSION=18.09.5
systemctl restart docker
apt-mark hold docker-ce
-IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
-HOSTNAME=`hostname`
+IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}')
+HOST_NAME=$(hostname)
-echo "$IP_ADDR $HOSTNAME" >> /etc/hosts
+echo "$IP_ADDR $HOST_NAME" >> /etc/hosts
docker login -u docker -p docker nexus3.onap.org:10001
-#!/bin/bash
+#!/bin/sh
DOCKER_VERSION=18.09.5
systemctl restart docker
apt-mark hold docker-ce
-IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
-HOSTNAME=`hostname`
+IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}')
+HOST_NAME=$(hostname)
-echo "$IP_ADDR $HOSTNAME" >> /etc/hosts
+echo "$IP_ADDR $HOST_NAME" >> /etc/hosts
docker login -u docker -p docker nexus3.onap.org:10001
-#!/bin/bash
+#!/bin/sh
apt-get update
-IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
-HOSTNAME=`hostname`
+IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}')
+HOST_NAME=$(hostname)
-echo "$IP_ADDR $HOSTNAME" >> /etc/hosts
+echo "$IP_ADDR $HOST_NAME" >> /etc/hosts
sudo apt-get install make -y
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/
.project
.idea/
*.tmproj
+components/
nameOverride: *appc-db
replicaCount: 1
+ mariadbConfiguration: |-
+ [client]
+ port=3306
+ socket=/opt/bitnami/mariadb/tmp/mysql.sock
+ plugin_dir=/opt/bitnami/mariadb/plugin
+
+ [mysqld]
+ lower_case_table_names = 1
+ default_storage_engine=InnoDB
+ basedir=/opt/bitnami/mariadb
+ datadir=/bitnami/mariadb/data
+ plugin_dir=/opt/bitnami/mariadb/plugin
+ tmpdir=/opt/bitnami/mariadb/tmp
+ socket=/opt/bitnami/mariadb/tmp/mysql.sock
+ pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
+ bind_address=0.0.0.0
+
+ ## Character set
+ collation_server=utf8_unicode_ci
+ init_connect='SET NAMES utf8'
+ character_set_server=utf8
+
+ ## MyISAM
+ key_buffer_size=32M
+ myisam_recover_options=FORCE,BACKUP
+
+ ## Safety
+ skip_host_cache
+ skip_name_resolve
+ max_allowed_packet=16M
+ max_connect_errors=1000000
+ sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE
+ sysdate_is_now=1
+
+ ## Binary Logging
+ log_bin=mysql-bin
+ expire_logs_days=14
+ # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
+ sync_binlog=0
+ # Required for Galera
+ binlog_format=row
+
+ ## Caches and Limits
+ tmp_table_size=32M
+ max_heap_table_size=32M
+ # Re-enabling as now works with Maria 10.1.2
+ query_cache_type=1
+ query_cache_limit=4M
+ query_cache_size=256M
+ max_connections=500
+ thread_cache_size=50
+ open_files_limit=65535
+ table_definition_cache=4096
+ table_open_cache=4096
+
+ ## InnoDB
+ innodb=FORCE
+ innodb_strict_mode=1
+ # Mandatory per https://github.com/codership/documentation/issues/25
+ innodb_autoinc_lock_mode=2
+ # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
+ innodb_doublewrite=1
+ innodb_flush_method=O_DIRECT
+ innodb_log_files_in_group=2
+ innodb_log_file_size=128M
+ innodb_flush_log_at_trx_commit=1
+ innodb_file_per_table=1
+ # 80% Memory is default reco.
+ # Need to re-evaluate when DB size grows
+ innodb_buffer_pool_size=2G
+ innodb_file_format=Barracuda
+
+ ## Logging
+ log_error=/opt/bitnami/mariadb/logs/mysqld.log
+ slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
+ log_queries_not_using_indexes=1
+ slow_query_log=1
+
+ ## SSL
+ ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
+ # ssl_ca=/certs/ca.pem
+ # ssl_cert=/certs/server-cert.pem
+ # ssl_key=/certs/server-key.pem
+
+ [galera]
+ wsrep_on=ON
+ wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
+ wsrep_sst_method=mariabackup
+ wsrep_slave_threads=4
+ wsrep_cluster_address=gcomm://
+ wsrep_cluster_name=galera
+ wsrep_sst_auth="root:"
+ # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
+ innodb_flush_log_at_trx_commit=2
+ # MYISAM REPLICATION SUPPORT #
+ wsrep_replicate_myisam=ON
+ binlog_format=row
+ default_storage_engine=InnoDB
+ innodb_autoinc_lock_mode=2
+ transaction-isolation=READ-COMMITTED
+ wsrep_causal_reads=1
+ wsrep_sync_wait=7
+
+ [mariadb]
+ plugin_load_add=auth_pam
+
+ ## Data-at-Rest Encryption
+ ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
+ # plugin_load_add=file_key_management
+ # file_key_management_filename=/encryption/keyfile.enc
+ # file_key_management_filekey=FILE:/encryption/keyfile.key
+ # file_key_management_encryption_algorithm=AES_CTR
+ # encrypt_binlog=ON
+ # encrypt_tmp_files=ON
+
+ ## InnoDB/XtraDB Encryption
+ # innodb_encrypt_tables=ON
+ # innodb_encrypt_temporary_tables=ON
+ # innodb_encrypt_log=ON
+ # innodb_encryption_threads=4
+ # innodb_encryption_rotate_key_age=1
+
+ ## Aria Encryption
+ # aria_encrypt_tables=ON
+ # encrypt_tmp_disk_tables=ON
+
dgbuilder:
nameOverride: appc-dgbuilder
certInitializer:
.project
.idea/
*.tmproj
+components/
##
type: ClusterIP
headless: {}
+ internalPort: &dbPort 3306
ports:
- name: mysql
- port: 3306
+ port: *dbPort
headlessPorts:
- name: galera
port: 4567
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/
.idea/
*.tmproj
.vscode/
+components/
.project
.idea/
*.tmproj
+components/
fi
if [ "$DELAY" = "true" ]; then
echo sleep 3m
- sleep 3m
+ sleep 180
fi
else
array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
;;
esac
-exit 0
\ No newline at end of file
+exit 0
.project
.idea/
*.tmproj
+components/
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/
.project
.idea/
*.tmproj
+components/
.project
.idea/
*.tmproj
+components/
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.db.container }}
+ - {{ include "common.mariadbService" . }}
env:
- name: NAMESPACE
valueFrom:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
global: # global defaults
nodePortPrefix: 302
readinessImage: onap/oom/readiness:3.0.1
+ mariadbGalera: {}
subChartsOnly:
enabled: true
# as of 20181022 port 23 is reserved for cmso
# see https://wiki.onap.org/display/DW/OOM+NodePort+List
+mariadb-galera: {}
config:
aaf:
password: pass
# userCredentialsExternalSecret: some-secret
db:
- port: 3306
# rootPassword: pass
# rootPasswordExternalSecret: some secret
user: cmso-admin
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.db.container }}
+ - {{ include "common.mariadbService" . }}
env:
- name: NAMESPACE
valueFrom:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
#################################################################
global: # global defaults
nodePortPrefix: 302
+ mariadbGalera: {}
subChartsOnly:
enabled: true
# as of 20181022 port 23 is reserved for cmso
# see https://wiki.onap.org/display/DW/OOM+NodePort+List
+mariadb-galera: {}
config:
aaf:
password: pass
# userCredentialsExternalSecret: some-secret
db:
- port: 3306
# rootPassword: pass
# rootPasswordExternalSecret: some secret
user: cmso-admin
- name: mariadb-galera
version: ~8.x-0
repository: '@local'
+ condition: global.mariadbGalera.localCluster
- name: mariadb-init
version: ~8.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ commonConfigPrefix: "oof-cmso"
+ truststoreFile: "truststoreONAPall.jks"
+ keystoreFile: "org.onap.oof.jks"
+ truststorePassword:
+ authentication: aaf-auth
+ mariadbGalera: &mariadbGalera
+ #This flag allows OOF-CMSO to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
+
#################################################################
# Secrets metaconfig
#################################################################
login: '{{ .Values.config.aaf.user }}'
password: '{{ .Values.config.aaf.password }}'
-mariadb-galera:
+mariadb-galera: &localMariadb
replicaCount: 1
nameOverride: &dbName cmso-db
nfsprovisionerPrefix: cmso
serviceAccount:
nameOverride: *dbName
-global:
- commonConfigPrefix: "oof-cmso"
- truststoreFile: "truststoreONAPall.jks"
- keystoreFile: "org.onap.oof.jks"
- truststorePassword:
- authentication: aaf-auth
-
mariadb-init:
- mariadbGalera:
- containerName: *dbName
- serviceName: *dbName
- servicePort: 3306
- userRootSecret: *rootPassword
config:
userCredentialsExternalSecret: *serviceDbCreds
mysqlDatabase: cmso
certInitializer:
<< : *certInitConfig
nameOverride: oof-cmso-service-cert-initializer
+ mariadb-galera: *localMariadb
config:
db:
userCredentialsExternalSecret: *serviceDbCreds
- host: *dbName
- container: *dbName
mysqlDatabase: cmso
aaf:
userCredentialsExternalSecret: *aafCreds
certInitializer:
<< : *certInitConfig
nameOverride: oof-cmso-optimizer-cert-initializer
+ mariadb-galera: *localMariadb
config:
enabled: true
db:
userCredentialsExternalSecret: *optimizerDbCreds
- host: *dbName
- container: *dbName
mysqlDatabase: optimizer
aaf:
userCredentialsExternalSecret: *aafCreds
# so that it won't try to fill in a password file when it hasn't been set yet
extraArgs=()
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- extraArgs+=( '--dont-use-mysql-root-password' )
+ extraArgs=${extraArgs}( '--dont-use-mysql-root-password' )
fi
if echo 'SELECT 1' |docker_process_sql "${extraArgs[@]}" --database=mysql >/dev/null 2>&1; then
break
# beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password
# see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3
# (this flag doesn't exist in 10.0 and below)
- installArgs+=( --auth-root-authentication-method=normal )
+ installArgs=${installArgs}( --auth-root-authentication-method=normal )
fi
# "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
mysql_install_db "${installArgs[@]}" "${@:2}"
docker_process_sql() {
passfileArgs=()
if [ '--dont-use-mysql-root-password' = "$1" ]; then
- passfileArgs+=( "$1" )
+ passfileArgs=${passfileArgs}( "$1" )
shift
fi
# args sent in can override this db, since they will be later in the command
if [ $execscript ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
- [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
+ [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script"
done
fi
if [ "${!#}" = "execscript" ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
- [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
+ [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script"
done
fi
if [ "${!#}" = "execscript" ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
- [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
+ [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script"
done
fi
#!/bin/bash
-{{/*
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
-#!/bin/bash
-{{/*
+#!/bin/sh
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
-#!/bin/bash
-{{/*
+#!/bin/sh
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
.project
.idea/
*.tmproj
+components/
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/