url = ../aai/oom
branch = .
ignore = dirty
+[submodule "kubernetes/robot"]
+ path = kubernetes/robot
+ url = ../testsuite/oom
+ branch = .
+ ignore = dirty
+
\ No newline at end of file
ONAP Operations Manager Release Notes
=====================================
+Version 5.0.0 (El Alto Early Drop)
+----------------------------------
+
+:Release Date: 2019-08-19
+
+Summary
+-------
+
+**Software Requirements**
+
+* Upgraded to Kubernetes 1.15.x and Helm 1.14.x
+
+
Version 4.0.0 (Dublin Release)
------------------------------
spec:
containers:
- name: {{ include "common.name" . }}
- image: {{ .Values.global.repository }}/onap/aaf/aaf_cass:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.cass.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
# installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well
command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
spec:
initContainers:
- name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
volumeMounts:
value: "{{ .Values.global.aaf.aaf_release }}"
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
- - name: aaf_locator_container
- value: "oom"
- name: aaf_locator_public_fqdn
value: "{{.Values.global.aaf.public_fqdn}}"
- name: aaf_locator_name
value: "{{.Values.global.aaf.aaf_locator_name}}"
- name: aaf_locator_name_oom
value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
+ - name: cm_always_ignore_ips
+ value: "true"
- name: CASSANDRA_CLUSTER
value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}"
# - name: CASSANDRA_USER
containers:
- name: {{ include "common.name" . }}
command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_cm:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
spec:
initContainers:
- name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
volumeMounts:
value: "{{ .Values.global.aaf.aaf_release }}"
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
- - name: aaf_locator_container
- value: "oom"
- name: aaf_locator_public_fqdn
value: "{{.Values.global.aaf.public_fqdn}}"
- name: aaf_locator_name
value: "{{.Values.global.aaf.aaf_locator_name}}"
- name: aaf_locator_name_oom
value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
+ - name: cm_always_ignore_ips
+ value: "true"
- name: CASSANDRA_CLUSTER
value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}"
# - name: CASSANDRA_USER
# - name: CASSANDRA_PASSWORD
# value: ""
# - name: CASSANDRA_PORT
+# value: ""
containers:
- name: {{ include "common.name" . }}
command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_fs:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
spec:
initContainers:
- name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
volumeMounts:
value: "{{ .Values.global.aaf.aaf_release }}"
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
- - name: aaf_locator_container
- value: "oom"
- name: aaf_locator_public_fqdn
value: "{{.Values.global.aaf.public_fqdn}}"
- name: aaf_locator_name
value: "{{.Values.global.aaf.aaf_locator_name}}"
- name: aaf_locator_name_oom
value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
+ - name: cm_always_ignore_ips
+ value: "true"
- name: CASSANDRA_CLUSTER
value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}"
# - name: CASSANDRA_USER
# - name: CASSANDRA_PASSWORD
# value: ""
# - name: CASSANDRA_PORT
+# value: ""
containers:
- name: {{ include "common.name" . }}
command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-gui aaf-locate && exec bin/gui"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_gui:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
# See the License for the specific language governing permissions and
# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
--- /dev/null
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+#########
+## ============LICENSE_START====================================================
+## org.onap.aaf
+## ===========================================================================
+## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+## ===========================================================================
+## Licensed under the Apache License, Version 2.0 (the "License");
+## you may not use this file except in compliance with the License.
+## You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ============LICENSE_END====================================================
+##
+
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-aaf-hello-pv
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ .Chart.Name }}-hello
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.config.size}}
+ accessModes:
+ - {{ .Values.persistence.config.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.config.mountPath }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
--- /dev/null
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+#########
+## ============LICENSE_START====================================================
+## org.onap.aaf
+## ===========================================================================
+## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+## ===========================================================================
+## Licensed under the Apache License, Version 2.0 (the "License");
+## you may not use this file except in compliance with the License.
+## You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ============LICENSE_END====================================================
+##
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-aaf-hello-pvc
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}-hello
+ accessModes:
+ - {{ .Values.persistence.config.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.config.size }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-hello-vol
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-hello-pvc
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
initContainers:
- - name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_agent:{{.Values.global.aaf.imageVersion}}
+ - name: {{ include "common.name" . }}-config
+ image: {{ .Values.global.repository }}/{{.Values.aaf_init.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- - mountPath: "/opt/app/osaaf/local"
+ - mountPath: "/opt/app/osaaf"
name: aaf-hello-vol
- command: ["bash","-c","/opt/app/aaf_config/bin/pod_wait.sh config nc aaf-cm.{{.Release.Namespace}} 8150 remove && cd /opt/app/osaaf/local && /opt/app/aaf_config/bin/agent.sh"]
+# NOTE: Before this, need Liveness Attached to aaf-certman
+ command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
env:
- - name: aaf_env
- value: "{{ .Values.global.aaf.aaf_env }}"
- - name: cadi_latitude
- value: "{{ .Values.global.aaf.cadi_latitude }}"
- - name: cadi_longitude
- value: "{{ .Values.global.aaf.cadi_longitude }}"
+ - name: APP_FQI
+ value: "{{ .Values.aaf_init.fqi }}"
- name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}"
- - name: aaf_locator_container
- value: "oom"
- - name: aaf_release
- value: "{{ .Values.global.aaf.aaf_release }}"
- - name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
+ value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
- name: aaf_locator_container
value: "oom"
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aaf_init.fqdn }}"
- name: aaf_locator_app_ns
- value: "org.osaaf.aaf"
- - name: "APP_FQDN"
- value: "{{ .Values.global.aaf.hello.fqdn }}"
- - name: "APP_FQI"
- value: "aaf@aaf.osaaf.org"
- - name: "DEPLOY_FQI"
+ value: "{{ .Values.aaf_init.app_ns }}"
+ - name: DEPLOY_FQI
value: "deployer@people.osaaf.org"
- - name: "DEPLOY_PASSWORD"
+# Note: We want to put this in Secrets or at LEAST ConfigMaps
+ - name: DEPLOY_PASSWORD
value: "demo123456!"
-# Hello specific. Clients don't necessarily need this
+# Note: want to put this on Nodes, evenutally
+ - name: cadi_longitude
+ value: "{{ .Values.aaf_init.cadi_longitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aaf_init.cadi_latitude }}"
+# Hello specific. Clients don't don't need this, unless Registering with AAF Locator
- name: aaf_locator_public_fqdn
value: "{{.Values.global.aaf.public_fqdn}}"
- - name: aaf_locator_name
- value: "{{.Values.global.aaf.aaf_locator_name}}"
- - name: aaf_locator_name_oom
- value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
- - name: aaf_locator_fqdn_oom
- value: "%N.%CNS"
containers:
- name: {{ include "common.name" . }}
- command: ["/bin/bash","-c","cd /opt/app/aaf && exec bin/hello"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_hello:{{.Values.global.aaf.imageVersion}}
+ command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"]
+ image: {{ .Values.global.repository }}/{{.Values.service.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- - mountPath: "/opt/app/osaaf/local"
+ - mountPath: "/opt/app/osaaf"
name: aaf-hello-vol
- - mountPath: "/opt/app/aaf/status"
- name: aaf-status-vol
- mountPath: /etc/localtime
name: localtime
readOnly: true
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.port }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.port }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-status-vol
- persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
- - name: aaf-hello-vol
- emptyDir: {}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
heritage: {{ .Release.Service }}
spec:
ports:
- - port: {{ .Values.global.aaf.hello.internal_port }}
- nodePort: {{ .Values.global.aaf.hello.public_port }}
+ - port: {{ .Values.service.port }}
+ nodePort: {{ .Values.service.public_port }}
name: aaf-hello
selector:
app: {{ include "common.name" . }}
# Application configuration defaults.
#################################################################
# application image
+aaf_init:
+ # You might want this in your own app. For AAF, we store in global
+ # replicas: 1
+ fqdn: "aaf-hello"
+ image: onap/aaf/aaf_agent:2.1.15
+ app_ns: "org.osaaf.aaf"
+ fqi: "aaf@aaf.osaaf.org"
+ fqdn: "aaf-hello"
+ public_fqdn: "aaf.osaaf.org"
+ deploy_fqi: "deployer@people.osaaf.org"
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+service:
+ image: onap/aaf/aaf_hello:2.1.15
+ port: "8130"
+ public_port: "31119"
+
+persistence:
+ enabled: true
+ config:
+ #existingClaim:
+ # You will want "Reatan" in non-Hello Example.
+ volumeReclaimPolicy: Delete
+ accessMode: ReadWriteMany
+ size: 40M
+ storageClass: "manual"
+ mountPath: "/mnt/data/aaf/hello"
nodeSelector: {}
initialDelaySeconds: 5
periodSeconds: 10
-service:
- name: aaf-hello
- type: ClusterIP
- portName: aaf-hello
- #targetPort
- internalPort: 8130
- #port
- externalPort: 8130
-
ingress:
enabled: false
spec:
initContainers:
- name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
volumeMounts:
value: "{{ .Values.global.aaf.aaf_release }}"
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
- - name: aaf_locator_container
- value: "oom"
- name: aaf_locator_public_fqdn
value: "{{.Values.global.aaf.public_fqdn}}"
- name: aaf_locator_name
value: "{{.Values.global.aaf.aaf_locator_name}}"
- name: aaf_locator_name_oom
value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
+ - name: cm_always_ignore_ips
+ value: "true"
- name: CASSANDRA_CLUSTER
value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}"
# - name: CASSANDRA_USER
# - name: CASSANDRA_PASSWORD
# value: ""
# - name: CASSANDRA_PORT
+# value: ""
containers:
- name: {{ include "common.name" . }}
command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_locate:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
spec:
initContainers:
- name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
volumeMounts:
value: "{{ .Values.global.aaf.aaf_release }}"
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
- - name: aaf_locator_container
- value: "oom"
- name: aaf_locator_public_fqdn
value: "{{.Values.global.aaf.public_fqdn}}"
- name: aaf_locator_name
value: "{{.Values.global.aaf.aaf_locator_name}}"
- name: aaf_locator_name_oom
value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
+ - name: cm_always_ignore_ips
+ value: "true"
- name: CASSANDRA_CLUSTER
value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}"
# - name: CASSANDRA_USER
# - name: CASSANDRA_PASSWORD
# value: ""
# - name: CASSANDRA_PORT
+# value: ""
containers:
- name: {{ include "common.name" . }}
command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_oauth:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
spec:
initContainers:
- name: {{ include "common.name" . }}-config-container
- image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}}
+ image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config nc aaf-cass.{{ .Release.Namespace }} 9042 sleep 15 remove && bin/agent.sh"]
volumeMounts:
value: "{{.Values.global.aaf.aaf_locator_name}}"
- name: aaf_locator_name_oom
value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
+ - name: cm_always_ignore_ips
+ value: "true"
- name: CASSANDRA_CLUSTER
value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}"
# - name: CASSANDRA_USER
# value: ""
containers:
- name: {{ include "common.name" . }}
- command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"]
- image: {{ .Values.global.repository }}/onap/aaf/aaf_service:{{.Values.global.aaf.imageVersion}}
+ command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"]
+ image: {{.Values.global.repository}}/{{.Values.global.aaf.image}}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: cm_always_ignore_ips
+ value: "true"
lifecycle:
preStop:
exec:
- name: {{ .Values.service.portName }}
{{if eq .Values.service.type "NodePort" -}}
port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
{{- else -}}
port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.PortName }}
{{if eq .Values.service.type "NodePort" -}}
port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
{{- else -}}
port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
persistence:
enabled: true
- pullPolicy: Always
+ # Standard OOM
+ pullPolicy: "Always"
repository: "nexus3.onap.org:10001"
- # pullPolicy: IfNotPresent
- # repository: "nexus3.onap.org:10003"
+
+ # Use Local
+ #pullPolicy: IfNotPresent
+ #repository: "nexus3.onap.org:10003"
aaf:
- imageVersion: 2.1.13
- #imageVersion: latest
readiness: false
+ image: onap/aaf/aaf_core:2.1.15
aaf_env: "DEV"
public_fqdn: "aaf.osaaf.org"
- aaf_release: "Dublin"
+ aaf_release: "El Alto"
# DUBLIN ONLY - for M4 compatibility with Casablanca
- aaf_locator_name: "public.%NS.%N"
- aaf_locator_name_oom: "%NS.%N"
+ # aaf_locator_name: "public.%NS.%N"
+ # aaf_locator_name_oom: "%NS.%N"
# EL ALTO and Beyond
- # aaf_locator_name: "%NS.%N"
- # aaf_locator_name_oom: "%CNS.%NS.%N"
+ aaf_locator_name: "%NS.%N"
+ aaf_locator_name_oom: "%CNS.%NS.%N"
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
+ config:
+ image: onap/aaf/aaf_config:2.1.15
cass:
replicas: 1
+ image: onap/aaf/aaf_cass:2.1.15
fqdn: "aaf-cass"
cluster_name: "osaaf"
heap_new_size: "512M"
public_port: 31115
hello:
replicas: 0
- fqdn: "aaf-hello"
- internal_port: 8130
- public_port: 31116
#################################################################
# Application configuration defaults.
-Subproject commit c2d6e68b32be2bc2a421f21d23b12abdf314198c
+Subproject commit 55cb73cadc59537643c0fe5cb7ededadc9ff2b48
###
#hostname=localhost
-cadi_loglevel=INFO
+cadi_loglevel=DEBUG
cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv
############################################################
aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
# AAF URL
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
# AAF Environment Designation
aaf_env=DEV
# OAuth2 Endpoints
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: "{{ .Values.service.portName }}-8282"
+ name: "{{ .Values.service.portName }}-8443"
- port: {{ .Values.service.externalPort2 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
name: "{{ .Values.service.portName }}-1830"
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}-8282
+ name: {{ .Values.service.portName }}-8443
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
name: {{ .Values.service.portName }}-1830
name: appc
portName: appc
#targetPort
- internalPort: 8181
+ internalPort: 8443
#port
- externalPort: 8282
+ externalPort: 8443
nodePort: 30
externalPort2: 1830
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
# limitations under the License.
#
# Web server config
+### START -Controller Blueprints Properties
+# Load Resource Source Mappings
+resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,config-data=source-rest,aai-data=source-rest,capability=source-capability
+
+# Controller Blueprints Core Configuration
+controllerblueprints.blueprintDeployPath=/opt/app/onap/blueprints/deploy
+controllerblueprints.blueprintArchivePath=/opt/app/onap/blueprints/archive
+controllerblueprints.blueprintWorkingPath=/opt/app/onap/blueprints/working
+
+# Controller Blueprint Load Configurations
+# blueprints.load.initial-data may be overridden by ENV variables
+controllerblueprints.loadInitialData=true
+controllerblueprints.loadBluePrint=true
+controllerblueprints.loadBluePrintPaths=/opt/app/onap/model-catalog/blueprint-model/service-blueprint
+controllerblueprints.loadModelType=true
+controllerblueprints.loadModeTypePaths=/opt/app/onap/model-catalog/definition-type/starter-type
+controllerblueprints.loadResourceDictionary=true
+controllerblueprints.loadResourceDictionaryPaths=/opt/app/onap/model-catalog/resource-dictionary/starter-dictionary
+
+# CBA file extension
+controllerblueprints.loadCbaExtension=zip
+
+### END -Controller Blueprints Properties
+
blueprintsprocessor.grpcEnable=true
blueprintsprocessor.httpPort=8080
blueprintsprocessor.grpcPort=9111
blueprintsprocessor.blueprintWorkingPath=/opt/app/onap/blueprints/work
# Primary Database Configuration
-blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl
-blueprintsprocessor.db.primary.username=sdnctl
-blueprintsprocessor.db.primary.password=sdnctl
-blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver
-blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update
-blueprintsprocessor.db.primary.hibernateDDLAuto=update
-blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy
-blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect
+blueprintsprocessor.db.url=jdbc:mysql://db:3306/sdnctl
+blueprintsprocessor.db.username=sdnctl
+blueprintsprocessor.db.password=sdnctl
+blueprintsprocessor.db.driverClassName=org.mariadb.jdbc.Driver
+blueprintsprocessor.db.hibernateHbm2ddlAuto=update
+blueprintsprocessor.db.hibernateDDLAuto=update
+blueprintsprocessor.db.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy
+blueprintsprocessor.db.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect
# Python executor
blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints
blueprintsprocessor.grpcclient.remote-python.port=50051
blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
-# Primary Config Data REST client settings
-blueprintsprocessor.restclient.primary-config-data.type=basic-auth
-blueprintsprocessor.restclient.primary-config-data.url=http://sdnc:8282
-blueprintsprocessor.restclient.primary-config-data.username=admin
-blueprintsprocessor.restclient.primary-config-data.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-# Primary AAI Data REST Client settings
-blueprintsprocessor.restclient.primary-aai-data.type=basic-auth
-blueprintsprocessor.restclient.primary-aai-data.url=https://aai.onap:8443
-blueprintsprocessor.restclient.primary-aai-data.username=aai@aai.onap.org
-blueprintsprocessor.restclient.primary-aai-data.password=demo123456!
+# Config Data REST client settings
+blueprintsprocessor.restclient.config-data.type=basic-auth
+blueprintsprocessor.restclient.config-data.url=http://sdnc:8282
+blueprintsprocessor.restclient.config-data.username=admin
+blueprintsprocessor.restclient.config-data.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
+# AAI Data REST Client settings
+blueprintsprocessor.restclient.aai-data.type=basic-auth
+blueprintsprocessor.restclient.aai-data.url=https://aai.onap:8443
+blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org
+blueprintsprocessor.restclient.aai-data.password=demo123456!
+
+# Kafka-message-lib Configuration
+blueprintsprocessor.messageclient.self-service-api.topic=cds-producer
+blueprintsprocessor.messageclient.self-service-api.type=kafka-basic-auth
+
+##ONAP Message Router Kafka Service##
+blueprintsprocessor.messageclient.self-service-api.bootstrapServers=message-router-kafka:9092
+
+blueprintsprocessor.messageclient.self-service-api.consumerTopic=cds-consumer
+blueprintsprocessor.messageclient.self-service-api.groupId=cds-consumer-group
+blueprintsprocessor.messageclient.self-service-api.clientId=cds-client
+blueprintsprocessor.messageclient.self-service-api.kafkaEnable=false
args:
- --container-name
- cds-db
+ {{- if .Values.dmaapEnabled }}
+ - --container-name
+ - message-router
+ {{ end }}
env:
- name: NAMESPACE
valueFrom:
{{ if .Values.liveness.enabled }}
livenessProbe:
httpGet:
- path: /api/v1/execution-service/ping
+ path: /api/v1/execution-service/health-check
port: {{ .Values.service.http.internalPort }}
httpHeaders:
- name: Authorization
{{ end }}
readinessProbe:
httpGet:
- path: /api/v1/execution-service/ping
+ path: /api/v1/execution-service/health-check
port: {{ .Values.service.http.internalPort }}
httpHeaders:
- name: Authorization
- mountPath: {{ .Values.config.appConfigDir }}/logback.xml
name: {{ include "common.fullname" . }}-config
subPath: logback.xml
+
+ - mountPath: {{ .Values.config.appConfigDir }}/ONAP_RootCA.cer
+ name: {{ include "common.fullname" . }}-config
+ subPath: ONAP_RootCA.cer
+
- mountPath: {{ .Values.persistence.deployedBlueprint }}
name: {{ include "common.fullname" . }}-blueprints
resources:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-blueprintsprocessor:0.4.5
+image: onap/ccsdk-blueprintsprocessor:0.5.1
pullPolicy: Always
# flag to enable debugging - application support required
affinity: {}
+# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using
+# custom kafka cluster.
+dmaapEnabled: true
+
# probe configuration parameters
liveness:
initialDelaySeconds: 120
internalPort: 9111
externalPort: 9111
-
persistence:
volumeReclaimPolicy: Retain
accessMode: ReadWriteMany
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-commandexecutor:0.4.5
+image: onap/ccsdk-commandexecutor:0.5.1
pullPolicy: Always
# application configuration
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
# Load Resource Source Mappings
-resourceSourceMappings=processor-db=source-processor-db,primary-db=source-processor-db,input=source-input,default=source-default,primary-config-data=source-rest,primary-aai-data=source-rest,capability=source-capability
+resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,config-data=source-rest,aai-data=source-rest,capability=source-capability
# Controller Blueprints Core Configuration
controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy
controllerblueprints.loadCbaExtension=zip
# Web server config
-server.port=8080
\ No newline at end of file
+server.port=8080
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-controllerblueprints:0.4.5
+image: onap/ccsdk-controllerblueprints:0.5.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-sdclistener:0.4.5
+image: onap/ccsdk-sdclistener:0.5.1
name: sdc-listener
pullPolicy: Always
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-cds-ui-server:0.4.5
+image: onap/ccsdk-cds-ui-server:0.5.1
pullPolicy: Always
# application configuration
busyboxImage: library/busybox:latest
# application image
-loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch-oss:6.6.2
+repository: nexus3.onap.org:10001
+image: onap/clamp-dashboard-elasticsearch:4.1.0
pullPolicy: Always
# flag to enable debugging - application support required
# The default locale. This locale can be used in certain circumstances to substitute any missing
# translations.
#i18n.defaultLocale: "en"
+
+## Search Guard
+#
+xpack.security.enabled: false
+elasticsearch.username: {{.Values.config.elasticUSR}}
+elasticsearch.password: {{.Values.config.elasticPWD}}
+
+searchguard.cookie.password: 123567818187654rwrwfsfshdhdhtegdhfzftdhncn
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-kibana:4.0.5
+image: onap/clamp-dashboard-kibana:4.1.0
pullPolicy: Always
# flag to enable debugging - application support required
config:
elasticsearchServiceName: cdash-es
elasticsearchPort: 9200
+ elasticUSR: kibanaserver
+ elasticPWD: kibanaserver
sslEnabled: true
sslPemCertFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.crt.pem
sslPemkeyFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.key.pem
elasticsearch {
codec => "json"
hosts => ["${elasticsearch_base_url}"]
+ user => ["${logstash_user}"]
+ password => ["${logstash_pwd}"]
index => "errors-%{+YYYY.MM.DD}"
doc_as_upsert => true
}
elasticsearch {
codec => "json"
hosts => ["${elasticsearch_base_url}"]
+ user => ["${logstash_user}"]
+ password => ["${logstash_pwd}"]
document_id => "%{requestID}"
index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop
doc_as_upsert => true
elasticsearch {
codec => "json"
hosts => ["${elasticsearch_base_url}"]
+ user => ["${logstash_user}"]
+ password => ["${logstash_pwd}"]
index => "events-%{+YYYY.MM.DD}" # creates daily indexes
doc_as_upsert => true
}
value: "{{ .Values.config.requestTopic }}"
- name: dmaap_base_url
value: {{ .Values.config.dmaapScheme }}://{{ .Values.config.dmaapHost }}.{{ include "common.namespace" . }}:{{ .Values.config.dmaapPort }}
+ - name: logstash_user
+ value: "{{ .Values.config.logstash_user }}"
+ - name: logstash_pwd
+ value: "{{ .Values.config.logstash_pwd }}"
- name: elasticsearch_base_url
value: "http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}"
ports:
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-logstash:4.0.5
+image: onap/clamp-dashboard-logstash:4.1.0
pullPolicy: Always
# flag to enable debugging - application support required
eventTopic: "DCAE-CL-EVENT"
notificationTopic: "POLICY-CL-MGT"
requestTopic: "APPC-CL"
+ logstash_user: "logstash"
+ logstash_pwd: "logstash"
# default number of instances
replicaCount: 1
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp:4.0.5
+image: onap/clamp:4.1.0
pullPolicy: Always
# flag to enable debugging - application support required
"clamp.config.sdc.serviceUsername": "clamp",
"clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",
"clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json",
- "clamp.config.dcae.inventory.url": "http://inventory.{{ include "common.namespace" . }}:8080",
+ "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080",
"clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
"clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
"clamp.config.dcae.deployment.userName": "none",
--- /dev/null
+{{- define "ingress.config.port" -}}
+{{- if .Values.ingress -}}
+{{- if .Values.ingress.service -}}
+{{- range .Values.ingress.service }}
+ - path: {{ .path }}
+ backend:
+ serviceName: {{ .name }}
+ servicePort: {{ .port }}
+{{- end }}
+{{- else -}}
+ - path: {{ printf "/%s" .Chart.Name }}
+ backend:
+ serviceName: {{ .Chart.Name }}
+ servicePort: {{ .Values.service.externalPort }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+
+{{- define "ingress.config.annotations" -}}
+{{- if .Values.ingress -}}
+{{- if .Values.ingress.annotations -}}
+{{ toYaml .Values.ingress.annotations | indent 4 | trim }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+
+{{- define "common.ingress" -}}
+{{- if .Values.ingress -}}
+{{- if .Values.ingress.enabled -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ include "common.fullname" . }}-ingress
+ annotations:
+ {{ include "ingress.config.annotations" . }}
+ labels:
+ app: {{ .Chart.Name }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ rules:
+ - http:
+ paths:
+ {{- include "ingress.config.port" . }}
+{{- if .Values.ingress.tls }}
+ tls:
+{{ toYaml .Values.ingress.tls | indent 4 }}
+ {{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-dgbuilder-image:0.4.4
+image: onap/ccsdk-dgbuilder-image:0.5.1
pullPolicy: Always
# flag to enable debugging - application support required
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Ansible AWX
+name: awx
+sources:
+ - https://github.com/ansible/awx
+version: 5.0.0
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+make-awx:
+ cd charts && helm dep up awx-postgres
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: A helm Chart for kubernetes-ONAP Robot
-name: robot
+description: Ansible AWX database
+name: awx-postgres
version: 5.0.0
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Bell Canada
#
-# This file is licensed under the CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
#
-# Full license text at https://creativecommons.org/licenses/by/4.0/legalcode
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
{{- end }}
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
+{{/*
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: extensions/v1beta1
kind: Deployment
spec:
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end }}
readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
+ exec:
+ command:
+ - /bin/sh
+ - -i
+ - -c
+ - psql -h 127.0.0.1 -U $POSTGRES_USER -q -d {{ .Values.config.postgresDB }}
+ -c 'SELECT 1'
+ initialDelaySeconds: 5
+ timeoutSeconds: 1
+ env:
+ - name: POSTGRES_USER
+ value: "{{ .Values.config.postgresUser }}"
+ - name: POSTGRES_PASSWORD
+ value: "{{ .Values.config.postgresPassword }}"
+ - name: POSTGRES_DB
+ value: "{{ .Values.config.postgresDB }}"
volumeMounts:
- - name: dshm
- mountPath: /dev/shm
- - name: localtime
- mountPath: /etc/localtime
+ - mountPath: /etc/localtime
+ name: localtime
readOnly: true
- - name: robot-eteshare
- mountPath: /share/config
- - name: robot-logs
- mountPath: /share/logs
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /var/lib/postgresql/data
resources:
-{{ include "common.resources" . }}
+{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
+{{ toYaml .Values.nodeSelector | indent 10 }}
{{- end -}}
{{- if .Values.affinity }}
affinity:
-{{ toYaml .Values.affinity | indent 8 }}
+{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- {{- if .Values.persistence.enabled }}
- - name: robot-logs
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- - name: dshm
- emptyDir:
- medium: Memory
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: robot-eteshare
- configMap:
- name: {{ include "common.fullname" . }}-eteshare-configmap
- defaultMode: 0755
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ {{- if .Values.persistence.enabled }}
+ - name: {{ include "common.fullname" . }}-data
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if not .Values.persistence.storageClass -}}
kind: PersistentVolume
apiVersion: v1
metadata:
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
\ No newline at end of file
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
heritage: "{{ .Release.Service }}"
{{- if .Values.persistence.annotations }}
annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
+{{- if not .Values.persistence.storageClass }}
selector:
matchLabels:
name: {{ include "common.fullname" . }}
+{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
-# Copyright © 2017 Amdocs, Bell Canada
+{{/*
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: Service
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName | default "http" }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
\ No newline at end of file
+ release: {{ .Release.Name }}
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for mariadb.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global: # global defaults
+ nodePortPrefixExt: 304
+ persistence: {}
+
+# application image
+repository: docker.io
+image: postgres:10.4-alpine
+pullPolicy: Always
+
+# application configuration
+config:
+ postgresUser: awx
+ postgresPassword: awx
+ postgresDB: awx
+
+ingress:
+ enabled: false
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+ volumeReclaimPolicy: Retain
+
+ # Uncomment the storageClass parameter to use an existing PV
+ # that will match the following class.
+ # When uncomment the storageClass, the PV is not created anymore.
+
+ # storageClass: "nfs-dev-sc"
+
+ accessMode: ReadWriteMany
+ size: 1Gi
+
+ # When using storage class, mountPath and mountSubPath are
+ # simply ignored.
+
+ mountPath: /dockerdata-nfs
+ mountSubPath: awx/pgdata
+
+service:
+ type: ClusterIP
+ name: awx-postgresql
+ portName: awx-postgresql
+ internalPort: 5432
+ externalPort: 5432
+
+resources: {}
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Ansible AWX application
+name: awx
+version: 5.0.0
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+DATABASES = {
+ 'default': {
+ 'ATOMIC_REQUESTS': True,
+ 'ENGINE': 'awx.main.db.profiled_pg',
+ 'NAME': "{{ .Values.config.postgresDB }}",
+ 'USER': "{{ .Values.config.postgresUser }}",
+ 'PASSWORD': "{{ .Values.config.postgresPassword }}",
+ 'HOST': "awx-postgresql",
+ 'PORT': "5432",
+ }
+}
+BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format(
+ "{{ .Values.config.rabbitmqUser }}",
+ "{{ .Values.config.rabbitmqPassword }}",
+ "localhost",
+ "5672",
+ "{{ .Values.config.rabbitmqVhost }}")
+CHANNEL_LAYERS = {
+ 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer',
+ 'ROUTING': 'awx.main.routing.channel_routing',
+ 'CONFIG': {'url': BROKER_URL}}
+}
\ No newline at end of file
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+DATABASE_USER={{ .Values.config.postgresUser }}
+DATABASE_NAME={{ .Values.config.postgresDB }}
+DATABASE_HOST=awx-postgresql
+DATABASE_PORT=5432
+DATABASE_PASSWORD={{ .Values.config.postgresPassword }}
+MEMCACHED_HOST=localhost
+RABBITMQ_HOST=localhost
+AWX_ADMIN_USER={{ .Values.config.awxAdminUser }}
+AWX_ADMIN_PASSWORD={{ .Values.config.awxAdminPassword }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-init-mgnt
+ namespace: {{ include "common.namespace" . }}
+data:
+ entrypoint: |
+ #/bin/sh
+
+ awx-manage migrate --noinput
+ if [[ `echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell` > 0 ]]
+ then
+ echo 'from django.contrib.auth.models import User; User.objects.create_superuser('{{ .Values.config.awxAdminUser }}', '{{ .Values.config.awxAdminEmail }}', '{{ .Values.config.awxAdminPassword }}')' | awx-manage shell
+ awx-manage update_password --username='{{ .Values.config.awxAdminUser }}' --password='{{ .Values.config.awxAdminPassword }}'
+ fi
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-settings
+ namespace: {{ include "common.namespace" . }}
+data:
+ awx_settings: |
+ import os
+ import socket
+ ADMINS = ()
+
+ AWX_PROOT_ENABLED = True
+
+ # Automatically deprovision pods that go offline
+ AWX_AUTO_DEPROVISION_INSTANCES = True
+
+ SYSTEM_TASK_ABS_CPU = 6
+ SYSTEM_TASK_ABS_MEM = 20
+
+ INSIGHTS_URL_BASE = "https://example.org"
+
+ #Autoprovisioning should replace this
+ CLUSTER_HOST_ID = socket.gethostname()
+ SYSTEM_UUID = '00000000-0000-0000-0000-000000000000'
+
+ SESSION_COOKIE_SECURE = False
+ CSRF_COOKIE_SECURE = False
+
+ REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR']
+
+ STATIC_ROOT = '/var/lib/awx/public/static'
+ PROJECTS_ROOT = '/var/lib/awx/projects'
+ JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
+ SECRET_KEY = open('/etc/tower/SECRET_KEY', 'rb').read().strip()
+ ALLOWED_HOSTS = ['*']
+ INTERNAL_API_URL = 'http://127.0.0.1:8052'
+ SERVER_EMAIL = 'root@localhost'
+ DEFAULT_FROM_EMAIL = 'webmaster@localhost'
+ EMAIL_SUBJECT_PREFIX = '[AWX] '
+ EMAIL_HOST = 'localhost'
+ EMAIL_PORT = 25
+ EMAIL_HOST_USER = ''
+ EMAIL_HOST_PASSWORD = ''
+ EMAIL_USE_TLS = False
+
+ LOGGING['handlers']['console'] = {
+ '()': 'logging.StreamHandler',
+ 'level': 'DEBUG',
+ 'formatter': 'simple',
+ }
+
+ LOGGING['loggers']['django.request']['handlers'] = ['console']
+ LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
+ LOGGING['loggers']['awx']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console']
+ LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console']
+ LOGGING['loggers']['social']['handlers'] = ['console']
+ LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console']
+ LOGGING['loggers']['rbac_migrations']['handlers'] = ['console']
+ LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console']
+ LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}
+
+ CACHES = {
+ 'default': {
+ 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
+ 'LOCATION': '{}:{}'.format("localhost", "11211")
+ },
+ 'ephemeral': {
+ 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
+ },
+ }
+
+ USE_X_FORWARDED_PORT = True
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rabbitmq
+ namespace: {{ include "common.namespace" . }}
+data:
+ enabled_plugins: |
+ [rabbitmq_management,rabbitmq_peer_discovery_k8s].
+ rabbitmq.conf: |
+ ## Clustering
+ management.load_definitions = /etc/rabbitmq/rabbitmq_definitions.json
+ cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
+ cluster_formation.k8s.host = kubernetes.default.svc
+ cluster_formation.k8s.address_type = ip
+ cluster_formation.node_cleanup.interval = 10
+ cluster_formation.node_cleanup.only_log_warning = false
+ cluster_partition_handling = autoheal
+ ## queue master locator
+ queue_master_locator=min-masters
+ ## enable guest user
+ loopback_users.guest = false
+ rabbitmq_definitions.json: |
+ {
+ "users":[{"name": "{{ .Values.config.rabbitmqUser }}", "password": "{{ .Values.config.rabbitmqPassword }}", "tags": ""}],
+ "permissions":[
+ {"user":"{{ .Values.config.rabbitmqUser }}","vhost":"{{ .Values.config.rabbitmqVhost }}","configure":".*","write":".*","read":".*"}
+ ],
+ "vhosts":[{"name":"{{ .Values.config.rabbitmqVhost }}"}],
+ "policies":[
+ {"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}}
+ ]
+ }
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 5
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-mgnt
+ release: {{ .Release.Name }}
+ spec:
+ serviceAccount: {{ include "common.fullname" . }}
+ serviceAccountName: {{ include "common.fullname" . }}
+ restartPolicy: Never
+ initContainers:
+ - name: {{ include "common.name" . }}-init-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - awx-postgres
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - command: ["/bin/sh","-c"]
+ args: ["/etc/tower/job-entrypoint.sh"]
+ image: "{{ .Values.repository }}/{{ .Values.image.task }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-mgnt
+ resources:
+ requests:
+ cpu: 1500m
+ memory: 2Gi
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /etc/tower/job-entrypoint.sh
+ name: awx-mgnt
+ readOnly: true
+ subPath: job-entrypoint.py
+ - mountPath: /etc/tower/settings.py
+ name: awx-application-config
+ readOnly: true
+ subPath: settings.py
+ - mountPath: /etc/tower/conf.d/
+ name: awx-application-credentials
+ readOnly: true
+ - mountPath: /etc/tower/SECRET_KEY
+ name: awx-secret-key
+ readOnly: true
+ subPath: SECRET_KEY
+
+ volumes:
+ - configMap:
+ defaultMode: 0777
+ items:
+ - key: entrypoint
+ path: job-entrypoint.py
+ name: {{ include "common.fullname" . }}-init-mgnt
+ name: awx-mgnt
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: awx_settings
+ path: settings.py
+ name: {{ include "common.fullname" . }}-settings
+ name: awx-application-config
+ - name: awx-application-credentials
+ secret:
+ defaultMode: 420
+ items:
+ - key: credentials_py
+ path: credentials.py
+ - key: environment_sh
+ path: environment.sh
+ secretName: {{ include "common.fullname" . }}-secrets
+ - name: awx-secret-key
+ secret:
+ defaultMode: 420
+ items:
+ - key: secret_key
+ path: SECRET_KEY
+ secretName: {{ include "common.fullname" . }}-secrets
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: rabbitmq.conf
+ path: rabbitmq.conf
+ - key: enabled_plugins
+ path: enabled_plugins
+ - key: rabbitmq_definitions.json
+ path: rabbitmq_definitions.json
+ name: {{ include "common.fullname" . }}-rabbitmq
+ name: rabbitmq-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
-# Copyright © 2017 Amdocs, Bell Canada
+{{/*
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+*/}}
apiVersion: v1
-kind: ConfigMap
+kind: Secret
+type: Opaque
metadata:
- name: {{ include "common.fullname" . }}-eteshare-configmap
+ name: {{ include "common.fullname" . }}-secrets
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/eteshare/config/*").AsConfig . | indent 2 }}
+ credentials_py: {{ tpl (.Files.Get "resources/config/credentials.py") . | b64enc }}
+ environment_sh: {{ tpl (.Files.Get "resources/config/environment.sh") . | b64enc }}
+ rabbitmq_erlang_cookie: {{ .Values.config.rabbitmqErlangCookie | b64enc | quote }}
+ secret_key: {{ .Values.config.secretKey | b64enc | quote }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-rmq-mgmt
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.rmqmgmt.type }}
+ ports:
+ - port: {{ .Values.service.rmqmgmt.externalPort }}
+ targetPort: {{ .Values.service.rmqmgmt.internalPort }}
+ name: {{ .Values.service.rmqmgmt.portName }}
+ selector:
+ app: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-web
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.web.type }}
+ ports:
+ - port: {{ .Values.service.web.externalPort }}
+ targetPort: {{ .Values.service.web.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }}
+ name: {{ .Values.service.web.portName }}
+ selector:
+ app: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-rabbitmq
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ type: LoadBalancer
+spec:
+ type: {{ .Values.service.rabbitmq.type }}
+ ports:
+ - port: {{ .Values.service.rabbitmq.http.externalPort }}
+ targetPort: {{ .Values.service.rabbitmq.http.internalPort }}
+ name: {{ .Values.service.rabbitmq.http.portName }}
+ - port: {{ .Values.service.rabbitmq.amqp.externalPort }}
+ targetPort: {{ .Values.service.rabbitmq.amqp.internalPort }}
+ name: {{ .Values.service.rabbitmq.amqp.portName }}
+ selector:
+ app: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: {{ include "common.fullname" . }}-endpoint-reader
+ namespace: {{ include "common.namespace" . }}
+rules:
+- apiGroups: ["", "extensions", "apps", "batch"]
+ resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"]
+ verbs: ["get", "list"]
+---
+apiVersion: v1
+items:
+- apiVersion: rbac.authorization.k8s.io/v1
+ kind: RoleBinding
+ metadata:
+ name: {{ include "common.fullname" . }}-endpoint-reader
+ namespace: {{ include "common.namespace" . }}
+ roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: {{ include "common.fullname" . }}-endpoint-reader
+ subjects:
+ - kind: ServiceAccount
+ name: {{ include "common.fullname" . }}
+kind: List
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ podManagementPolicy: OrderedReady
+ replicas: {{ .Values.replicaCount }}
+ serviceName: {{ include "common.fullname" . }}
+ selector:
+ matchLabels:
+ app: {{ include "common.fullname" . }}
+ name: {{ include "common.name" . }}-web-deploy
+ service: django
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.fullname" . }}
+ name: {{ include "common.name" . }}-web-deploy
+ release: {{ .Release.Name }}
+ service: django
+ spec:
+
+ initContainers:
+ - name: {{ include "common.name" . }}-init-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ include "common.name" . }}-mgnt
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+
+ containers:
+
+ - image: "{{ .Values.repository }}/{{ .Values.image.web }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-web
+ ports:
+ - containerPort: {{ .Values.service.web.internalPort }}
+ protocol: TCP
+ resources:
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ volumeMounts:
+ - mountPath: /etc/tower/settings.py
+ name: awx-application-config
+ readOnly: true
+ subPath: settings.py
+ - mountPath: /etc/tower/conf.d/
+ name: awx-application-credentials
+ readOnly: true
+ - mountPath: /etc/tower/SECRET_KEY
+ name: awx-secret-key
+ readOnly: true
+ subPath: SECRET_KEY
+ - command: ["/bin/sh","-c"]
+ args: ["/usr/bin/launch_awx_task.sh"]
+ env:
+ - name: AWX_SKIP_MIGRATIONS
+ value: "1"
+
+ image: "{{ .Values.repository }}/{{ .Values.image.task }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-celery
+ resources:
+ requests:
+ cpu: 1500m
+ memory: 2Gi
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /etc/tower/settings.py
+ name: awx-application-config
+ readOnly: true
+ subPath: settings.py
+ - mountPath: /etc/tower/conf.d/
+ name: awx-application-credentials
+ readOnly: true
+ - mountPath: /etc/tower/SECRET_KEY
+ name: awx-secret-key
+ readOnly: true
+ subPath: SECRET_KEY
+ - env:
+ - name: MY_POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: RABBITMQ_USE_LONGNAME
+ value: "true"
+ - name: RABBITMQ_NODENAME
+ value: rabbit@$(MY_POD_IP)
+ - name: RABBITMQ_ERLANG_COOKIE
+ valueFrom:
+ secretKeyRef:
+ key: rabbitmq_erlang_cookie
+ name: {{ include "common.fullname" . }}-secrets
+ - name: K8S_SERVICE_NAME
+ value: {{ include "common.servicename" . }}-rabbitmq
+
+ image: "{{ .Values.repository }}/{{ .Values.image.rabbitmq }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-rabbit
+ livenessProbe:
+ exec:
+ command:
+ - rabbitmqctl
+ - status
+ failureThreshold: 3
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: 1
+ timeoutSeconds: 10
+ ports:
+ - containerPort: {{ .Values.service.rabbitmq.http.internalPort }}
+ name: {{ .Values.service.rabbitmq.http.portName }}
+ protocol: TCP
+ - containerPort: {{ .Values.service.rabbitmq.amqp.internalPort }}
+ name: {{ .Values.service.rabbitmq.amqp.portName }}
+ protocol: TCP
+ readinessProbe:
+ exec:
+ command:
+ - rabbitmqctl
+ - status
+ failureThreshold: 3
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: 1
+ timeoutSeconds: 10
+ resources:
+ requests:
+ cpu: 500m
+ memory: 2Gi
+ volumeMounts:
+ - mountPath: /etc/rabbitmq
+ name: rabbitmq-config
+
+ - image: "{{ .Values.image.memcached }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-memcached
+ resources:
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ serviceAccount: {{ include "common.fullname" . }}
+ serviceAccountName: {{ include "common.fullname" . }}
+ volumes:
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: awx_settings
+ path: settings.py
+ name: {{ include "common.fullname" . }}-settings
+ name: awx-application-config
+ - name: awx-application-credentials
+ secret:
+ defaultMode: 420
+ items:
+ - key: credentials_py
+ path: credentials.py
+ - key: environment_sh
+ path: environment.sh
+ secretName: {{ include "common.fullname" . }}-secrets
+ - name: awx-secret-key
+ secret:
+ defaultMode: 420
+ items:
+ - key: secret_key
+ path: SECRET_KEY
+ secretName: {{ include "common.fullname" . }}-secrets
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: rabbitmq.conf
+ path: rabbitmq.conf
+ - key: enabled_plugins
+ path: enabled_plugins
+ - key: rabbitmq_definitions.json
+ path: rabbitmq_definitions.json
+ name: {{ include "common.fullname" . }}-rabbitmq
+ name: rabbitmq-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for mariadb.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global: # global defaults
+ nodePortPrefixExt: 304
+ persistence: {}
+
+# application image
+repository: ansible
+image:
+ web: awx_web:latest
+ task: awx_task:latest
+ rabbitmq: awx_rabbitmq:3.7.4
+ memcached: memcached:latest
+pullPolicy: Always
+
+# application configuration
+config:
+ postgresUser: awx
+ postgresPassword: awx
+ postgresDB: awx
+# RabbitMQ Configuration
+ rabbitmqUser: awx
+ rabbitmqPassword: awxpass
+ rabbitmqVhost: awx
+ rabbitmqErlangCookie: cookiemonster3
+# This will create or update a default admin (superuser) account in AWX, if not provided
+# then these default values are used
+ awxAdminUser: admin
+ awxAdminPassword: password
+ awxAdminEmail: cds@onap.org
+# AWX Secret key
+# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt
+# your credentials
+ secretKey: awxsecret
+
+ingress:
+ enabled: false
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ enabled: true
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+ volumeReclaimPolicy: Retain
+
+ # Uncomment the storageClass parameter to use an existing PV
+ # that will match the following class.
+ # When uncomment the storageClass, the PV is not created anymore.
+
+ # storageClass: "nfs-dev-sc"
+
+ accessMode: ReadWriteMany
+ size: 5Gi
+
+ # When using storage class, mountPath and mountSubPath are
+ # simply ignored.
+
+ mountPath: /dockerdata-nfs
+ mountSubPath: awx/pgdata
+
+service:
+ rmqmgmt:
+ type: ClusterIP
+ portName: rmqmgmt
+ internalPort: 15672
+ externalPort: 15672
+ web:
+ type: NodePort
+ portName: web
+ internalPort: 8052
+ externalPort: 80
+ nodePort: 78
+ rabbitmq:
+ type: ClusterIP
+ http:
+ portName: http
+ internalPort: 15672
+ externalPort: 15672
+ amqp:
+ portName: amqp
+ internalPort: 5672
+ externalPort: 5672
+
+resources: {}
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
--- /dev/null
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefixExt: 304
+ commonConfigPrefix: awx
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: hub.docker.io
+pullPolicy: Always
+
+# default number of instances
+replicaCount: 1
+nodeSelector: {}
+affinity: {}
+
+ingress:
+ enabled: false
+
+resources: {}
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+awx:
+ enabled: true
netbox:
enabled: true
\ No newline at end of file
-make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler
+make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard
make-dcae-bootstrap:
cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
make-dcae-policy-handler:
cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
+
+make-dcae-dashboard:
+ cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
\ No newline at end of file
--- /dev/null
+{
+ "dmaap": {
+ "username": "notused",
+ "password": "doesnotmatter",
+ "owner": "dcaecm",
+ "protocol": "http"
+ }
+}
\ No newline at end of file
"tls":
{
"cert_path": "/opt/tls/shared",
- "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}"
+ "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}",
+ "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem",
+ "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert"
}
}
database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}
database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }}
database_name: "dashboard_pg"
-cloudify_ip: {{ .Values.config.address.cm }}
+cloudify_ip: {{ .Values.config.address.cm.host }}
cloudify_user: "admin"
cloudify_password: "admin"
consul_url: {{ .Values.config.address.consul_ui }}
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/inputs/*").AsConfig . | indent 2 }}
-
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dcae-cacert
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }}
fieldRef:\r
apiVersion: v1\r
fieldPath: metadata.namespace\r
+ - name: init-tls\r
+ env:\r
+ - name: POD_IP\r
+ valueFrom:\r
+ fieldRef:\r
+ apiVersion: v1\r
+ fieldPath: status.podIP\r
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}\r
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}\r
+ resources: {}\r
+ volumeMounts:\r
+ - mountPath: /opt/tls/shared\r
+ name: tls-info\r
containers:\r
- name: {{ include "common.name" . }}\r
image: "{{ include "common.repository" . }}/{{ .Values.image }}"\r
- mountPath: /etc/localtime\r
name: localtime\r
readOnly: true\r
+ - mountPath: /certs\r
+ name: tls-info\r
+ readOnly: true\r
env:\r
- name: CMADDR\r
- value: {{ .Values.config.address.cm }}\r
+ value: {{ .Values.config.address.cm.host }}\r
- name: CMPASS\r
valueFrom:\r
secretKeyRef:\r
name: {{ include "common.name" . }}-cmpass\r
key: password\r
+ - name: CMPROTO\r
+ value: {{ .Values.config.address.cm.proto }}\r
+ - name: CMPORT\r
+ value: !!string {{ .Values.config.address.cm.port }}\r
- name: CONSUL\r
value: {{ .Values.config.address.consul.host }}:{{ .Values.config.address.consul.port }}\r
- name: DCAE_NAMESPACE\r
- name: localtime\r
hostPath:\r
path: /etc/localtime\r
+ - name: tls-info\r
+ emptyDir: {}\r
imagePullSecrets:\r
- name: "{{ include "common.namespace" . }}-docker-registry-key"\r
host: consul-server
port: 8500
consul_ui: consul-server-ui
- cm: dcae-cloudify-manager
+ cm:
+ host: dcae-cloudify-manager
+ port: 443
+ proto: https
+ #Temporary assignment to avoid conflict
+ #To be removed after bootstrap changes done to remove dashboard
dashboard:
- port: 30418
- portSecure: 30419
+ port: 30473
+ portSecure: 30474
datafile_collector:
port: 30223
portSecure: 30262
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.18
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.6.2
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ # host alias allows local 'cfy' command to use https and match
+ # the host name in the certificate
+ hostAliases:
+ - ip: "127.0.0.1"
+ hostnames:
+ - "dcae-cloudify-manager"
initContainers:
- name: {{ include "common.name" . }}-multisite-init
image: {{ include "common.repository" . }}/{{ .Values.multisiteInitImage }}
- --configmap
- {{ .Values.multisiteConfigMapName }}
restartPolicy: Never
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: REQUESTS_CA_BUNDLE
+ value: "/opt/onap/certs/cacert.pem"
resources:
{{ include "common.resources" . | indent 12 }}
ports:
readOnly: true
- mountPath: /cfy-persist
name: cm-persistent
+ - mountPath: /opt/onap/certs
+ name: tls-info
securityContext:
privileged: True
volumes:
- name: cm-persistent
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-data
+ - emptyDir: {}
+ name: tls-info
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.cm-container:1.6.2
+image: onap/org.onap.dcaegen2.deployments.cm-container:2.0.2
pullPolicy: Always
# name of shared ConfigMap with kubeconfig for multiple clusters
service:
type: ClusterIP
name: dcae-cloudify-manager
- externalPort: 80
- internalPort: 80
+ externalPort: 443
+ internalPort: 443
# Resource Limit flavor -By Default using small
flavor: small
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.service.secure.enabled }}
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
+ {{ end }}
containers:
+ {{- if .Values.service.secure.enabled }}
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
resources:
{{ include "common.resources" . | indent 12 }}
ports:
- - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.secure.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.secure.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
httpGet:
+ scheme: "HTTPS"
path: {{ .Values.readiness.path }}
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.secure.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- name: {{ include "common.fullname" . }}-logs
mountPath: /opt/logs
+ - name: tls-info
+ mountPath: /opt/tls
env:
- name: CONSUL_HOST
value: consul.{{ include "common.namespace" . }}
-
+ - name: USE_HTTPS
+ value: "1"
+ - name: HTTPS_CERT_PATH
+ value: "/opt/tls/cert.pem"
+ - name: HTTPS_KEY_PATH
+ value: "/opt/tls/key.pem"
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
+ {{ end }}
+ {{- if .Values.service.insecure.enabled }}
+ - name: {{ include "common.name" . }}-insecure
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.insecure.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.insecure.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ httpGet:
+ scheme: "HTTP"
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.insecure.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs-insecure
+ mountPath: /opt/logs
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ - name: {{ include "common.name" . }}-filebeat-onap-insecure
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat-insecure
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs-insecure
+ mountPath: /var/log/onap
+ {{ end }}
volumes:
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ .Release.Name }}-cbs-filebeat-configmap
+ {{- if .Values.service.secure.enabled }}
- name: {{ include "common.fullname" . }}-data-filebeat
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ - name: tls-info
+ emptyDir: {}
+ {{ end }}
+ {{- if .Values.service.insecure.enabled }}
+ - name: {{ include "common.fullname" . }}-data-filebeat-insecure
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs-insecure
+ emptyDir: {}
+ {{ end }}
+
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
spec:
type: {{ .Values.service.type }}
ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ {{ if eq .Values.service.type "NodePort" -}}
+ {{ if .Values.service.insecure.enabled -}}
+ - port: {{ .Values.service.insecure.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.insecure.nodePort }}
+ name: {{ .Values.service.name }}-insecure
+ {{- end }}
+ {{ if .Values.service.secure.enabled -}}
+ - port: {{ .Values.service.secure.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.secure.nodePort }}
+ name: {{ .Values.service.name }}-secure
+ {{- end }}
{{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- {{- end}}
+ {{ if .Values.service.insecure.enabled -}}
+ - port: {{ .Values.service.insecure.externalPort }}
+ targetPort: {{ .Values.service.insecure.internalPort }}
+ name: {{ .Values.service.name }}-insecure
+ {{- end }}
+ {{ if .Values.service.secure.enabled -}}
+ - port: {{ .Values.service.secure.externalPort }}
+ targetPort: {{ .Values.service.secure.internalPort }}
+ name: {{ .Values.service.name }}-secure
+ {{- end }}
+ {{- end }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
-
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3
repositoryCred:
user: docker
password: docker
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.3.0
+image: onap/org.onap.dcaegen2.platform.configbinding:2.5.1
pullPolicy: Always
# probe configuration parameters
service:
type: NodePort
name: config-binding-service
- externalPort: 10000
- internalPort: 10000
- nodePort: 15
+ # TLS service
+ secure:
+ enabled: true
+ externalPort: 10443
+ internalPort: 10443
+ nodePort: 14
+ # Non-TLS service
+ insecure:
+ enabled: true
+ externalPort: 10000
+ internalPort: 10000
+ nodePort: 15
# Resource Limit flavor -By Default using small
flavor: small
.project
.idea/
*.tmproj
+.vscode/
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: DCAE Dashboard
+name: dcae-dashboard
+version: 5.0.0
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
version: ~5.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
\ No newline at end of file
+ repository: '@local'
+ - name: postgres
+ version: ~5.x-0
+ repository: '@local'
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{include "common.fullname" . }}-filebeat-configmap
+ namespace: {{include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - dcae-cloudify-manager
+ - --container-name
+ - consul-server
+ - --container-name
+ - dcae-inventory-api
+ - --container-name
+ - dcae-deployment-handler
+ - --container-name
+ - {{ .Values.postgres.nameOverride }}
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ protocol: TCP
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ scheme: {{ .Values.readiness.scheme }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ failureThreshold: 1
+ successThreshold: 1
+ timeoutSeconds: 1
+ volumeMounts:
+ - mountPath: /usr/local/share/ca-certificates/
+ name: tls-info
+ env:
+ - name: CONSUL_HOST
+ value: consul-server.{{ include "common.namespace" . }}
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: inventory_url
+ value: {{ .Values.config.inventory_url }}
+ - name: postgres_port
+ value: "{{ .Values.postgres.config.pgPort }}"
+ - name: cloudify_password
+ value: admin
+ - name: dhandler_url
+ value: {{ .Values.config.dhandler_url }}
+ - name: cfy_url
+ value: {{ .Values.config.cfy_url }}
+ - name: cloudify_user
+ value: admin
+ - name: consul_url
+ value: http://consul-server-ui:8500
+ - name: postgres_user_dashboard
+ value: {{ .Values.postgres.config.pgUserName }}
+ - name: postgres_db_name
+ value: {{ .Values.postgres.config.pgDatabase }}
+ - name: postgres_password_dashboard
+ value: {{ .Values.postgres.config.pgUserPassword }}
+ - name: postgres_ip
+ value: {{ .Values.postgres.service.name2 }}
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: {{ include "common.name" . }}-filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+ imagePullPolicy: IfNotPresent
+ resources: {}
+ volumeMounts:
+ - mountPath: /var/log/onap/dashboard
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ volumes:
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ - emptyDir: {}
+ name: tls-info
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefixExt: 304
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ dhandler_url: https://deployment-handler:8443
+ cfy_url: https://dcae-cloudify-manager/api/v3.1
+ inventory_url: https://inventory:8080
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /ccsdk-app/health
+ scheme: HTTP
+
+service:
+ type: NodePort
+ name: dashboard
+ externalPort: 8080
+ internalPort: 8080
+ nodePort: 18
+# application configuration override for postgres
+postgres:
+ nameOverride: dcae-dashboard-pg
+ service:
+ name: dcae-dashboard-postgres
+ name2: dcae-dashboard-pg-primary
+ name3: dcae-dashboard-pg-replica
+ container:
+ name:
+ primary: dcae-dashboard-pg-primary
+ replica: dcae-dashboard-pg-replica
+ config:
+ pgUserName: dashboard_pg_admin
+ pgDatabase: dashboard_pg_db_common
+ pgPrimaryPassword: onapdemodb
+ pgUserPassword: onapdemodb
+ pgRootPassword: onapdemodb
+ pgPort: "5432"
+ persistence:
+ mountSubPath: dcae-dashboard/data
+ mountInitPath: dcae-dashboard
+ pgpool:
+ nameOverride: dcae-dashboard-pgpool
+ service:
+ name: dcae-dashboard-pgpool
+ credentials:
+ pgusername: dcae_dashboard
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dcae-dashboard-pgpool-primary
+ replica: dcae-dashboard-pgpool-replica
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
+
{
"cloudify": {
- "protocol": "http"
+ "protocol": "https"
},
"inventory": {
- "protocol": "http"
+ "protocol": "https"
}
-}
\ No newline at end of file
+}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
args:
- --service
- - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|80"
+ - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|443"
- --service
- "inventory|inventory.{{ include "common.namespace" . }}|8080"
- --key
value: admin
- name: CONFIG_BINDING_SERVICE
value: config-binding-service
+ - name: NODE_EXTRA_CA_CERTS
+ value: /opt/app/dh/etc/cert/cacert.pem
- name: POD_IP
valueFrom:
fieldRef:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.platform.deployment-handler:4.0.1
+image: onap/org.onap.dcaegen2.platform.deployment-handler:4.2.0
pullPolicy: Always
# probe configuration parameters
periodSeconds: 10
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.5
# Resource Limit flavor -By Default using small
flavor: small
"gzipEnabledForRequests": false,
"timeout": "5000milliseconds",
"connectionTimeout": "5000milliseconds"
+ },
+ "server": {
+ "applicationConnectors": [{
+ "type": "https",
+ "port": 8080,
+ "keyStorePath": "/opt/cert/cert.jks",
+ "keyStorePassword": "hD:!w:CxF]lGvM6Mz9l^j[7U",
+ "keyStoreType": "JKS"
+ }]
}
- }
\ No newline at end of file
+ }
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
httpGet:
path: {{ .Values.readiness.path }}
port: {{ .Values.service.internalPort }}
+ scheme: {{ .Values.readiness.scheme }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- name: {{ include "common.fullname" . }}-inv-config
mountPath: /opt/config.json
subPath: config.json
+ - mountPath: /opt/cert/
+ name: tls-info
env:
- name: CONSUL_HOST
value: consul.{{ include "common.namespace" . }}
- name: {{ include "common.fullname" . }}-inv-config
configMap:
name: {{ include "common.fullname" . }}-configmap
+ - emptyDir: {}
+ name: tls-info
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3
repositoryCred:
user: docker
password: docker
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.platform.inventory-api:3.2.0
+image: onap/org.onap.dcaegen2.platform.inventory-api:3.4.0
pullPolicy: Always
initialDelaySeconds: 30
periodSeconds: 30
path: /dcae-service-types
+ scheme: HTTPS
service:
type: ClusterIP
"isFilterInEmptyResources": false
},
"dcaeInventoryClient": {
- "uri": "http://inventory:8080"
+ "uri": "https://inventory:8080"
}
}
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["java"]
- args:
- - "-jar"
- - "/opt/servicechange-handler.jar"
- - "prod"
- - "/opt/config.json"
resources:
{{ include "common.resources" . | indent 12 }}
# disable liveness probe when breakpoints set in debugger
- name: {{ include "common.fullname" . }}-sch-config
mountPath: /opt/config.json
subPath: config.json
+ # NOTE: This is tied to the PATH_TO_CACERT env variable
+ - mountPath: /opt/cert/
+ name: tls-info
env:
- name: CONSUL_HOST
value: consul.{{ include "common.namespace" . }}
+ - name: PATH_TO_CACERT
+ value: "/opt/cert/cacert.pem"
+ - name: SCH_ARGS
+ value: "prod /opt/config.json"
volumes:
- name: {{ include "common.fullname" . }}-sch-config
configMap:
name: {{ include "common.fullname" . }}-configmap
+ - emptyDir: {}
+ name: tls-info
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3
repositoryCred:
user: docker
password: docker
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5
+image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.3.2
pullPolicy: Always
+++ /dev/null
-#!/bin/sh
-
-dr_prov_url="{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.internalPort2}}"
-ct_header="Content-Type:application/vnd.dmaap-dr.feed"
-obo_header="X-DMAAP-DR-ON-BEHALF-OF:dradmin"
-feed_payload=/opt/app/datartr/etc/dedicatedFeed.json
-
-sleep 20
-
-if curl -k https://${dr_prov_url}/internal/prov | awk 'BEGIN{ORS=""} {print}' | egrep "\"feeds\":\s+\[\]"; then
- curl -X POST -H ${ct_header} -H ${obo_header} --data-ascii @${feed_payload} --post301 --location-trusted -k https://${dr_prov_url};
-else
- echo "NO feed creation required";
-fi
+++ /dev/null
-{
- "name": "Default PM Feed",
- "version": "m1.0",
- "description": "Default feed provisioned for PM File collector",
- "business_description": "Default Feed",
- "suspend": false,
- "deleted": false,
- "changeowner": true,
- "authorization": {
- "classification": "unclassified",
- "endpoint_addrs": [],
- "endpoint_ids": [
- {
- "password": "dradmin",
- "id": "dradmin"
- }]
- }
-}
\ No newline at end of file
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
+# dmaap-dr-node filebeat.yml
filebeat.prospectors:
#it is mandatory, in our case it's log
- input_type: log
- /var/log/onap/*/*/*/*.log
- /var/log/onap/*/*/*.log
- /var/log/onap/*/*.log
- - /opt/app/datartr/logs/*.log
#Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
ignore_older: 48h
# Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
#List of logstash server ip addresses with port number.
#But, in our case, this will be the loadbalancer IP address.
#For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ hosts: ["{{.Values.global.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.global.logstashPort}}"]
#If enable will do load balancing among available Logstash, automatically.
loadbalance: true
SPDX-License-Identifier: Apache-2.0
============LICENSE_END=========================================================
-->
-<configuration scan="true" scanPeriod="3 seconds" debug="true">
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
- <property name="generalLogName" value="apicalls" />
- <property name="errorLogName" value="errors" />
- <property name="jettyAndNodeLogName" value="node"/>
+ <property name="logDir" value="/var/log/onap/datarouter" />
+ <!-- log file names -->
+ <property name="auditLog" value="audit" />
+ <property name="errorLog" value="error" />
+ <property name="debugLog" value="debug" />
+ <property name="metricsLog" value="metrics" />
+ <property name="jettyLog" value="jetty" />
- <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" />
- <property name="jettyAndNodeLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" />
- <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" />
-
- <property name="logDirectory" value="/opt/app/datartr/logs" />
+ <!-- log file names -->
+ <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}%n|%msg%n" />
+ <property name="logDirectory" value="${logDir}" />
+ <!-- Example evaluator filter applied against console appender -->
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>${defaultPattern}</pattern>
<!-- EELF Appenders -->
<!-- ============================================================================ -->
- <appender name="EELF"
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+
+ <appender name="Audit"
class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
+ <file>${logDirectory}/${auditLog}.log</file>
+ <filter class="org.onap.dmaap.datarouter.node.eelf.AuditFilter">
</filter>
<rollingPolicy
class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip
+ <fileNamePattern>${logDirectory}/${auditLog}.%i.log.zip
</fileNamePattern>
<minIndex>1</minIndex>
<maxIndex>9</maxIndex>
</rollingPolicy>
<triggeringPolicy
class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
+ <maxFileSize>50MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="Audit" />
+ </appender>
+
+ <!-- ============================================================================ -->
+
+ <appender name="Metrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLog}.log</file>
+ <filter class="org.onap.dmaap.datarouter.node.eelf.MetricsFilter">
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLog}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>50MB</maxFileSize>
</triggeringPolicy>
<encoder>
<pattern>${defaultPattern}</pattern>
</encoder>
</appender>
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <appender name="asyncMetrics" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>256</queueSize>
- <appender-ref ref="EELF" />
+ <appender-ref ref="Metrics" />
</appender>
- <appender name="EELFError"
+ <!-- ============================================================================ -->
+
+
+ <appender name="Debug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLog}.log</file>
+ <filter class="org.onap.dmaap.datarouter.node.eelf.DebugFilter">
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLog}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>50MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="Debug" />
+ </appender>
+
+ <!-- ============================================================================ -->
+
+ <appender name="Error"
class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>ERROR</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
+ <file>${logDirectory}/${errorLog}.log</file>
+ <filter class="org.onap.dmaap.datarouter.node.eelf.ErrorFilter">
</filter>
<rollingPolicy
class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip
+ <fileNamePattern>${logDirectory}/${errorLog}.%i.log.zip
</fileNamePattern>
<minIndex>1</minIndex>
<maxIndex>9</maxIndex>
</rollingPolicy>
<triggeringPolicy
class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
+ <maxFileSize>50MB</maxFileSize>
</triggeringPolicy>
<encoder>
<pattern>${defaultPattern}</pattern>
</encoder>
</appender>
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <appender name="asyncError" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>256</queueSize>
- <appender-ref ref="EELFError"/>
+ <appender-ref ref="Error"/>
</appender>
<!-- ============================================================================ -->
- <appender name="jettyAndNodelog"
+ <appender name="Jetty"
class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${jettyAndNodeLogName}.log</file>
- <filter class="org.onap.dmaap.datarouter.node.eelf.EELFFilter" />
+ <file>${logDirectory}/${jettyLog}.log</file>
+ <filter class="org.onap.dmaap.datarouter.node.eelf.JettyFilter" />
<rollingPolicy
class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${jettyAndNodeLogName}.%i.log.zip
+ <fileNamePattern>${logDirectory}/${jettyLog}.%i.log.zip
</fileNamePattern>
<minIndex>1</minIndex>
<maxIndex>9</maxIndex>
</rollingPolicy>
<triggeringPolicy
class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
+ <maxFileSize>50MB</maxFileSize>
</triggeringPolicy>
<encoder>
- <pattern>${jettyAndNodeLoggerPattern}</pattern>
+ <pattern>${defaultPattern}</pattern>
</encoder>
</appender>
- <appender name="asyncEELFjettyAndNodelog" class="ch.qos.logback.classic.AsyncAppender">
+ <appender name="asyncJettyLog" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>256</queueSize>
- <appender-ref ref="jettyAndNodelog" />
+ <appender-ref ref="Jetty" />
<includeCallerData>true</includeCallerData>
</appender>
+ <!-- ============================================================================ -->
+
+
<!-- ============================================================================ -->
<!-- EELF loggers -->
<!-- ============================================================================ -->
<logger name="com.att.eelf" level="info" additivity="false">
- <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncAudit" />
+ </logger>
+
+ <logger name="com.att.eelf" additivity="false">
+ <appender-ref ref="asyncMetrics" />
+ </logger>
+
+ <logger name="com.att.eelf" additivity="false">
+ <appender-ref ref="asyncDebug" />
</logger>
- <logger name="com.att.eelf.error" level="error" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
+ <logger name="com.att.eelf.error" additivity="false">
+ <appender-ref ref="asyncError" />
+ </logger>
+
+ <logger name="log4j.logger.org.eclipse.jetty" additivity="false">
+ <appender-ref ref="asyncJettyLog"/>
+ </logger>
- <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info">
- <appender-ref ref="asyncEELFjettyAndNodelog"/>
- </logger>
<root level="INFO">
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="asyncEELFError" />
- <appender-ref ref="asyncEELFjettyAndNodelog" />
+ <appender-ref ref="asyncAudit" />
+ <appender-ref ref="asyncMetrics" />
+ <appender-ref ref="asyncDebug" />
+ <appender-ref ref="asyncError" />
+ <appender-ref ref="asyncJettyLog" />
</root>
-</configuration>
+</configuration>
\ No newline at end of file
# URL to retrieve dynamic configuration
#
#ProvisioningURL: ${DRTR_PROV_INTURL}
-ProvisioningURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/prov
+ProvisioningURL=https://{{ .Values.global.dmaapDrProvName }}:{{ .Values.global.dmaapDrProvExtPort2 }}/internal/prov
#
# URL to upload PUB/DEL/EXP logs
#
#LogUploadURL: ${DRTR_LOG_URL}
-LogUploadURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/logs
+LogUploadURL=https://{{ .Values.global.dmaapDrProvName }}:{{ .Values.global.dmaapDrProvExtPort2 }}/internal/logs
#
# The port number for http as seen within the server
---
apiVersion: v1
kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-create-feed-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/feeds/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-log
namespace: {{ include "common.namespace" . }}
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+ name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
- mountPath: /etc/localtime
name: localtime
readOnly: false
- - mountPath: /opt/app/datartr/etc/dedicatedFeed.json
- name: {{ include "common.fullname" . }}-create-feed-config
- subPath: dedicatedFeed.json
- - mountPath: /opt/app/datartr/etc/createFeed.sh
- name: {{ include "common.fullname" . }}-create-feed-config
- subPath: createFeed.sh
- mountPath: /opt/app/datartr/etc/node.properties
name: {{ include "common.fullname" . }}-config
subPath: node.properties
- mountPath: /opt/app/datartr/etc/drNodeCadi.properties
name: {{ include "common.fullname" . }}-config
subPath: drNodeCadi.properties
- lifecycle:
- postStart:
- exec:
- command:
- - /opt/app/datartr/etc/createFeed.sh
+ - mountPath: /opt/app/datartr/etc/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - mountPath: {{ .Values.global.loggingDirectory }}
+ name: {{ include "common.fullname" . }}-logs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
subPath: filebeat.yml
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- - name: {{ include "common.fullname" . }}-event-logs-pvc
+ - name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap/datarouter-node
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- name: localtime
hostPath:
path: /etc/localtime
- - name: {{ include "common.fullname" . }}-create-feed-config
- configMap:
- name: {{ include "common.fullname" . }}-create-feed-configmap
- defaultMode: 0755
- items:
- - key: createFeed.sh
- path: createFeed.sh
- - key: dedicatedFeed.json
- path: dedicatedFeed.json
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}-configmap
name: {{ include "common.fullname" . }}-log
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
- name: {{ .Release.Name }}-dmaap-filebeat-configmap
+ name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap
- name: {{ include "common.fullname" . }}-data-filebeat
emptyDir: {}
- name: {{ include "common.fullname" . }}-event-logs-pvc
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-spool-data-pvc
# Global configuration defaults.
#################################################################
global:
- nodePortPrefixExt: 304
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
- loggingDirectory: /opt/app/datartr/logs
+ loggingDirectory: /var/log/onap/datarouter
busyBoxImage: busybox:1.30
busyBoxRepository: docker.io
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:2.1.0
+image: onap/dmaap/datarouter-node:2.1.1
pullPolicy: Always
# flag to enable debugging - application support required
portName2: dr-node-port2
nodePort: 93
nodePort2: 94
-
-# dr provisioning server configuration
- dmaapDrProv:
- name: dmaap-dr-prov
- externalPort2: 8443
- internalPort2: 8443
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
+# dmaap-dr-prov filebeat.yml
filebeat.prospectors:
#it is mandatory, in our case it's log
- input_type: log
#List of logstash server ip addresses with port number.
#But, in our case, this will be the loadbalancer IP address.
#For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ hosts: ["{{.Values.global.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.global.logstashPort}}"]
#If enable will do load balancing among available Logstash, automatically.
loadbalance: true
============LICENSE_END=========================================================
-->
<configuration scan="true" scanPeriod="3 seconds" debug="true">
+ <!--<jmxConfigurator /> -->
+ <!-- directory path for all other type logs -->
+ <!-- property name="logDir" value="/home/eby/dr2/logs" / -->
+ <property name="logDir" value="/opt/app/datartr/logs" />
- <property name="generalLogName" value="apicalls" />
- <property name="errorLogName" value="errors" />
- <property name="jettyLogName" value="jetty"/>
-
- <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" />
- <property name="jettyLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" />
- <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" />
-
- <property name="logDirectory" value="/opt/app/datartr/logs" />
-
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
-
- <appender name="EELF"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELF" />
- </appender>
-
- <appender name="EELFError"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>ERROR</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFError"/>
- </appender>
-
- <!-- ============================================================================ -->
- <appender name="jettylog"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${jettyLogName}.log</file>
- <filter class="org.onap.dmaap.datarouter.provisioning.eelf.JettyFilter" />
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${jettyLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${jettyLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFjettylog" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="jettylog" />
- <includeCallerData>true</includeCallerData>
- </appender>
-
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="info" additivity="false">
- <appender-ref ref="asyncEELF" />
- </logger>
-
- <logger name="com.att.eelf.error" level="error" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
-
- <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info">
+ <!-- directory path for debugging type logs -->
+ <!-- property name="debugDir" value="/home/eby/dr2/debug-logs" /-->
+
+ <!-- specify the component name
+ <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" -->
+ <!-- This creates the MSO directory in in the LogDir which is not needed, mentioned last directory of the path-->
+ <!-- property name="componentName" value="logs"></property -->
+
+ <!-- log file names -->
+ <property name="generalLogName" value="apicalls" />
+ <!-- name="securityLogName" value="security" -->
+ <!-- name="performanceLogName" value="performance" -->
+ <!-- name="serverLogName" value="server" -->
+ <!-- name="policyLogName" value="policy"-->
+ <property name="errorLogName" value="errors" />
+ <!-- name="metricsLogName" value="metrics" -->
+ <property name="debugLogName" value="debug"/>
+ <property name="jettyLogName" value="jetty"/>
+ <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" />
+ <property name="jettyLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" />
+
+ <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" />
+
+ <property name="logDirectory" value="${logDir}" />
+ <!-- property name="debugLogDirectory" value="${debugDir}/${componentName}" /-->
+
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>50MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <!-- EELF Security Appender. This appender is used to record security events
+ to the security log file. Security events are separate from other loggers
+ in EELF so that security log records can be captured and managed in a secure
+ way separate from the other logs. This appender is set to never discard any
+ events. -->
+ <!--appender name="EELFSecurity"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${securityLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <discardingThreshold>0</discardingThreshold>
+ <appender-ref ref="EELFSecurity" />
+ </appender-->
+
+ <!-- EELF Performance Appender. This appender is used to record performance
+ records. -->
+ <!--appender name="EELFPerformance"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${performanceLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <outputPatternAsHeader>true</outputPatternAsHeader>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFPerformance" />
+ </appender-->
+
+ <!-- EELF Server Appender. This appender is used to record Server related
+ logging events. The Server logger and appender are specializations of the
+ EELF application root logger and appender. This can be used to segregate Server
+ events from other components, or it can be eliminated to record these events
+ as part of the application root log. -->
+ <!--appender name="EELFServer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${serverLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFServer" />
+ </appender-->
+
+
+ <!-- EELF Policy Appender. This appender is used to record Policy engine
+ related logging events. The Policy logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <!--appender name="EELFPolicy"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${policyLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFPolicy" >
+ </appender-->
+
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+
+ <!--appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender-->
+
+ <!--appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder-->
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <!--pattern>${defaultPattern}</pattern>
+ </encoder>
+</appender>
+
+
+<appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+</appender-->
+
+ <appender name="EELFError"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>50MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFError"/>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <appender name="jettylog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${jettyLogName}.log</file>
+ <filter class="org.onap.dmaap.datarouter.provisioning.eelf.JettyFilter" />
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${jettyLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>50MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${jettyLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFjettylog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="jettylog" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <filter class="org.onap.dmaap.datarouter.provisioning.eelf.DebugTraceFilter" />
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>50MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ </logger>
+
+ <logger name="com.att.eelf.error" level="error" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+
+ <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info">
<appender-ref ref="asyncEELFjettylog"/>
</logger>
- <root level="INFO">
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="asyncEELFError" />
- <appender-ref ref="asyncEELFjettylog" />
- </root>
+ <logger name="com.att.eelf.debug" level="debug" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <!-- logger name="com.att.eelf.security" level="info" additivity="false">
+ <appender-ref ref="asyncEELFSecurity" />
+ </logger>
+ <logger name="com.att.eelf.perf" level="info" additivity="false">
+ <appender-ref ref="asyncEELFPerformance" />
+ </logger>
+ <logger name="com.att.eelf.server" level="info" additivity="false">
+ <appender-ref ref="asyncEELFServer" />
+ </logger>
+ <logger name="com.att.eelf.policy" level="info" additivity="false">
+ <appender-ref ref="asyncEELFPolicy" />
+ </logger>
+
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <logger name="com.att.eelf.debug" level="debug" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger-->
+
+
+
+
+ <root level="INFO">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFError" />
+ <appender-ref ref="asyncEELFjettylog" />
+ <appender-ref ref="asyncEELFDebug" />
+ </root>
-</configuration>
+</configuration>
\ No newline at end of file
#Jetty Server properties
-org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.externalPort}}
-org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.externalPort2}}
+org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.dmaapDrProvExtPort}}
+org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.dmaapDrProvExtPort2}}
org.onap.dmaap.datarouter.provserver.https.relaxation = true
org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+ name: {{ include "common.fullname" . }}-dmaap-dr-prov-filebeat-configmap
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostname: {{.Values.config.dmaapDrProv.name}}
+ hostname: {{ .Values.global.dmaapDrProvName }}
initContainers:
- command:
- /root/ready.py
args:
- --container-name
- - {{.Values.config.dmaapDrDb.mariadbContName}}
+ - {{ .Values.config.dmaapDrDb.mariadbContName }}
env:
- name: NAMESPACE
valueFrom:
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{.Values.config.dmaapDrProv.externalPort}}
- - containerPort: {{.Values.config.dmaapDrProv.externalPort2}}
+ - containerPort: {{ .Values.global.dmaapDrProvExtPort }}
+ - containerPort: {{ .Values.global.dmaapDrProvExtPort2 }}
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{.Values.config.dmaapDrProv.externalPort}}
+ port: {{ .Values.global.dmaapDrProvExtPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
- port: {{.Values.config.dmaapDrProv.externalPort}}
+ port: {{ .Values.global.dmaapDrProvExtPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- mountPath: /opt/app/datartr/etc/drProvCadi.properties
name: {{ include "common.fullname" . }}-config
subPath: drProvCadi.properties
+ - mountPath: /opt/app/datartr/etc/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
- mountPath: {{ .Values.global.loggingDirectory }}
name: {{ include "common.fullname" . }}-logs
resources:
name: {{ include "common.fullname" . }}-log
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
- name: {{ .Release.Name }}-dmaap-filebeat-configmap
+ name: {{ include "common.fullname" . }}-dmaap-dr-prov-filebeat-configmap
- name: {{ include "common.fullname" . }}-data-filebeat
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
apiVersion: v1
kind: Service
metadata:
- name: {{.Values.config.dmaapDrProv.name}}
+ name: {{ .Values.global.dmaapDrProvName }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
msb.onap.org/service-info: '[
{
- "serviceName": "{{.Values.config.dmaapDrProv.name}}",
+ "serviceName": "{{ .Values.global.dmaapDrProvName }}",
"version": "v1",
"url": "/",
"protocol": "REST",
- "port": "{{.Values.config.dmaapDrProv.externalPort2}}",
+ "port": "{{ .Values.global.dmaapDrProvExtPort2 }}",
"visualRange":"1"
}
]'
spec:
- type: {{.Values.config.dmaapDrProv.servicetype}}
+ type: {{ .Values.config.dmaapDrProv.servicetype }}
ports:
- {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" }}
+ {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
{{- if .Values.global.allow_http }}
- - port: {{.Values.config.dmaapDrProv.externalPort}}
- targetPort: {{.Values.config.dmaapDrProv.internalPort}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort}}
- name: {{.Values.config.dmaapDrProv.name}}
+ - port: {{ .Values.global.dmaapDrProvExtPort }}
+ targetPort: {{ .Values.config.dmaapDrProv.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.config.dmaapDrProv.nodePort }}
+ name: {{ .Values.config.dmaapDrProv.portName }}
{{- end}}
- - port: {{.Values.config.dmaapDrProv.externalPort2}}
- targetPort: {{.Values.config.dmaapDrProv.internalPort2}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort2}}
- name: {{.Values.config.dmaapDrProv.name}}2
+ - port: {{ .Values.global.dmaapDrProvExtPort2 }}
+ targetPort: {{ .Values.config.dmaapDrProv.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.config.dmaapDrProv.nodePort2 }}
+ name: {{ .Values.config.dmaapDrProv.portName }}2
{{- else -}}
- - port: {{.Values.config.dmaapDrProv.externalPort}}
- targetPort: {{.Values.config.dmaapDrProv.internalPort}}
- name: {{.Values.config.dmaapDrProv.name}}
- - port: {{.Values.config.dmaapDrProv.externalPort2}}
- targetPort: {{.Values.config.dmaapDrProv.internalPort2}}
- name: {{.Values.config.dmaapDrProv.name}}2
+ - port: {{ .Values.global.dmaapDrProvExtPort }}
+ targetPort: {{ .Values.config.dmaapDrProv.internalPort }}
+ name: {{ .Values.config.dmaapDrProv.portName }}
+ - port: {{ .Values.global.dmaapDrProvExtPort2 }}
+ targetPort: {{ .Values.config.dmaapDrProv.internalPort2 }}
+ name: {{ .Values.config.dmaapDrProv.portName }}2
{{- end}}
selector:
app: {{ include "common.name" . }}
#################################################################
global:
nodePortPrefix: 302
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
loggingDirectory: /opt/app/datartr/logs
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:2.1.0
+image: onap/dmaap/datarouter-prov:2.1.1
pullPolicy: Always
# flag to enable debugging - application support required
# dr provisioning server configuration
dmaapDrProv:
servicetype: NodePort
- name: dmaap-dr-prov
- externalPort: 8080
- externalPort2: 8443
internalPort: 8080
internalPort2: 8443
portName: dr-prov-port
--- /dev/null
+aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
+aaf_env=DEV
+aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
+
+cadi_truststore=/opt/kafka/config/org.onap.dmaap.mr.trust.jks
+cadi_truststore_password=enc:gvXm0E9p-_SRNw5_feOUE7wqXBxgxV3S_bdAyB08Sq9F35cCUZHWgQyKIDtTAbEw
+
+cadi_keyfile=/opt/kafka/config/org.onap.dmaap.mr.keyfile
+
+cadi_alias=dmaapmr@mr.dmaap.onap.org
+cadi_keystore=/opt/kafka/config/org.onap.dmaap.mr.p12
+cadi_keystore_password=enc:pLMCzQzk-OP7IpYNi0TPtQSkNcraFAdarZG8HbdOKq4BycW6g_7mfhphLhOZo6ht
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+
+
+cadi_loglevel=INFO
+cadi_protocols=TLSv1.1,TLSv1.2
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
\ No newline at end of file
--- /dev/null
+log4j.rootLogger=INFO, stdout, kafkaAppender
+
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+log4j.appender.kafkaAppender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.kafkaAppender.DatePattern='.'yyyy-MM-dd-HH
+log4j.appender.kafkaAppender.File=${kafka.logs.dir}/server.log
+log4j.appender.kafkaAppender.layout=org.apache.log4j.PatternLayout
+log4j.appender.kafkaAppender.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+log4j.appender.stateChangeAppender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.stateChangeAppender.DatePattern='.'yyyy-MM-dd-HH
+log4j.appender.stateChangeAppender.File=${kafka.logs.dir}/state-change.log
+log4j.appender.stateChangeAppender.layout=org.apache.log4j.PatternLayout
+log4j.appender.stateChangeAppender.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+log4j.appender.requestAppender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.requestAppender.DatePattern='.'yyyy-MM-dd-HH
+log4j.appender.requestAppender.File=${kafka.logs.dir}/kafka-request.log
+log4j.appender.requestAppender.layout=org.apache.log4j.PatternLayout
+log4j.appender.requestAppender.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+log4j.appender.cleanerAppender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.cleanerAppender.DatePattern='.'yyyy-MM-dd-HH
+log4j.appender.cleanerAppender.File=${kafka.logs.dir}/log-cleaner.log
+log4j.appender.cleanerAppender.layout=org.apache.log4j.PatternLayout
+log4j.appender.cleanerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+log4j.appender.controllerAppender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.controllerAppender.DatePattern='.'yyyy-MM-dd-HH
+log4j.appender.controllerAppender.File=${kafka.logs.dir}/controller.log
+log4j.appender.controllerAppender.layout=org.apache.log4j.PatternLayout
+log4j.appender.controllerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+log4j.appender.authorizerAppender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.authorizerAppender.DatePattern='.'yyyy-MM-dd-HH
+log4j.appender.authorizerAppender.File=${kafka.logs.dir}/kafka-authorizer.log
+log4j.appender.authorizerAppender.layout=org.apache.log4j.PatternLayout
+log4j.appender.authorizerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n
+
+# Change the two lines below to adjust ZK client logging
+log4j.logger.org.I0Itec.zkclient.ZkClient=INFO
+log4j.logger.org.apache.zookeeper=INFO
+
+# Change the two lines below to adjust the general broker logging level (output to server.log and stdout)
+log4j.logger.kafka=INFO
+log4j.logger.org.apache.kafka=INFO
+
+# Change to DEBUG or TRACE to enable request logging
+log4j.logger.kafka.request.logger=WARN, requestAppender
+log4j.additivity.kafka.request.logger=false
+
+# Uncomment the lines below and change log4j.logger.kafka.network.RequestChannel$ to TRACE for additional output
+# related to the handling of requests
+#log4j.logger.kafka.network.Processor=TRACE, requestAppender
+#log4j.logger.kafka.server.KafkaApis=TRACE, requestAppender
+#log4j.additivity.kafka.server.KafkaApis=false
+log4j.logger.kafka.network.RequestChannel$=WARN, requestAppender
+log4j.additivity.kafka.network.RequestChannel$=false
+
+log4j.logger.kafka.controller=TRACE, controllerAppender
+log4j.additivity.kafka.controller=false
+
+log4j.logger.kafka.log.LogCleaner=INFO, cleanerAppender
+log4j.additivity.kafka.log.LogCleaner=false
+
+log4j.logger.state.change.logger=TRACE, stateChangeAppender
+log4j.additivity.state.change.logger=false
+
+# Access denials are logged at INFO level, change to DEBUG to also log allowed accesses
+log4j.logger.kafka.authorizer.logger=INFO, authorizerAppender
+log4j.additivity.kafka.authorizer.logger=false
--- /dev/null
+############################# Socket Server Settings #############################
+
+# The address the socket server listens on. It will get the value returned from
+# java.net.InetAddress.getCanonicalHostName() if not configured.
+# FORMAT:
+# listeners = listener_name://host_name:port
+# EXAMPLE:
+# listeners = PLAINTEXT://your.host.name:9092
+listeners=EXTERNAL_SASL_PLAINTEXT://0.0.0.0:9093,INTERNAL_SASL_PLAINTEXT://0.0.0.0:9092
+
+# Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
+listener.security.protocol.map=INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT
+
+# The number of threads that the server uses for receiving requests from the network and sending responses to the network
+num.network.threads=3
+
+# The number of threads that the server uses for processing requests, which may include disk I/O
+num.io.threads=8
+
+# The send buffer (SO_SNDBUF) used by the socket server
+socket.send.buffer.bytes=102400
+
+#The number of hours to keep a log file before deleting it
+log.retention.hours=168
+#The maximum size of the log before deleting it
+log.retention.bytes=21474836480
+
+# The receive buffer (SO_RCVBUF) used by the socket server
+socket.receive.buffer.bytes=102400
+
+# The maximum size of a request that the socket server will accept (protection against OOM)
+socket.request.max.bytes=104857600
+
+
+############################# Log Basics #############################
+
+# A comma separated list of directories under which to store log files
+log.dirs=/opt/kafka/data
+
+# The default number of log partitions per topic. More partitions allow greater
+# parallelism for consumption, but this will also result in more files across
+# the brokers.
+num.partitions={{ .Values.defaultpartitions }}
+
+# The number of threads per data directory to be used for log recovery at startup and flushing at shutdown.
+# This value is recommended to be increased for installations with data dirs located in RAID array.
+num.recovery.threads.per.data.dir=1
+
+############################# Internal Topic Settings #############################
+# The replication factor for the group metadata internal topics "__consumer_offsets" and "__transaction_state"
+# For anything other than development testing, a value greater than 1 is recommended for to ensure availability such as 3.
+offsets.topic.replication.factor={{ .Values.replicaCount }}
+transaction.state.log.replication.factor=1
+transaction.state.log.min.isr=1
+
+############################# Log Flush Policy #############################
+
+# Messages are immediately written to the filesystem but by default we only fsync() to sync
+# the OS cache lazily. The following configurations control the flush of data to disk.
+# There are a few important trade-offs here:
+# 1. Durability: Unflushed data may be lost if you are not using replication.
+# 2. Latency: Very large flush intervals may lead to latency spikes when the flush does occur as there will be a lot of data to flush.
+# 3. Throughput: The flush is generally the most expensive operation, and a small flush interval may lead to excessive seeks.
+# The settings below allow one to configure the flush policy to flush data after a period of time or
+# every N messages (or both). This can be done globally and overridden on a per-topic basis.
+
+# The number of messages to accept before forcing a flush of data to disk
+#log.flush.interval.messages=10000
+
+# The maximum amount of time a message can sit in a log before we force a flush
+#log.flush.interval.ms=1000
+
+############################# Log Retention Policy #############################
+
+# The following configurations control the disposal of log segments. The policy can
+# be set to delete segments after a period of time, or after a given size has accumulated.
+# A segment will be deleted whenever *either* of these criteria are met. Deletion always happens
+# from the end of the log.
+
+# The minimum age of a log file to be eligible for deletion due to age
+log.retention.hours=168
+
+# A size-based retention policy for logs. Segments are pruned from the log unless the remaining
+# segments drop below log.retention.bytes. Functions independently of log.retention.hours.
+#log.retention.bytes=1073741824
+
+# The maximum size of a log segment file. When this size is reached a new log segment will be created.
+log.segment.bytes=1073741824
+
+# The interval at which log segments are checked to see if they can be deleted according
+# to the retention policies
+log.retention.check.interval.ms=300000
+
+############################# Zookeeper #############################
+
+# Zookeeper connection string (see zookeeper docs for details).
+# This is a comma separated host:port pairs, each corresponding to a zk
+# server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002".
+# You can also append an optional chroot string to the urls to specify the
+# root directory for all kafka znodes.
+zookeeper.connect={{.Release.Name}}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}}
+
+# Timeout in ms for connecting to zookeeper
+zookeeper.connection.timeout.ms=6000
+
+
+############################# Group Coordinator Settings #############################
+
+# The following configuration specifies the time, in milliseconds, that the GroupCoordinator will delay the initial consumer rebalance.
+# The rebalance will be further delayed by the value of group.initial.rebalance.delay.ms as new members join the group, up to a maximum of max.poll.interval.ms.
+# The default value for this is 3 seconds.
+# We override this to 0 here as it makes for a better out-of-the-box experience for development and testing.
+# However, in production environments the default value of 3 seconds is more suitable as this will help to avoid unnecessary, and potentially expensive, rebalances during application startup.
+group.initial.rebalance.delay.ms=0
+
+inter.broker.listener.name=INTERNAL_SASL_PLAINTEXT
+default.replication.factor={{ .Values.replicaCount }}
+delete.topic.enable=true
+sasl.enabled.mechanisms=PLAIN
+authorizer.class.name=org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer
+version=1.1.1
+sasl.mechanism.inter.broker.protocol=PLAIN
--- /dev/null
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-server-prop-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/server.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-cadi-prop-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/cadi.properties").AsConfig . | indent 2 }}
+---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log4j-prop-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log4j.properties").AsConfig . | indent 2 }}
+---
+
- -exec
- |
chown -R 1000:1000 /opt/kafka/data;
+ cp /opt/kafka/tmpconfig/server.properties /opt/kafka/config/;
+ chown 1000:1000 /opt/kafka/config/server.properties;
+ cd /opt/kafka/config;
+ ls;
image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: /opt/kafka/data
name: kafka-data
+ - mountPath: /opt/kafka/tmpconfig/server.properties
+ subPath: server.properties
+ name: server
+ - mountPath: /opt/kafka/config
+ name: config-data
name: {{ include "common.name" . }}-permission-fixer
containers:
- name: {{ include "common.name" . }}
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
- - name: KAFKA_ZOOKEEPER_CONNECT
- value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}"
- - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
- value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT"
- - name: KAFKA_LISTENERS
- value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}"
- - name: KAFKA_INTER_BROKER_LISTENER_NAME
- value: "INTERNAL_SASL_PLAINTEXT"
- - name: KAFKA_SASL_ENABLED_MECHANISMS
- value: "PLAIN"
- - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL
- value: "PLAIN"
- - name: KAFKA_AUTHORIZER_CLASS_NAME
- value: "{{ .Values.kafkaCustomAuthorizer }}"
- - name: KAFKA_DELETE_TOPIC_ENABLE
- value: "{{ .Values.deleteTopicEnable }}"
- name: aaf_locate_url
- value: "https://aaf-locate:8095"
- - name: KAFKA_LOG_DIRS
- value: "/opt/kafka/data"
- - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
- value: "{{ .Values.replicaCount }}"
- - name: KAFKA_DEFAULT_REPLICATION_FACTOR
- value: "{{ .Values.replicaCount }}"
- - name: KAFKA_NUM_PARTITIONS
- value: "{{ .Values.defaultpartitions }}"
+ value: https://aaf-locate.{{ include "common.namespace" . }}:8095
+
volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /var/run/docker.sock
name: docker-socket
+ - mountPath: /opt/kafka/tmpconfig/server.properties
+ subPath: server.properties
+ name: server
+ - mountPath: /opt/kafka/config/server.properties
+ subPath: server.properties
+ name: config-data
+ - mountPath: /opt/kafka/config/log4j.properties
+ subPath: log4j.properties
+ name: log4j
+ - mountPath: /opt/kafka/config/cadi.properties
+ subPath: cadi.properties
+ name: cadi
- mountPath: /opt/kafka/data
name: kafka-data
{{- if .Values.tolerations }}
- name: localtime
hostPath:
path: /etc/localtime
+ - name: config-data
+ emptyDir: {}
- name: docker-socket
hostPath:
path: /var/run/docker.sock
+ - name: server
+ configMap:
+ name: {{ include "common.fullname" . }}-server-prop-configmap
+ - name: log4j
+ configMap:
+ name: {{ include "common.fullname" . }}-log4j-prop-configmap
+ - name: cadi
+ configMap:
+ name: {{ include "common.fullname" . }}-cadi-prop-configmap
{{ if not .Values.persistence.enabled }}
- name: kafka-data
emptyDir: {}
heritage: "{{ .Release.Service }}"
{{ end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
## Both Cambria and Kafka make use of Zookeeper.
##
#config.zk.servers=172.18.1.1
-config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}
+#config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}
+config.zk.servers={{.Release.Name}}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}}
+
#config.zk.root=/fe3c/cambria/config
## configurations (after removing "kafka.")
## if you want to change request.required.acks it can take this one value
#kafka.metadata.broker.list=localhost:9092,localhost:9093
-kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}}
+#kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}}
+kafka.metadata.broker.list={{.Release.Name}}-{{.Values.kafka.name}}-0.{{.Values.kafka.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.kafka.port}},{{.Release.Name}}-{{.Values.kafka.name}}-1.{{.Values.kafka.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.kafka.port}},{{.Release.Name}}-{{.Values.kafka.name}}-2.{{.Values.kafka.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.kafka.port}}
##kafka.request.required.acks=-1
#kafka.client.zookeeper=${config.zk.servers}
consumer.timeout.ms=100
-aaf_locate_url=https://aaf-locate:8095
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+aaf_locate_url=https://aaf-locate.{{ include "common.namespace" . }}:8095
+aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
aaf_env=DEV
aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
--- /dev/null
+<!--
+ ============LICENSE_START=======================================================
+ Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+ <contextName>${module.ajsc.namespace.name}</contextName>
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/log" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+
+ <appender name="INFO"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ </appender>
+
+ <appender name="DEBUG" class="ch.qos.logback.core.ConsoleAppender">
+
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender">
+ class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
+
+ <!-- Msgrtr related loggers -->
+ <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" />
+
+
+
+ <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" />
+ <logger name="com.att.dmf.mr.transaction.impl" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" />
+
+ <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" />
+ <logger name="org.onap.dmaap.mr.filter" level="INFO" />
+
+ <!--<logger name="com.att.nsa.cambria.*" level="INFO" />-->
+
+ <!-- Msgrtr loggers in ajsc -->
+ <logger name="org.onap.dmaap.service" level="INFO" />
+ <logger name="org.onap.dmaap" level="INFO" />
+
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" additivity="false"/>
+ <logger name="org.springframework.beans" level="WARN" additivity="false"/>
+ <logger name="org.springframework.web" level="WARN" additivity="false" />
+ <logger name="com.blog.spring.jms" level="WARN" additivity="false" />
+
+ <!-- AJSC Services (bootstrap services) -->
+ <logger name="ajsc" level="WARN" additivity="false"/>
+ <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/>
+ <logger name="ajsc.ComputeService" level="INFO" additivity="false" />
+ <logger name="ajsc.VandelayService" level="WARN" additivity="false"/>
+ <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/>
+ <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" />
+ <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" />
+ <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" />
+
+ <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet
+ logging) -->
+ <logger name="ajsc.utils" level="WARN" additivity="false"/>
+ <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" />
+ <logger name="ajsc.filters" level="DEBUG" additivity="false" />
+ <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" />
+ <logger name="ajsc.restlet" level="DEBUG" additivity="false" />
+ <logger name="ajsc.servlet" level="DEBUG" additivity="false" />
+ <logger name="com.att" level="WARN" additivity="false" />
+ <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" />
+ <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/>
+
+ <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/>
+ <logger name="com.att.cadi.filter" level="INFO" additivity="false" />
+
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" additivity="false" />
+ <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/>
+ <logger name="org.apache.commons" level="WARN" additivity="false" />
+ <logger name="org.apache.coyote" level="WARN" additivity="false"/>
+ <logger name="org.apache.jasper" level="WARN" additivity="false"/>
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" additivity="false" />
+ <logger name="org.apache.cxf" level="WARN" additivity="false" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/>
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" />
+ <logger name="org.apache.cxf.service" level="WARN" additivity="false" />
+ <logger name="org.restlet" level="DEBUG" additivity="false" />
+ <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" />
+ <logger name="org.apache.kafka" level="DEBUG" additivity="false" />
+ <logger name="org.apache.zookeeper" level="INFO" additivity="false" />
+ <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/>
+ <logger name="ch.qos.logback.core" level="INFO" additivity="false" />
+
+ <!-- logback jms appenders & loggers definition starts here -->
+ <!-- logback jms appenders & loggers definition starts here -->
+ <appender name="auditLogs"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <appender name="perfLogs"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <appender name="ASYNC-audit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <discardingThreshold>0</discardingThreshold>
+ <appender-ref ref="Audit-Record-Queue" />
+ </appender>
+
+ <logger name="AuditRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <discardingThreshold>0</discardingThreshold>
+ <appender-ref ref="Performance-Tracker-Queue" />
+ </appender>
+ <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="ASYNC-perf" />
+ <appender-ref ref="perfLogs" />
+ </logger>
+ <!-- logback jms appenders & loggers definition ends here -->
+
+ <root level="DEBUG">
+ <appender-ref ref="DEBUG" />
+ <appender-ref ref="ERROR" />
+ <appender-ref ref="INFO" />
+ <appender-ref ref="STDOUT" />
+ </root>
+
+</configuration>
\ No newline at end of file
data:
{{ tpl (.Files.Glob "resources/config/dmaap/cadi.properties").AsConfig . | indent 2 }}
---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-logback-xml-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/dmaap/logback.xml").AsConfig . | indent 2 }}
+---
+
apiVersion: v1
kind: ConfigMap
metadata:
- mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
subPath: MsgRtrApi.properties
name: appprops
+ - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml
+ subPath: logback.xml
+ name: logback
- mountPath: /appl/dmaapMR1/etc/cadi.properties
subPath: cadi.properties
name: cadi
- name: appprops
configMap:
name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap
+ - name: logback
+ configMap:
+ name: {{ include "common.fullname" . }}-logback-xml-configmap
- name: cadi
configMap:
name: {{ include "common.fullname" . }}-cadi-prop-configmap
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.14
+image: onap/dmaap/dmaap-mr:1.1.16
pullPolicy: Always
kafka:
#List of logstash server ip addresses with port number.
#But, in our case, this will be the loadbalancer IP address.
#For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ hosts: ["{{.Values.global.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.global.logstashPort}}"]
#If enable will do load balancing among available Logstash, automatically.
loadbalance: true
#################################################################
global:
nodePortPrefix: 302
+ nodePortPrefixExt: 304
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
clientImage: onap/dmaap/dbc-client:1.0.9
+ repository: nexus3.onap.org:10001
#Global DMaaP app config
allow_http: true
-# application configuration
-config:
+ #Logstash config
logstashServiceName: log-ls
logstashPort: 5044
+ #dmaap-dr-prov server configuration
+ dmaapDrProvName: dmaap-dr-prov
+ dmaapDrProvExtPort2: 8443
+ dmaapDrProvExtPort: 8080
+
+
+#Component overrides
message-router:
enabled: true
dmaap-bc:
# application image
repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:4.0.0
+image: onap/externalapi/nbi:5.0.0
pullPolicy: Always
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
--- /dev/null
+# Copyright © 2019 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+###################################################################
+# This override file enables helm charts for all ONAP applications.
+###################################################################
+cassandra:
+ enabled: true
+mariadb-galera:
+ enabled: true
+
+aaf:
+ enabled: true
+aai:
+ enabled: true
+appc:
+ enabled: true
+clamp:
+ enabled: true
+cli:
+ enabled: true
+consul:
+ enabled: true
+contrib:
+ enabled: true
+dcaegen2:
+ enabled: true
+dmaap:
+ enabled: true
+esr:
+ enabled: true
+log:
+ enabled: true
+sniro-emulator:
+ enabled: true
+oof:
+ enabled: true
+msb:
+ enabled: true
+multicloud:
+ enabled: true
+nbi:
+ enabled: true
+policy:
+ enabled: true
+pomba:
+ enabled: true
+portal:
+ enabled: true
+robot:
+ enabled: true
+sdc:
+ enabled: true
+sdnc:
+ enabled: true
+so:
+ enabled: true
+uui:
+ enabled: true
+vfc:
+ enabled: true
+vid:
+ enabled: true
+ ingress:
+ enabled: true
+vnfsdk:
+ enabled: true
+nginx-ingress:
+ enabled: true
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.4.1
+image: onap/policy-pe:1.5.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: sonatype/nexus:2.14.8-01
+image: sonatype/nexus:2.14.13-01
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pdpd-cl:1.4.2
+image: onap/policy-pdpd-cl:1.5.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: mariadb:10.2.14
+image: mariadb:10.2.25
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.4.1
+image: onap/policy-pe:1.5.1
pullPolicy: Always
# flag to enable debugging - application support required
"pdpType":"apex",
"description":"Pdp Heartbeat",
"supportedPolicyTypes":[{"name":"onap.policies.controlloop.operational.Apex","version":"1.0.0"}]
+ },
+ "topicParameterGroup": {
+ "topicSources" : [{
+ "topic" : "POLICY-PDP-PAP",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
+ }],
+ "topicSinks" : [{
+ "topic" : "POLICY-PDP-PAP",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
+ }]
}
}
+++ /dev/null
-# ============LICENSE_START=======================================================
-# Copyright (C) 2019 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-dmaap.source.topics=POLICY-PDP-PAP
-dmaap.sink.topics=POLICY-PDP-PAP
-
-dmaap.source.topics.POLICY-PDP-PAP.servers= message-router
-dmaap.sink.topics.POLICY-PDP-PAP.servers= message-router
\ No newline at end of file
- /opt/app/policy/apex-pdp/bin/apexOnapPf.sh
- -c
- /home/apexuser/config/OnapPfConfig.json
- - -p
- - /home/apexuser/config/topic.properties
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.externalPort }}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-apex-pdp:2.1.0
+image: onap/policy-apex-pdp:2.2.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-api:2.0.1
+image: onap/policy-api:2.1.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-distribution:2.1.0
+image: onap/policy-distribution:2.2.0
pullPolicy: Always
# flag to enable debugging - application support required
"aaf": false
},
"pdpParameters": {
+ "heartBeatMs": 120000,
"updateParameters": {
"maxRetryCount": 1,
"maxWaitMs": 30000
"databaseUser": "policy_user",
"databasePassword": "cG9saWN5X3VzZXI=",
"persistenceUnit": "PolicyMariaDb"
+ },
+ "topicParameterGroup": {
+ "topicSources" : [{
+ "topic" : "POLICY-PDP-PAP",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
+ }],
+ "topicSinks" : [{
+ "topic" : "POLICY-PDP-PAP",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
+ }]
}
}
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP PAP
-# ================================================================================
-# Copyright (C) 2019 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.sink.topics=POLICY-PDP-PAP
-dmaap.sink.topics.POLICY-PDP-PAP.servers=message-router
-dmaap.source.topics=POLICY-PDP-PAP
-dmaap.source.topics.POLICY-PDP-PAP.servers=message-router
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/opt/app/policy/pap/bin/policy-pap.sh"]
- args: ["/opt/app/policy/pap/etc/mounted/config.json", "/opt/app/policy/pap/etc/mounted/topic.properties"]
+ args: ["/opt/app/policy/pap/etc/mounted/config.json"]
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pap:2.0.1
+image: onap/policy-pap:2.1.1
pullPolicy: Always
# flag to enable debugging - application support required
"https": true,
"aaf": false
},
- "applicationPath": "/opt/app/policy/pdpx/apps"
-}
\ No newline at end of file
+ "applicationPath": "/opt/app/policy/pdpx/apps",
+ "topicParameterGroup": {
+ "topicSources" : [{
+ "topic" : "POLICY-PDP-PAP",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
+ }],
+ "topicSinks" : [{
+ "topic" : "POLICY-PDP-PAP",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
+ }]
+ }
+}
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP PAP
-# ================================================================================
-# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.sink.topics=POLICY-PDP-PAP
-dmaap.sink.topics.POLICY-PDP-PAP.servers=message-router
-dmaap.source.topics=POLICY-PDP-PAP
-dmaap.source.topics.POLICY-PDP-PAP.servers=message-router
\ No newline at end of file
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
- args: ["/opt/app/policy/pdpx/etc/mounted/config.json","/opt/app/policy/pdpx/etc/mounted/topic.properties"]
+ args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-xacml-pdp:2.0.1
+image: onap/policy-xacml-pdp:2.1.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.4.1
+image: onap/policy-pe:1.5.1
pullPolicy: Always
subChartsOnly:
--- /dev/null
+Subproject commit b6b5b0e6f8880e3a922a2fef97e95e5013475228
+++ /dev/null
-#!/bin/bash
-# Copyright (C) 2018 Amdocs, Bell Canada
-# Modifications Copyright (C) 2019 Samsung
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Execute tags built to support the hands-on demo
-#
-function usage
-{
- echo "Usage: demo-k8s.sh <namespace> <command> [<parameters>]"
- echo " "
- echo " demo-k8s.sh <namespace> init"
- echo " - Execute both init_customer + distribute"
- echo " "
- echo " demo-k8s.sh <namespace> init_customer"
- echo " - Create demo customer (Demonstration) and services, etc."
- echo " "
- echo " demo-k8s.sh <namespace> distribute [<prefix>]"
- echo " - Distribute demo models (demoVFW and demoVLB)"
- echo " "
- echo " demo-k8s.sh <namespace> preload <vnf_name> <module_name>"
- echo " - Preload data for VNF for the <module_name>"
- echo " "
- echo " demo-k8s.sh <namespace> appc <module_name>"
- echo " - provide APPC with vFW module mount point for closed loop"
- echo " "
- echo " demo-k8s.sh <namespace> init_robot [ <etc_hosts_prefix> ]"
- echo " - Initialize robot after all ONAP VMs have started"
- echo " "
- echo " demo-k8s.sh <namespace> instantiateVFW"
- echo " - Instantiate vFW module for the demo customer (DemoCust<uuid>)"
- echo " "
- echo " demo-k8s.sh <namespace> instantiateVFWdirectso csar_filename"
- echo " - Instantiate vFW module using direct SO interface using previously distributed model "
- echo " that is in /tmp/csar in robot container"
- echo " "
- echo " demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>"
- echo " - Delete the module created by instantiateVFW"
- echo " "
- echo " demo-k8s.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>"
- echo " - Run heatbridge against the stack for the given service instance and service"
- echo " "
- echo " demo-k8s.sh <namespace> vfwclosedloop <pgn-ip-address>"
- echo " - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy "
- echo " kicks in to modulate the rates back to medium"
- echo " "
-}
-
-# Set the defaults
-
-echo "Number of parameters:"
-echo $#
-
-if [ $# -lt 2 ];then
- usage
- exit
-fi
-
-NAMESPACE=$1
-shift
-
-##
-## if more than 1 tag is supplied, the must be provided with -i or -e
-##
-while [ $# -gt 0 ]
-do
- key="$1"
- echo "KEY:"
- echo $key
-
- case $key in
- init_robot)
- TAG="UpdateWebPage"
- read -s -p "WEB Site Password for user 'test': " WEB_PASSWORD
- if [ "$WEB_PASSWORD" = "" ]; then
- echo ""
- echo "WEB Password is required for user 'test'"
- exit
- fi
- VARIABLES="$VARIABLES -v WEB_PASSWORD:$WEB_PASSWORD"
- shift
- if [ $# -eq 2 ];then
- VARIABLES="$VARIABLES -v HOSTS_PREFIX:$1"
- fi
- shift
- ;;
- init)
- TAG="InitDemo"
- shift
- ;;
- init_customer)
- TAG="InitCustomer"
- shift
- ;;
- distribute)
- TAG="InitDistribution"
- shift
- if [ $# -eq 1 ];then
- VARIABLES="$VARIABLES -v DEMO_PREFIX:$1"
- fi
- shift
- ;;
- preload)
- TAG="PreloadDemo"
- shift
- if [ $# -ne 2 ];then
- echo "Usage: demo-k8s.sh <namespace> preload <vnf_name> <module_name>"
- exit
- fi
- VARIABLES="$VARIABLES -v VNF_NAME:$1"
- shift
- VARIABLES="$VARIABLES -v MODULE_NAME:$1"
- shift
- ;;
- appc)
- TAG="APPCMountPointDemo"
- shift
- if [ $# -ne 1 ];then
- echo "Usage: demo-k8s.sh <namespace> appc <module_name>"
- exit
- fi
- VARIABLES="$VARIABLES -v MODULE_NAME:$1"
- shift
- ;;
- instantiateVFW)
- TAG="instantiateVFW"
- VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:$$"
- shift
- ;;
- instantiateVFWdirectso)
- TAG="instantiateVFWdirectso"
- shift
- if [ $# -ne 1 ];then
- echo "Usage: demo-k8s.sh <namespace> instantiateVFWdirectso <csar_filename>"
- exit
- fi
- VARIABLES="$VARIABLES -v CSAR_FILE:$1 -v GLOBAL_BUILD_NUMBER:$$"
- shift
- ;;
- deleteVNF)
- TAG="deleteVNF"
- shift
- if [ $# -ne 1 ];then
- echo "Usage: demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>"
- exit
- fi
- VARFILE=$1.py
- if [ -e /opt/eteshare/${VARFILE} ]; then
- VARIABLES="$VARIABLES -V /share/${VARFILE}"
- else
- echo "Cache file ${VARFILE} is not found"
- exit
- fi
- shift
- ;;
- heatbridge)
- TAG="heatbridge"
- shift
- if [ $# -ne 4 ];then
- echo "Usage: demo-k8s.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>"
- exit
- fi
- VARIABLES="$VARIABLES -v HB_STACK:$1"
- shift
- VARIABLES="$VARIABLES -v HB_SERVICE_INSTANCE_ID:$1"
- shift
- VARIABLES="$VARIABLES -v HB_SERVICE:$1"
- shift
- VARIABLES="$VARIABLES -v HB_IPV4_OAM_ADDRESS:$1"
- shift
- ;;
- cds)
- TAG="cds"
- shift
- ;;
- distributeVFWNG)
- TAG="distributeVFWNG"
- shift
- ;;
- distributeDemoVFWDT)
- TAG="DistributeDemoVFWDT"
- shift
- ;;
- instantiateDemoVFWDT)
- TAG="instantiateVFWDT"
- shift
- ;;
- vfwclosedloop)
- TAG="vfwclosedloop"
- shift
- VARIABLES="$VARIABLES -v PACKET_GENERATOR_HOST:$1 -v pkg_host:$1"
- shift
- ;;
- *)
- usage
- exit
- esac
-done
-
-set -x
-
-POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-
-ETEHOME=/var/opt/ONAP
-
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
-OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key
-DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
-
-VARIABLEFILES="-V /share/config/vm_properties.py -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py"
-
-kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#!/bin/bash
-
-#
-# Run the testsuite for the passed tag. Valid tags are listed in usage help
-# Please clean up logs when you are done...
-#
-if [ "$1" == "" ] || [ "$2" == "" ]; then
- echo "Usage: ete-k8s.sh [namespace] [tag]"
- echo ""
- echo " List of test case tags (filename for intent: tag)"
- echo ""
- echo " cds.robot: cds"
- echo ""
- echo " clamp.robot: clamp"
- echo ""
- echo " demo.robot: InitDemo, InitCustomer, APPCCDTPreloadDemo, APPCMountPointDemo, DistributeDemoVFWDT, DistributeVFWNG,"
- echo " InitDistribution, PreloadDemo, deleteVNF, heatbridge, instantiateDemoVFWCL, instantiateVFW, instantiateVFWCL, instantiateVFWDT"
- echo ""
- echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc,"
- echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb,"
- echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc,"
- echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr,"
- echo " healthportalapp, multicloud, oom"
- echo ""
- echo " hvves.robot: HVVES, ete"
- echo ""
- echo " model-distribution-vcpe.robot: distributevCPEResCust"
- echo ""
- echo " model-distribution.robot: distribute, distributeVFWDT, distributeVLB"
- echo ""
- echo " oof-*.robot: cmso, has, homing"
- echo ""
- echo " pnf-registration.robot: ete, pnf_registrate"
- echo ""
- echo " post-install-tests.robot dmaapacl, postinstall"
- echo ""
- echo " update_onap_page.robot: UpdateWebPage"
- echo ""
- echo " vnf-orchestration-direct-so.robot: instantiateVFWdirectso"
- echo ""
- echo " vnf-orchestration.robot: instantiate, instantiateNoDelete, stability72hr"
- exit
-fi
-
-set -x
-
-export NAMESPACE="$1"
-
-POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-
-TAGS="-i $2"
-
-ETEHOME=/var/opt/ONAP
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
-OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2
-DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
-
-VARIABLEFILES="-V /share/config/vm_properties.py -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py"
-VARIABLES="-v GLOBAL_BUILD_NUMBER:$$"
-
-kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --display $DISPLAY_NUM
+++ /dev/null
-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#!/bin/bash
-
-#
-# Run the health-check testsuites for the tags discovered by helm list
-# Please clean up logs when you are done...
-#
-if [ "$1" == "" ] ; then
- echo "Usage: eteHelm-k8s.sh [namespace]"
- echo " list projects via helm list and runs health-check with those tags except dev and dev-consul"
- exit
-fi
-
-set -x
-
-export NAMESPACE="$1"
-
-POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-
-PROJECTS=$(helm list | tail +3 | grep '-' | cut -d' ' -f1 | sed -E 's/\w+-(\w+)/health-\1/g' | grep -v consul | grep -v nfs-provision)
-
-TAGS=""
-for project in $PROJECTS ;
-do
-TAGS="$TAGS -i $project"
-done
-
-
-ETEHOME=/var/opt/ONAP
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
-OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist
-DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
-
-VARIABLEFILES="-V /share/config/vm_properties.py -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py"
-VARIABLES="-v GLOBAL_BUILD_NUMBER:$$"
-
-kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --display $DISPLAY_NUM
+++ /dev/null
-# Copyright (c) 2018 Amdocs, Bell Canada, and others
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# aaf info - everything is from the private oam network (also called onap private network)
-GLOBAL_AAF_SERVER = 'https://aaf-service.{{include "common.namespace" .}}:8100'
-GLOBAL_AAF_USERNAME = '{{ .Values.aafUsername }}'
-GLOBAL_AAF_PASSWORD = '{{ .Values.aafPassword }}'
-# aai info - everything is from the private oam network (also called onap private network)
-GLOBAL_AAI_SERVER_PROTOCOL = "https"
-GLOBAL_AAI_SERVER_PORT = "8443"
-GLOBAL_AAI_USERNAME = '{{ .Values.aaiUsername }}'
-GLOBAL_AAI_PASSWORD = '{{ .Values.aaiPassword}}'
-# appc info - everything is from the private oam network (also called onap private network)
-GLOBAL_APPC_SERVER_PROTOCOL = "http"
-GLOBAL_APPC_SERVER_PORT = "8282"
-GLOBAL_APPC_USERNAME = '{{ .Values.appcUsername }}'
-GLOBAL_APPC_PASSWORD = '{{ .Values.appcPassword }}'
-GLOBAL_APPC_CDT_SERVER_PROTOCOL = "https"
-GLOBAL_APPC_CDT_SERVER_PORT = "18080"
-GLOBAL_APPC_CDT_USERNAME = "demo"
-# sdc info - everything is from the private oam network (also called onap private network)
-GLOBAL_ASDC_SERVER_PROTOCOL = "http"
-GLOBAL_ASDC_FE_PORT = "8181"
-GLOBAL_ASDC_BE_PORT = "8080"
-GLOBAL_ASDC_BE_ONBOARD_PORT = "8081"
-GLOBAL_ASDC_BE_USERNAME = "beep"
-GLOBAL_ASDC_BE_PASSWORD = "boop"
-# clamp info - everything is from the private oam network (also called onap private network)
-GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
-GLOBAL_CLAMP_SERVER_PORT = "8443"
-# nbi info - everything is from the private oam network (also called onap private network)
-GLOBAL_NBI_SERVER_PROTOCOL = "http"
-GLOBAL_NBI_SERVER_PORT = "8080"
-# cli info - everything is from the private oam network (also called onap private network)
-GLOBAL_CLI_SERVER_PROTOCOL = "http"
-GLOBAL_CLI_SERVER_PORT = "8080"
-# dcae info - everything is from the private oam network (also called onap private network)
-GLOBAL_DCAE_SERVER_PROTOCOL = "http"
-GLOBAL_DCAE_HEALTH_SERVER_PORT = "80"
-GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}'
-GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}'
-# dcae hv-ves info
-GLOBAL_DCAE_HVVES_SERVER_NAME = 'dcae-hv-ves-collector.{{include "common.namespace" .}}'
-GLOBAL_DCAE_HVVES_SERVER_PORT = "6061"
-# data router info - everything is from the private oam network (also called onap private network)
-GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "http"
-GLOBAL_DMAAP_DR_PROV_SERVER_PORT = "8080"
-GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "http"
-GLOBAL_DMAAP_DR_NODE_SERVER_PORT = "8080"
-# dmaap message router info
-GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = 'message-router.{{include "common.namespace" .}}'
-GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = "3904"
-# dmaap kafka info
-GLOBAL_DMAAP_KAFKA_SERVER_NAME = 'message-router-kafka.{{include "common.namespace" .}}'
-GLOBAL_DMAAP_KAFKA_SERVER_PORT = "9092"
-GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}'
-GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}'
-# DROOL server port and credentials
-GLOBAL_DROOLS_SERVER_PORT = "9696"
-GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}'
-GLOBAL_DROOLS_PASSWORD = '{{ .Values.droolsPassword }}'
-# log server config - NOTE: no log server is run in HEAT; only on OOM
-GLOBAL_LOG_SERVER_PROTOCOL = "http"
-GLOBAL_LOG_ELASTICSEARCH_PORT = "9200"
-GLOBAL_LOG_LOGSTASH_PORT = "9600"
-GLOBAL_LOG_KIBANA_PORT = "5601"
-# pomba info - NOTE: no pomba is run in HEAT; only on OOM
-GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http"
-GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https"
-GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530"
-GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530"
-GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530"
-GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = "9532"
-GLOBAL_POMBA_SDNCCXTBUILDER_PORT = "9530"
-GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531"
-GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529"
-GLOBAL_POMBA_KIBANA_PORT = "5601"
-GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200"
-GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529"
-
-# microservice bus info - everything is from the private oam network (also called onap private network)
-GLOBAL_MSB_SERVER_PROTOCOL = "http"
-GLOBAL_MSB_SERVER_PORT = "80"
-# message router info - everything is from the private oam network (also called onap private network)
-GLOBAL_MR_SERVER_PROTOCOL = "http"
-GLOBAL_MR_SERVER_PORT = "3904"
-# bus controller info
-GLOBAL_BC_HTTPS_SERVER_PORT = "8443"
-GLOBAL_BC_USERNAME = '{{ .Values.bcUsername }}'
-GLOBAL_BC_PASSWORD = '{{ .Values.bcPassword }}'
-# mso info - everything is from the private oam network (also called onap private network)
-GLOBAL_MSO_SERVER_PROTOCOL = "http"
-GLOBAL_MSO_SERVER_PORT = "8080"
-# SO containers
-GLOBAL_MSO_APIHAND_SERVER_PORT = "8080"
-GLOBAL_MSO_ASDCHAND_SERVER_PORT = "8085"
-GLOBAL_MSO_BPMN_SERVER_PORT = "8081"
-GLOBAL_MSO_CATDB_SERVER_PORT = "8082"
-GLOBAL_MSO_OPENSTACK_SERVER_PORT = "8087"
-GLOBAL_MSO_REQDB_SERVER_PORT = "8083"
-GLOBAL_MSO_SDNC_SERVER_PORT = "8086"
-GLOBAL_MSO_VFC_SERVER_PORT = "8084"
-GLOBAL_MSO_VNFM_SERVER_PORT = "9092"
-GLOBAL_MSO_USERNAME = '{{ .Values.soUsername }}'
-GLOBAL_MSO_CATDB_USERNAME = '{{ .Values.soCatdbUsername }}'
-GLOBAL_MSO_PASSWORD = '{{ .Values.soPassword }}'
-# robot uses MSO_PASSWORD for both SO and CATDB
-# music info - everything is from the private oam network (also called onap private network)
-GLOBAL_MUSIC_SERVER_PROTOCOL = "http"
-GLOBAL_MUSIC_SERVER_PORT = "8080"
-# oof global info - everything is from the private oam network (also called onap private network)
-GLOBAL_OOF_SERVER_PROTOCOL = "https"
-# oof-homing info - everything is from the private oam network (also called onap private network)
-GLOBAL_OOF_HOMING_SERVER_PORT = "8091"
-GLOBAL_OOF_HOMING_USERNAME="{{ .Values.oofHomingUsername }}"
-GLOBAL_OOF_HOMING_PASSWORD="{{ .Values.oofHomingPassword }}"
-# oof-sniro info - everything is from the private oam network (also called onap private network)
-GLOBAL_OOF_SNIRO_SERVER_PORT = "8698"
-#oof user
-GLOBAL_OOF_OSDF_USERNAME="{{ .Values.oofUsername }}"
-GLOBAL_OOF_OSDF_PASSWORD="{{ .Values.oofPassword }}"
-#oof pci user
-GLOBAL_OOF_PCI_USERNAME="{{ .Values.oofOsdfPciOptUsername }}"
-GLOBAL_OOF_PCI_PASSWORD="{{ .Values.oofOsdfPciOptPassword }}"
-# oof cmso global info - everything is from the private oam network (also called onap private network)
-GLOBAL_OOF_CMSO_PROTOCOL = "https"
-GLOBAL_OOF_CMSO_SERVER_PORT = "8080"
-GLOBAL_OOF_CMSO_USERNAME = "{{ .Values.oofCmsoUsername }}"
-GLOBAL_OOF_CMSO_PASSWORD = "{{ .Values.oofCmsoPassword }}"
-# openstack info - info to select right info in environment
-# packet generate vnf info - everything is from the private oam network (also called onap private network)
-GLOBAL_PACKET_GENERATOR_PORT = "8183"
-GLOBAL_PACKET_GENERATOR_USERNAME = "admin"
-GLOBAL_PACKET_GENERATOR_PASSWORD = "admin"
-GLOBAL_PGN_PORT = "2831"
-# policy info - everything is from the private oam network (also called onap private network)
-GLOBAL_POLICY_SERVER_PROTOCOL = "https"
-GLOBAL_POLICY_SERVER_PORT = "8081"
-GLOBAL_POLICY_HEALTHCHECK_PORT = "6969"
-GLOBAL_POLICY_AUTH = '{{ .Values.policyAuth}}'
-GLOBAL_POLICY_CLIENTAUTH = '{{ .Values.policyClientAuth}}'
-GLOBAL_POLICY_USERNAME = '{{ .Values.policyUsername }}'
-GLOBAL_POLICY_PASSWORD = '{{ .Values.policyPassword }}'
-GLOBAL_POLICY_HEALTHCHECK_USERNAME = '{{ .Values.policyComponentUsername }}'
-GLOBAL_POLICY_HEALTHCHECK_PASSWORD = '{{ .Values.policyComponentPassword }}'
-# portal info - everything is from the private oam network (also called onap private network)
-GLOBAL_PORTAL_SERVER_PROTOCOL = "http"
-GLOBAL_PORTAL_SERVER_PORT = "8989"
-GLOBAL_PORTAL_USERNAME = '{{ .Values.portalUsername }}'
-GLOBAL_PORTAL_PASSWORD = '{{ .Values.portalPassword }}'
-# sdngc info - everything is from the private oam network (also called onap private network)
-GLOBAL_SDNGC_SERVER_PROTOCOL = "http"
-GLOBAL_SDNGC_REST_PORT = "8282"
-GLOBAL_SDNGC_ADMIN_PORT = "8843"
-GLOBAL_SDNGC_USERNAME = '{{ .Values.sdncUsername }}'
-GLOBAL_SDNGC_PASSWORD = '{{ .Values.sdncPassword }}'
-# sms (AAF) info
-GLOBAL_SMS_SERVER_PROTOCOL = "https"
-GLOBAL_SMS_SERVER_NAME = 'aaf-sms.{{include "common.namespace" .}}'
-GLOBAL_SMS_SERVER_PORT = "10443"
-# vid info - everything is from the private oam network (also called onap private network)
-GLOBAL_VID_SERVER_PROTOCOL = '{{ .Values.vidServerProtocol }}'
-GLOBAL_VID_SERVER_PORT = '{{ .Values.vidServerPort }}'
-GLOBAL_VID_USERNAME = '{{ .Values.vidUsername }}'
-GLOBAL_VID_PASSWORD = '{{ .Values.vidPassword}}'
-GLOBAL_VID_HEALTH_USERNAME = '{{ .Values.vidHealthUsername }}'
-GLOBAL_VID_HEALTH_PASSWORD = '{{ .Values.vidHealthPassword }}'
-# vnfsdk info - everything is from the private oam network (also called onap private network)
-GLOBAL_VNFSDK_SERVER_PROTOCOL = "http"
-GLOBAL_VNFSDK_SERVER_PORT = "8702"
-
-GLOBAL_DCAE_VES_PROTOCOL = "http"
-GLOBAL_DCAE_VES_SERVER_PORT = "8080"
-#global selenium info
-GLOBAL_PROXY_WARNING_TITLE=""
-GLOBAL_PROXY_WARNING_CONTINUE_XPATH=""
-# dns info
-GLOBAL_DNS_TRAFFIC_DURATION = "600"
-# location where heat templates and data are loaded from
-GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/ONAP/demo/heat"
-GLOBAL_PRELOAD_DATA_FOLDER = "/var/opt/ONAP/demo/preload-data"
+++ /dev/null
-# Copyright (c) 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# File generated from /opt/config
-#
-GLOBAL_INJECTED_AAF_IP_ADDR = 'aaf-service.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_AAI1_IP_ADDR = 'aai.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_AAI2_IP_ADDR = 'N/A'
-GLOBAL_INJECTED_APPC_IP_ADDR = 'appc.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_APPC_CDT_IP_ADDR = 'appc-cdt.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}'
-GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}"
-GLOBAL_INJECTED_CLAMP_IP_ADDR = 'clamp.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_CLI_IP_ADDR = 'cli.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_CLOUD_ENV = 'openstack'
-GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}"
-GLOBAL_INJECTED_DCAE_IP_ADDR = 'dcae-healthcheck.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_DCAE_VES_HOST = 'dcae-ves-collector.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = 'dmaap-dr-prov.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = 'dmaap-dr-node.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_DNS_IP_ADDR = 'N/A'
-GLOBAL_INJECTED_DOCKER_VERSION = '1.2-STAGING-latest'
-GLOBAL_INJECTED_EXTERNAL_DNS = 'N/A'
-GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = 'log-es.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = 'log-kibana.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = 'log-ls-http.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = 'pomba-aaictxbuilder.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = 'pomba-sdcctxbuilder.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = 'pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = 'pomba-servicedecomposition.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = 'pomba-sdncctxbuilder.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = 'pomba-networkdiscovery.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = 'pomba-validation-service.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = 'pomba-kibana.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = 'pomba-es.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = 'pomba-contextaggregator.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_KEYSTONE = '{{ .Values.openStackKeyStoneUrl }}'
-GLOBAL_INJECTED_MR_IP_ADDR = 'message-router.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_BC_IP_ADDR = 'dmaap-bc.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_MUSIC_IP_ADDR = 'music.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_NBI_IP_ADDR = 'nbi.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_NETWORK = '{{ .Values.openStackPrivateNetId }}'
-GLOBAL_INJECTED_NEXUS_DOCKER_REPO = 'nexus3.onap.org:10001'
-GLOBAL_INJECTED_NEXUS_PASSWORD = 'docker'
-GLOBAL_INJECTED_NEXUS_REPO ='https://nexus.onap.org/content/sites/raw'
-GLOBAL_INJECTED_NEXUS_USERNAME = 'docker'
-GLOBAL_INJECTED_OOF_IP_ADDR = 'N/A'
-GLOBAL_INJECTED_OOF_HOMING_IP_ADDR = 'oof-has-api.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR = 'oof-osdf.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_OOF_CMSO_IP_ADDR = 'oof-cmso.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_MSB_IP_ADDR = 'msb-iag.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_OPENSTACK_API_KEY = '{{ .Values.config.openStackEncryptedPasswordHere}}'
-GLOBAL_INJECTED_OPENSTACK_PASSWORD = '{{ .Values.openStackPassword }}'
-GLOBAL_INJECTED_OPENSTACK_TENANT_ID = '{{ .Values.openStackTenantId }}'
-GLOBAL_INJECTED_OPENSTACK_USERNAME = '{{ .Values.openStackUserName }}'
-GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = '{{ .Values.openStackProjectName }}'
-GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = '{{ .Values.openStackDomainId }}'
-GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN = '{{ .Values.openStackUserDomain }}'
-GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = '{{ .Values.openStackKeystoneAPIVersion }}'
-GLOBAL_INJECTED_REGION_THREE = '{{ .Values.openStackRegionRegionThree }}'
-GLOBAL_INJECTED_KEYSTONE_REGION_THREE = '{{ .Values.openStackKeyStoneUrlRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = '{{ .Values.openStackKeystoneAPIVersionRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = '{{ .Values.openStackUserNameRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE = '{{ .Values.openStackPasswordRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE = '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD = '{{ .Values.config.openStackSoEncryptedPassword}}'
-GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = '{{ .Values.openStackTenantIdRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = '{{ .Values.openStackProjectNameRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = '{{ .Values.openStackDomainIdRegionThree }}'
-GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX = '{{ .Values.openStackOamNetworkCidrPrefix }}'
-GLOBAL_INJECTED_OPENSTACK_PUBLIC_NETWORK = '{{ .Values.openStackPublicNetworkName }}'
-GLOBAL_INJECTED_OPENSTACK_SECURITY_GROUP = '{{ .Values.openStackSecurityGroup }}'
-GLOBAL_INJECTED_OPENSTACK_PRIVATE_SUBNET_ID = "{{ .Values.openStackPrivateSubnetId }}"
-GLOBAL_INJECTED_OPENSTACK_PRIVATE_NET_CIDR = "{{ .Values.openStackPrivateNetCidr }}"
-GLOBAL_INJECTED_POLICY_IP_ADDR = 'pdp.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = 'drools.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_PORTAL_IP_ADDR = 'portal-app.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POLICY_API_IP_ADDR = 'policy-api.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POLICY_PAP_IP_ADDR = 'policy-pap.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR = 'policy-distribution.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR = 'policy-xacml-pdp.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR = 'policy-apex-pdp.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_PUBLIC_NET_ID = '{{ .Values.openStackPublicNetId }}'
-GLOBAL_INJECTED_PUBLIC_KEY = "{{ .Values.vnfPubKey }}"
-GLOBAL_INJECTED_REGION = '{{ .Values.openStackRegion }}'
-GLOBAL_INJECTED_SCRIPT_VERSION = '{{ .Values.scriptVersion }}'
-GLOBAL_INJECTED_SDC_BE_IP_ADDR = 'sdc-be.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR = 'sdc-onboarding-be.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SDC_FE_IP_ADDR = 'sdc-fe.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SDC_IP_ADDR = 'N/A'
-GLOBAL_INJECTED_SDNC_IP_ADDR = 'sdnc.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR = 'sdnc-portal.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_APIHAND_IP_ADDR = 'so.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR = 'so-sdc-controller.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_BPMN_IP_ADDR = 'so-bpmn-infra.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_CATDB_IP_ADDR = 'so-catalog-db-adapter.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_IP_ADDR = 'so.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = 'so-openstack-adapter.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_REQDB_IP_ADDR = 'so-request-db-adapter.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_SDNC_IP_ADDR = 'so-sdnc-adapter.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_VFC_IP_ADDR = 'so-vfc-adapter.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_SO_VNFM_IP_ADDR = 'so-vnfm-adapter.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_UBUNTU_1404_IMAGE = '{{ .Values.ubuntu14Image }}'
-GLOBAL_INJECTED_UBUNTU_1604_IMAGE = '{{ .Values.ubuntu16Image }}'
-GLOBAL_INJECTED_VM_IMAGE_NAME = '{{ .Values.ubuntu14Image }}'
-GLOBAL_INJECTED_VID_IP_ADDR = 'vid.{{include "common.namespace" .}}'
-GLOBAL_INJECTED_VM_FLAVOR = '{{ .Values.openStackFlavourMedium }}'
-GLOBAL_INJECTED_VNFSDK_IP_ADDR = 'refrepo.{{include "common.namespace" .}}'
-
-GLOBAL_INJECTED_PROPERTIES = {
- "GLOBAL_INJECTED_AAF_IP_ADDR" : 'aaf-service.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_AAI1_IP_ADDR" : 'aai.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_AAI2_IP_ADDR" : 'N/A',
- "GLOBAL_INJECTED_APPC_IP_ADDR" : 'appc.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_APPC_CDT_IP_ADDR" : 'appc-cdt.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_ARTIFACTS_VERSION" : '{{.Values.demoArtifactsVersion}}',
- "GLOBAL_INJECTED_ARTIFACTS_REPO_URL" : "{{ .Values.demoArtifactsRepoUrl }}",
- "GLOBAL_INJECTED_CLAMP_IP_ADDR" : 'clamp.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_CLI_IP_ADDR" : 'cli.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_CLOUD_ENV" : 'openstack',
- "GLOBAL_INJECTED_DCAE_COLLECTOR_IP" : "{{ .Values.dcaeCollectorIp }}",
- "GLOBAL_INJECTED_DCAE_IP_ADDR" : 'dcae-healthcheck.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_DCAE_VES_HOST" : 'dcae-ves-collector.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR" : 'dmaap-dr-prov.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR" : 'dmaap-dr-node.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_DNS_IP_ADDR" : 'N/A',
- "GLOBAL_INJECTED_DOCKER_VERSION" : '1.2-STAGING-latest',
- "GLOBAL_INJECTED_EXTERNAL_DNS" : 'N/A',
- "GLOBAL_INJECTED_KEYSTONE" : '{{ .Values.openStackKeyStoneUrl }}',
- "GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR" : 'log-es.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR" : 'log-kibana.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR" : 'log-ls.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_MR_IP_ADDR" : 'message-router.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_BC_IP_ADDR" : 'dmaap-bc.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : 'pomba-aaictxbuilder.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : 'pomba-sdcctxbuilder.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : 'pomba-networkdiscovery.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : 'pomba-servicedecomposition.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : 'pomba-sdncctxbuilder.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : 'pomba-contextaggregator.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_MUSIC_IP_ADDR" : 'music.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_NBI_IP_ADDR" : 'nbi.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_NETWORK" : '{{ .Values.openStackPrivateNetId }}',
- "GLOBAL_INJECTED_NEXUS_DOCKER_REPO" : 'nexus3.onap.org:10001',
- "GLOBAL_INJECTED_NEXUS_PASSWORD" : 'docker',
- "GLOBAL_INJECTED_NEXUS_REPO" : 'https://nexus.onap.org/content/sites/raw',
- "GLOBAL_INJECTED_NEXUS_USERNAME" : 'docker',
- "GLOBAL_INJECTED_OOF_IP_ADDR" : 'N/A',
- "GLOBAL_INJECTED_OOF_HOMING_IP_ADDR" : 'oof-has-api.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR" : 'oof-osdf.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_OOF_CMSO_IP_ADDR" : 'oof-cmso.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_MSB_IP_ADDR" : 'msb-iag.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_OPENSTACK_API_KEY" : '{{ .Values.config.openStackEncryptedPasswordHere}}',
- "GLOBAL_INJECTED_OPENSTACK_PASSWORD" : '{{ .Values.openStackPassword }}',
- "GLOBAL_INJECTED_OPENSTACK_TENANT_ID" : '{{ .Values.openStackTenantId }}',
- "GLOBAL_INJECTED_OPENSTACK_USERNAME" : '{{ .Values.openStackUserName }}',
- "GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : '{{ .Values.openStackProjectName }}',
- "GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : '{{ .Values.openStackDomainId }}',
- "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN" : '{{ .Values.openStackUserDomain }}',
- "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : '{{ .Values.openStackKeystoneAPIVersion }}',
- "GLOBAL_INJECTED_REGION_THREE" : '{{ .Values.openStackRegionRegionThree }}',
- "GLOBAL_INJECTED_KEYSTONE_REGION_THREE" : '{{ .Values.openStackKeyStoneUrlRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE" : '{{ .Values.openStackKeystoneAPIVersionRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE" : '{{ .Values.openStackUserNameRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE" : '{{ .Values.openStackPasswordRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE" : '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD" : '{{ .Values.config.openStackSoEncryptedPassword}}',
- "GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE" : '{{ .Values.openStackTenantIdRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE" : '{{ .Values.openStackProjectNameRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE" : '{{ .Values.openStackDomainIdRegionThree }}',
- "GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX" : '{{ .Values.openStackOamNetworkCidrPrefix }}',
- "GLOBAL_INJECTED_OPENSTACK_PUBLIC_NETWORK" : '{{ .Values.openStackPublicNetworkName }}',
- "GLOBAL_INJECTED_OPENSTACK_SECURITY_GROUP": '{{ .Values.openStackSecurityGroup }}',
- "GLOBAL_INJECTED_OPENSTACK_PRIVATE_SUBNET_ID" : "{{ .Values.openStackPrivateSubnetId }}",
- "GLOBAL_INJECTED_OPENSTACK_PRIVATE_NET_CIDR" : "{{ .Values.openStackPrivateNetCidr }}",
- "GLOBAL_INJECTED_POLICY_IP_ADDR" : 'pdp.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : 'drools.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POLICY_API_IP_ADDR" : 'policy-api.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POLICY_PAP_IP_ADDR" : 'policy-pap.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR" : 'policy-distribution.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR" : 'policy-xacml-pdp.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR" : 'policy-apex-pdp.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_PORTAL_IP_ADDR" : 'portal-app.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_PUBLIC_NET_ID" : '{{ .Values.openStackPublicNetId }}',
- "GLOBAL_INJECTED_PUBLIC_KEY" : "{{ .Values.vnfPubKey }}",
- "GLOBAL_INJECTED_REGION" : '{{ .Values.openStackRegion }}',
- "GLOBAL_INJECTED_SDC_BE_IP_ADDR" : 'sdc-be.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR" : 'sdc-onboarding-be.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SDC_FE_IP_ADDR" : 'sdc-fe.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SDC_IP_ADDR" : 'N/A',
- "GLOBAL_INJECTED_SCRIPT_VERSION" : '{{ .Values.scriptVersion }}',
- "GLOBAL_INJECTED_SDNC_IP_ADDR" : 'sdnc.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR" : 'sdnc-portal.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_APIHAND_IP_ADDR" : 'so.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR" : 'so-sdc-controller.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_BPMN_IP_ADDR" : 'so-bpmn-infra.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_CATDB_IP_ADDR" : 'so-catalog-db-adapter.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_IP_ADDR" : 'so.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR" : 'so-openstack-adapter.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : 'so-request-db-adapter.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : 'so-sdnc-adapter.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_VFC_IP_ADDR" : 'so-vfc-adapter.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : 'so-vnfm-adapter.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : '{{.Values.ubuntu14Image}}',
- "GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : '{{.Values.ubuntu16Image}}',
- "GLOBAL_INJECTED_VM_IMAGE_NAME" : '{{ .Values.ubuntu14Image }}',
- "GLOBAL_INJECTED_VID_IP_ADDR" : 'vid.{{include "common.namespace" .}}',
- "GLOBAL_INJECTED_VM_FLAVOR" : '{{ .Values.openStackFlavourMedium }}',
- "GLOBAL_INJECTED_VNFSDK_IP_ADDR" : 'refrepo.{{include "common.namespace" .}}'
-
-}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global: # global defaults
- nodePortPrefix: 302
- ubuntuInitRepository: registry.hub.docker.com
- persistence: {}
-
-# application image
-repository: nexus3.onap.org:10001
-image: onap/testsuite:1.4.2
-pullPolicy: Always
-
-ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-config:
-
-# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
- openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
- openStackSoEncryptedPassword: "SAME_STRING_AS_SO_JAVA_ENCRYPTED_PASSWORD"
-
-# Demo configuration
-# Nexus demo artifact version. Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION
-demoArtifactsVersion: "1.4.0"
-# Nexus demo artifact URL.
-demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
-# Openstack medium sized flavour name. Maps GLOBAL_INJECTED_VM_FLAVOR
-openStackFlavourMedium: "m1.medium"
-
-################# Openstack .RC Parameters ################################333
-# KEYSTONE Version 3 Required for Rocky and beyond
-# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION
-openStackKeystoneAPIVersion: "v2.0"
-
-# OS_AUTH_URL without the /v3 or /v2.0 from the openstack .RC file
-# Openstack keystone URL. Maps to GLOBAL_INJECTED_KEYSTONE
-openStackKeyStoneUrl: "http://1.2.3.4:5000"
-
-# OS_PROJECT_ID from the openstack .RC file
-# Openstack tenant UUID where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_TENANT_ID
-openStackTenantId: "47899782ed714295b1151681fdfd51f5"
-
-# OS_PROJECT_NAME from the openstack .RC file
-# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME
-openStackProjectName: "onap"
-
-# OS_USERNAME from the openstack .RC file
-# username for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_USERNAME
-openStackUserName: "tenantUsername"
-
-# OS_PROJECT_DOMAIN_ID from the openstack .RC file
-# in some environments it is a string but in other environmens it may be a numeric
-# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID
-openStackDomainId: "default"
-
-# OS_USER_DOMAIN from the openstack .RC file
-# Use Domain of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN
-openStackUserDomain: "Default"
-
-
-# UUID of the Openstack network that can assign floating ips. Maps to GLOBAL_INJECTED_PUBLIC_NET_ID
-openStackPublicNetId: "e8f51958045716781ffc"
-openStackPublicNetworkName: "public"
-# password for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PASSWORD
-openStackPassword: "tenantPassword"
-# Openstack region. Maps to GLOBAL_INJECTED_REGION
-openStackRegion: "RegionOne"
-
-
-# Values for second cloud instante for VNF instantiatioen testing and keystone v3
-openStackRegionRegionThree: "RegionThree"
-openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000"
-openStackKeystoneAPIVersionRegionThree: "v3"
-openStackUserNameRegionThree: "demo"
-openStackPasswordRegionThree: "tenantPassword"
-# this is the java encrypted password that is needed for SO
-openSackMsoEncryptdPasswordRegionThree: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
-openStackTenantIdRegionThree: "3583253e932845a09cd4c8ca2f31d095"
-openStackProjectNameRegionThree: "Integration-SB-RegionThree"
-openStackDomainIdRegionThree: "Default"
-#
-# Openstack glance image name for Ubuntu 14. Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE
-ubuntu14Image: "Ubuntu_14_trusty"
-# Openstack glance image name for Ubuntu 16. Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE
-ubuntu16Image: "Ubuntu_16_xenial"
-# GLOBAL_INJECTED_SCRIPT_VERSION. Maps to GLOBAL_INJECTED_SCRIPT_VERSION
-scriptVersion: "1.4.0"
-# Openstack network to which VNFs will bind their primary (first) interface. Maps to GLOBAL_INJECTED_NETWORK
-openStackPrivateNetId: "e8f51956-00dd-4425-af36-045716781ffc"
-# Openstack security group for instantiating VNFs
-openStackSecurityGroup: "onap_sg"
-# SDNC Preload configuration
-# Openstack subnet UUID for the network defined by openStackPrivateNetId. Maps to onap_private_subnet_id
-openStackPrivateSubnetId: "e8f51956-00dd-4425-af36-045716781ffc"
-# CIDR notation for the Openstack private network where VNFs will be spawned. Maps to onap_private_net_cidr
-openStackPrivateNetCidr: "10.0.0.0/8"
-# The first 2 octets of the private Openstack subnet where VNFs will be spawned.
-# Needed because sdnc preload templates hardcodes things like this 10.0.${ecompnet}.X
-openStackOamNetworkCidrPrefix: "10.0"
-# VID protocol/port until Selenium issue with SSL resolved
-# https/8443 vs http/8080
-vidServerProtocol: "http"
-vidServerPort: "8080"
-# Override with Pub Key for access to VNF
-vnfPubKey: "FILL_IN_WITH_PUB_KEY"
-# Override with DCAE VES Collector external IP
-dcaeCollectorIp: "FILL_IN_WITH_DCAE_VES_COLLECTOR_IP"
-
-# Credentials for ONAP Component
-# AAF
-aafUsername: "demo@people.osaaf.org"
-aafPassword: "demo123456!"
-# AAI
-aaiUsername: "aai@aai.onap.org"
-aaiPassword: "demo123456!"
-# APPC
-appcUsername: "appc@appc.onap.org"
-appcPassword: "demo123456!"
-# DCAE
-dcaeUsername: "console"
-dcaePassword: "ZjJkYjllMjljMTI2M2Iz"
-# DROOLS
-droolsUsername: "demo@people.osaaf.org"
-droolsPassword: "demo123456!"
-# OOF
-oofCmsoUsername: "oof@oof.onap.org"
-oofCmsoPassword: "demo123456!"
-# POLICY
-policyAuth: "dGVzdHBkcDphbHBoYTEyMw=="
-policyClientAuth: "cHl0aG9uOnRlc3Q="
-policyUsername: "demo@people.osaaf.org"
-policyPassword: "demo123456!"
-policyComponentUsername: "healthcheck"
-policyComponentPassword: "zb!XztG34"
-# PORTAL
-portalUsername: "demo"
-portalPassword: "Kp8bJ4SXszM0WXlhak3eHlcse"
-# SO
-soUsername: "InfraPortalClient"
-soPassword: "password1$"
-soCatdbUsername: "bpel"
-soCatdbPassword: "password1$"
-# SDNC
-sdncUsername: "admin"
-sdncPassword: "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U"
-# VID
-vidUsername: "demo"
-vidPassword: "Kp8bJ4SXszM0WX"
-vidHealthUsername: "Default"
-vidHealthPassword: "AppPassword!1"
-# DMAAP BC
-bcUsername: "dmaap-bc@dmaap-bc.onap.org"
-bcPassword: "demo123456!"
-# DMAAP KAFKA JAAS
-kafkaJaasUsername: "admin"
-kafkaJaasPassword: "admin_secret"
-
-#OOF
-oofUsername: "oof@oof.onap.org"
-oofPassword: "demo123456!"
-cmsoUsername: "oof@oof.onap.org"
-cmsoPassword: "demo123456!"
-oofOsdfPciOptUsername: "oof@oof.onap.org"
-oofOsdfPciOptPassword: "demo123456!"
-oofHomingUsername: "admin1"
-oofHomingPassword: "plan.15"
-
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
- memory: 1Gi
- large:
- limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
- memory: 2Gi
- unlimited: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 180
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 180
- periodSeconds: 10
-
-service:
- name: robot
- type: NodePort
- portName: httpd
- externalPort: 88
- internalPort: 88
- nodePort: "09"
-
-ingress:
- enabled: false
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteMany
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: robot/logs
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.4.1
-backendInitImage: onap/sdc-backend-init:1.4.1
+image: onap/sdc-backend:1.5.1
+backendInitImage: onap/sdc-backend-init:1.5.1
pullPolicy: Always
# flag to enable debugging - application support required
cpu: 20m
memory: 2Gi
unlimited: {}
+
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.4.1
-cassandraInitImage: onap/sdc-cassandra-init:1.4.1
+image: onap/sdc-cassandra:1.5.1
+cassandraInitImage: onap/sdc-cassandra-init:1.5.1
pullPolicy: Always
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-be:1.3.0
+image: onap/dcae-be:1.3.1
pullPolicy: Always
-backendInitImage: onap/dcae-tools:1.3.0
+backendInitImage: onap/dcae-tools:1.3.1
# flag to enable debugging - application support required
debugEnabled: false
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-dt:1.2.0
+image: onap/dcae-dt:1.3.1
pullPolicy: IfNotPresent
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-fe:1.3.0
+image: onap/dcae-fe:1.3.1
pullPolicy: Always
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-tosca-app:1.3.0
+image: onap/dcae-tosca-app:1.3.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-elasticsearch:1.4.1
-elasticInitImage: onap/sdc-init-elasticsearch:1.4.1
+image: onap/sdc-elasticsearch:1.5.1
+elasticInitImage: onap/sdc-init-elasticsearch:1.5.1
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.4.1
+image: onap/sdc-frontend:1.5.1
pullPolicy: Always
config:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-kibana:1.4.1
+image: onap/sdc-kibana:1.5.1
pullPolicy: Always
config:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.4.1
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4.1
+image: onap/sdc-onboard-backend:1.5.1
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.5.1
pullPolicy: Always
# flag to enable debugging - application support required
"commitlog_dir": "/var/lib/cassandra/commitlog",
"socket_read_timeout": "20000",
"socket_connect_timeout": "20000",
- "titan_connection_timeout": "10000",
+ "janusgraph_connection_timeout": "10000",
"replication_factor": "{{.Values.global.cassandra.replicaCount}}"
}
}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.5.4
+image: onap/sdnc-dmaap-listener-image:1.6.2
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.5.4
+image: onap/sdnc-ansible-server-image:1.6.2
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.5.4
+image: onap/admportal-sdnc-image:1.6.2
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.5.4
+image: onap/sdnc-ueb-listener-image:1.6.2
pullPolicy: Always
# flag to enable debugging - application support required
--- /dev/null
+
+odl-cluster-data {
+ akka {
+ remote {
+ artery {
+ enabled = off
+ canonical.hostname = "127.0.0.1"
+ canonical.port = 2550
+ }
+ netty.tcp {
+ hostname = "127.0.0.1"
+ port = 2550
+ }
+
+ use-passive-connections = off
+ # when under load we might trip a false positive on the failure detector
+ # transport-failure-detector {
+ # heartbeat-interval = 4 s
+ # acceptable-heartbeat-pause = 16s
+ # }
+ }
+
+ actor {
+ debug {
+ autoreceive = on
+ lifecycle = on
+ unhandled = on
+ fsm = on
+ event-stream = on
+ }
+ }
+
+ cluster {
+ # Remove ".tcp" when using artery.
+ seed-nodes = ["akka.tcp://opendaylight-cluster-data@127.0.0.1:2550"]
+
+ seed-node-timeout = {{.Values.config.odl.akka.seedNodeTimeout}}
+
+ roles = ["member-1"]
+
+ }
+
+ persistence {
+ # By default the snapshots/journal directories live in KARAF_HOME. You can choose to put it somewhere else by
+ # modifying the following two properties. The directory location specified may be a relative or absolute path.
+ # The relative path is always relative to KARAF_HOME.
+
+ # snapshot-store.local.dir = "target/snapshots"
+ # journal.leveldb.dir = "target/journal"
+
+ journal {
+ leveldb {
+ # Set native = off to use a Java-only implementation of leveldb.
+ # Note that the Java-only version is not currently considered by Akka to be production quality.
+
+ # native = off
+ }
+
+ journal-plugin-fallback {
+ circuit-breaker {
+ max-failures = {{.Values.config.odl.akka.circuitBreaker.maxFailures}}
+ call-timeout = {{.Values.config.odl.akka.circuitBreaker.callTimeout}}
+ reset-timeout = {{.Values.config.odl.akka.circuitBreaker.resetTimeout}}
+ }
+ recovery-event-timeout = {{.Values.config.odl.akka.recoveryEventTimeout}}
+ }
+
+ snapshot-store-plugin-fallback {
+ circuit-breaker {
+ max-failures = {{.Values.config.odl.akka.circuitBreaker.maxFailures}}
+ call-timeout = {{.Values.config.odl.akka.circuitBreaker.callTimeout}}
+ reset-timeout = {{.Values.config.odl.akka.circuitBreaker.resetTimeout}}
+ }
+ recovery-event-timeout = {{.Values.config.odl.akka.recoveryEventTimeout}}
+ }
+ }
+ }
+ }
+}
+
--- /dev/null
+# This file specifies property settings for the clustered data store to control its behavior. A
+# property may be applied to every data store type ("config" and "operational") or can be customized
+# differently for each data store type by prefixing the data store type + '.'. For example, specifying
+# the "shard-election-timeout-factor" property would be applied to both data stores whereas specifying
+# "operational.shard-election-timeout-factor" would only apply to the "operational" data store. Similarly,
+# specifying "config.shard-election-timeout-factor" would only apply to the "config" data store.
+
+# The multiplication factor to be used to determine shard election timeout. The shard election timeout
+# is determined by multiplying shardHeartbeatIntervalInMillis with the shardElectionTimeoutFactor.
+shard-election-timeout-factor=20
+
+# The interval at which a shard will send a heart beat message to its remote shard.
+#shard-heartbeat-interval-in-millis=500
+
+# The amount by which to divide election timeout in case of a candidate. This serves as a counter-balance
+# to shard-election-timeout-factor. The default value is 1, i.e. election timeout is the same in all
+# situations.
+#shard-candidate-election-timeout-divisor=1
+
+# The maximum amount of time to wait for a shard to elect a leader before failing an operation (eg transaction create).
+#shard-leader-election-timeout-in-seconds=30
+
+# Enable or disable data persistence.
+#persistent=true
+
+# Disable persistence for the operational data store by default.
+operational.persistent=false
+
+# The maximum amount of time a shard transaction can be idle without receiving any messages before it self-destructs.
+#shard-transaction-idle-timeout-in-minutes=10
+
+# The maximum amount of time a shard transaction three-phase commit can be idle without receiving the
+# next messages before it aborts the transaction.
+#shard-transaction-commit-timeout-in-seconds=30
+
+# The maximum allowed capacity for each shard's transaction commit queue.
+#shard-transaction-commit-queue-capacity=20000
+
+# The maximum amount of time to wait for a shard to initialize from persistence on startup before
+# failing an operation (eg transaction create and change listener registration).
+#shard-initialization-timeout-in-seconds=300
+
+# The minimum number of entries to be present in the in-memory journal log before a snapshot is to be taken.
+#shard-snapshot-batch-count=20000
+
+# The percentage of Runtime.totalMemory() used by the in-memory journal log before a snapshot is to be taken.
+#shard-snapshot-data-threshold-percentage=12
+
+# The interval at which the leader of the shard will check if its majority followers are active and
+# term itself as isolated.
+#shard-isolated-leader-check-interval-in-millis=5000
+
+# The number of transaction modification operations (put, merge, delete) to batch before sending to the
+# shard transaction actor. Batching improves performance as less modifications messages are sent to the
+# actor and thus lessens the chance that the transaction actor's mailbox queue could get full.
+#shard-batched-modification-count=1000
+
+# The maximum amount of time for akka operations (remote or local) to complete before failing.
+#operation-timeout-in-seconds=5
+
+# The initial number of transactions per second that are allowed before the data store should begin
+# applying back pressure. This number is only used as an initial guidance, subsequently the datastore
+# measures the latency for a commit and auto-adjusts the rate limit.
+#transaction-creation-initial-rate-limit=100
+
+# The maximum thread pool size for each shard's data store data change notification executor.
+#max-shard-data-change-executor-pool-size=20
+
+# The maximum queue size for each shard's data store data change notification executor.
+#max-shard-data-change-executor-queue-size=1000
+
+# The maximum queue size for each shard's data store data change listener.
+#max-shard-data-change-listener-queue-size=1000
+
+# The maximum queue size for each shard's data store executor.
+#max-shard-data-store-executor-queue-size=5000
+
+# A fully qualified java class name. The class should implement
+# org.opendaylight.controller.cluster.raft.policy.RaftPolicy. This java class should be
+# accessible to the distributed data store OSGi module so that it can be dynamically loaded via
+# reflection. For now let's assume that these classes to customize raft behaviors should be
+# present in the distributed data store module itself. If this property is set to a class which
+# cannot be found then the default raft policy will be applied
+#custom-raft-policy-implementation=
+
+# When fragmenting messages thru the akka remoting framework, this is the maximum size in bytes
+# for a message slice.
+#maximum-message-slice-size=20480000
+
+# Enable tell-based protocol between frontend (applications) and backend (shards). Using this protocol
+# should avoid AskTimeoutExceptions seen under heavy load. Defaults to false (use ask-based protocol).
+#use-tell-based-protocol=true
+
+# Tune the maximum number of entries a follower is allowed to lag behind the leader before it is
+# considered out-of-sync. This flag may require tuning in face of a large number of small transactions.
+#sync-index-threshold=10
+
+# Record new transaction allocation stack trace, useful for debugging. This makes the log include
+# the stack trace of the creator of the Tx when there is an exception when the transaction is submitted
+# (e.g. for a failed validation). Defaults to false due to performance impact.
+#transaction-debug-context-enabled=true
+persistent-actor-restart-min-backoff-in-seconds={{.Values.config.odl.datastore.persistentActorRestartMinBackoffInSeconds}}
+persistent-actor-restart-max-backoff-in-seconds={{.Values.config.odl.datastore.persistentActorRestartMaxBackoffInSeconds}}
+persistent-actor-restart-reset-backoff-in-seconds={{.Values.config.odl.datastore.persistentActorRestartResetBackoffInSeconds}}
+shard-transaction-commit-timeout-in-seconds={{.Values.config.odl.datastore.shardTransactionCommitTimeoutInSeconds}}
+shard-isolated-leader-check-interval-in-millis={{.Values.config.odl.datastore.shardIsolatedLeaderCheckIntervalInMillis}}
+operation-timeout-in-seconds={{.Values.config.odl.datastore.operationTimeoutInSeconds}}
--- /dev/null
+#!/bin/sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# handle specific scripts; the SCRIPT_NAME is exactly the name of the Karaf
+# script: client, instance, shell, start, status, stop, karaf
+#
+# if [ "${KARAF_SCRIPT}" == "SCRIPT_NAME" ]; then
+# Actions go here...
+# fi
+
+#
+# general settings which should be applied for all scripts go here; please keep
+# in mind that it is possible that scripts might be executed more than once, e.g.
+# in example of the start script where the start script is executed first and the
+# karaf script afterwards.
+#
+
+#
+# The following section shows the possible configuration options for the default
+# karaf scripts
+#
+# export JAVA_HOME # Location of Java installation
+# export JAVA_MIN_MEM # Minimum memory for the JVM
+# export JAVA_MAX_MEM # Maximum memory for the JVM
+# export JAVA_PERM_MEM # Minimum perm memory for the JVM
+# export JAVA_MAX_PERM_MEM # Maximum perm memory for the JVM
+# export EXTRA_JAVA_OPTS # Additional JVM options
+# export KARAF_HOME # Karaf home folder
+# export KARAF_DATA # Karaf data folder
+# export KARAF_BASE # Karaf base folder
+# export KARAF_ETC # Karaf etc folder
+# export KARAF_SYSTEM_OPTS # First citizen Karaf options
+# export KARAF_OPTS # Additional available Karaf options
+# export KARAF_DEBUG # Enable debug mode
+# export KARAF_REDIRECT # Enable/set the std/err redirection when using bin/start
+# export KARAF_NOROOT # Prevent execution as root if set to true
+if [ "x$JAVA_MAX_MEM" = "x" ]; then
+ export JAVA_MAX_MEM="2048m"
+fi
+
+EXTRA_JAVA_OPTS: "-XX:+UseG1GC -XX:MaxGCPauseMillis={{.Values.config.odl.javaOptions.maxGCPauseMillis}} \
+ -XX:ParallelGCThreads={{.Values.config.odl.javaOptions.parallelGCThreads}} -XX:+ParallelRefProcEnabled \
+ -XX:+UseStringDeduplication -XX:+PrintGC -XX:+PrintGCDateStamps -XX:+PrintGCDetails \
+ -XX:+PrintGCTimeStamps -XX:+UseGCLogFileRotation \
+ -XX:NumberOfGCLogFiles={{.Values.config.odl.javaOptions.numberGGLogFiles}} -Xloggc:/var/log/onap/sdnc/gc-%t.log"
--- /dev/null
+sdnc:
+ image: onap/sdnc-image:1.6.1
+ sdnc-ansible-server:
+ image: onap/sdnc-ansible-server-image:1.6.1
+ dmaap-listener:
+ image: onap/sdnc-dmaap-listener-image:1.6.1
+ sdnc-portal:
+ image: onap/admportal-sdnc-image:1.6.1
+ ueb-listener:
+ image: onap/sdnc-ueb-listener-image:1.6.1
+cds:
+ cds-command-executor:
+ image: onap/ccsdk-commandexecutor:0.5.1
+ cds-blueprints-processor:
+ image: onap/ccsdk-blueprintsprocessor:0.5.1
+ cds-ui:
+ image: onap/ccsdk-cds-ui-server:0.5.1
+ cds-controller-blueprints:
+ image: onap/ccsdk-controllerblueprints:0.5.1
+ cds-sdc-listener:
+ image: onap/ccsdk-sdclistener:0.5.1
+common:
+ dgbuilder:
+ image: onap/ccsdk-dgbuilder-image:0.5.1
+
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
containers:
- name: {{ include "common.name" . }}
- image: "{{.Values.image}}"
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: MYSQL_PASSWORD
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: "{{ .Values.service.portName }}-8282"
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
name: "{{ .Values.service.portName }}-8202"
- port: {{ .Values.service.externalPort3 }}
targetPort: {{ .Values.service.internalPort3 }}
name: logs
- mountPath: {{ .Values.certpersistence.certPath }}
name: {{ include "common.fullname" . }}-certs
+ - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml
+ name: properties
+ subPath: akka.conf
+ - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg
+ name: properties
+ subPath: org.opendaylight.controller.cluster.datastore.cfg
+ - mountPath: {{ .Values.config.odl.binDir }}/setenv
+ name: properties
+ subPath: setenv
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.5.4
+image: onap/sdnc-image:1.6.2
# flag to enable debugging - application support required
ansiblePort: 8000
javaHome: /usr/lib/jvm/java-1.8-openjdk
+ odl:
+ etcDir: /opt/opendaylight/etc
+ binDir: /opt/opendaylight/bin
+ salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config
+ salConfigVersion: 1.8.2
+ akka:
+ seedNodeTimeout: 15s
+ circuitBreaker:
+ maxFailures: 10
+ callTimeout: 90s
+ resetTimeout: 30s
+ recoveryEventTimeout: 90s
+ datastore:
+ persistentActorRestartMinBackoffInSeconds: 10
+ persistentActorRestartMaxBackoffInSeconds: 40
+ persistentActorRestartResetBackoffInSeconds: 20
+ shardTransactionCommitTimeoutInSeconds: 120
+ shardIsolatedLeaderCheckIntervalInMillis: 30000
+ operationTimeoutInSeconds: 120
+ javaOptions:
+ maxGCPauseMillis: 100
+ parallelGCThreads : 3
+ numberGGLogFiles: 10
+
+
+
#local Mariadb-galera cluster
localDBCluster: false
internalPort: 8181
internalPort2: 8101
internalPort3: 8080
- internalPort4: 2550
+ internalPort4: 8443
#port
externalPort: 8282
tomcat:
max-threads: 50
spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: bpmn-pool
+ registerMbeans: true
security:
usercredentials:
-
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.4.4
+image: onap/so/bpmn-infra:1.5.0
pullPolicy: Always
replicaCount: 1
db:
auth: Basic YnBlbDpwYXNzd29yZDEk
spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: catdb-pool
+ registerMbeans: true
security:
usercredentials:
-
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.4.4
+image: onap/so/catalog-db-adapter:1.5.0
pullPolicy: Always
replicaCount: 1
api:
url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/
auth: Basic YnBlbDpwYXNzd29yZDEk
+
+spring:
+ security:
+ usercredentials:
+ -
+ username: gui
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: GUI-Client
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.4.4
+image: onap/so/so-monitoring:1.5.0
pullPolicy: Always
replicaCount: 1
nodeSelector: {}
tolerations: []
affinity: {}
-
server:
port: {{ index .Values.containerPort }}
spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: catdb-pool
+ registerMbeans: false
security:
usercredentials:
-
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.4.4
+image: onap/so/openstack-adapter:1.5.0
pullPolicy: Always
repository: nexus3.onap.org:10001
auth: Basic YnBlbDpwYXNzd29yZDEk
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: reqdb-pool
+ registerMbeans: true
security:
usercredentials:
-
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.4.4
+image: onap/so/request-db-adapter:1.5.0
pullPolicy: Always
replicaCount: 1
server:
port: {{ index .Values.containerPort }}
spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: catdb-pool
+ registerMbeans: false
security:
usercredentials:
-
role: ACTUATOR
request:
datasource:
- jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: reqdb-pool
+ registerMbeans: false
mso:
msoKey: 07a7159d3bf51a0e53be7a8f89699be7
logPath: ./logs/sdc
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.4.4
+image: onap/so/sdc-controller:1.5.0
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.4.4
+image: onap/so/sdnc-adapter:1.5.0
pullPolicy: Always
replicaCount: 1
path: logs
spring:
datasource:
- driver-class-name: org.mariadb.jdbc.Driver
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
+ hikari:
+ driver-class-name: org.mariadb.jdbc.Driver
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ pool-name: reqdb-pool
+ registerMbeans: true
security:
usercredentials:
- username: bpel
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.4.4
+image: onap/so/vfc-adapter:1.5.0
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vnfm-adapter:1.4.4
+image: onap/so/vnfm-adapter:1.5.0
pullPolicy: Always
replicaCount: 1
auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
publisher:
topic: com.att.ecomp.mso.operationalEnvironmentEvent
+ health:
+ auth: Basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
+ endpoints:
+ - subsystem: apih
+ uri: http://so-bpmn-infra:8081
+ - subsystem: catalogdb
+ uri: http://so-catalog-db-adapter:8082
+
spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: catdb-pool
+ registerMbeans: true
jersey:
type: filter
security:
role: ACTUATOR
request:
datasource:
- jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: reqdb-pool
+ registerMbeans: true
org:
onap:
so:
serviceName: mariadb-galera
servicePort: "3306"
mariadbRootPassword: secretpassword
- #This flag allows SO to instantiate its own mariadb-galera cluster,
+ #This flag allows SO to instantiate its own mariadb-galera cluster,
#serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
localCluster: false
persistence:
dbPort: 3306
dbUser: root
dbPassword: secretpassword
-
+
#################################################################
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.4.4
+image: onap/so/api-handler-infra:1.5.0
pullPolicy: Always
replicaCount: 1
#repository: mysql
repository: nexus3.onap.org:10001
-image: adfinissygroup/k8s-mariadb-galera-centos:v002
+image: adfinissygroup/k8s-mariadb-galera-centos:v004
imageInit: busybox
pullPolicy: IfNotPresent
# default number of instances in the StatefulSet
-# keep in mind that if the number is increased you need to update vid-galera-config-job.yaml so that the job will know to wait for all pods.
-replicaCount: 1
+replicaCount: 2
nodeSelector: {}
- name: VID_MYSQL_MAXCONNECTIONS
value: "{{ .Values.config.vidmysqlmaxconnections }}"
volumeMounts:
+ - mountPath: /opt/app/vid/etc
+ name: vid-certs
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /usr/share/filebeat/data
name: vid-data-filebeat
volumes:
+ - name: vid-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-certs
- name: localtime
hostPath:
path: /etc/localtime
type: Opaque
data:
vid-password: {{ .Values.config.vidmysqlpassword | b64enc | quote }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName2 }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
{{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-http
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: ClusterIP
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ ports:
+ - name: {{ .Values.service.portName }}-http
+ port: {{ .Values.service.externalHttpPort }}
+ targetPort: {{ .Values.service.internalHttpPort }}
+ protocol: TCP
# application image
repository: nexus3.onap.org:10001
-image: onap/vid:4.3.1
+image: onap/vid:5.0.1
pullPolicy: Always
# mariadb image for initializing
externalPort: 8443
internalPort: 8443
nodePort: "00"
- portName2: vid-http
- externalPort2: 8080
- internalPort2: 8080
- nodePort2: "38"
+ externalHttpPort: 8080
+ internalHttpPort: 8080
ingress:
enabled: false
Code Review / oom.git / commitdiff