# Various IDEs\r
.project\r
.idea/\r
-*.tmproj\r
+*.tmproj
\ No newline at end of file
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/cm"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
flavor: small
-
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_cm:2.1.1
+image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// Table Initialization
-// First make sure the keyspace exists.
-
-USE authz;
-
-//
-// CORE Table function
-//
-
-// Namespace - establish hierarchical authority to modify
-// Permissions and Roles
-// "scope" is flag to determine Policy. Typical important scope
-// is "company" (1)
-CREATE TABLE ns (
- name varchar,
- scope int, // deprecated 2.0.11
- description varchar,
- parent varchar,
- type int,
- PRIMARY KEY (name)
-);
-CREATE INDEX ns_parent on ns(parent);
-
-CREATE TABLE ns_attrib (
- ns varchar,
- key varchar,
- value varchar,
- PRIMARY KEY (ns,key)
-);
-create index ns_attrib_key on ns_attrib(key);
-
-// Will be cached
-CREATE TABLE role (
- ns varchar,
- name varchar,
- perms set<varchar>, // Use "Key" of "name|type|action"
- description varchar,
- PRIMARY KEY (ns,name)
-);
-CREATE INDEX role_name ON role(name);
-
-// Will be cached
-CREATE TABLE perm (
- ns varchar,
- type varchar,
- instance varchar,
- action varchar,
- roles set<varchar>, // Need to find Roles given Permissions
- description varchar,
- PRIMARY KEY (ns,type,instance,action)
-);
-
-// This table is user for Authorization
-CREATE TABLE user_role (
- user varchar,
- role varchar, // deprecated: change to ns/rname after 2.0.11
- ns varchar,
- rname varchar,
- expires timestamp,
- PRIMARY KEY(user,role)
- );
-CREATE INDEX user_role_ns ON user_role(ns);
-CREATE INDEX user_role_role ON user_role(role);
-
-// This table is only for the case where return User Credential (MechID) Authentication
-CREATE TABLE cred (
- id varchar,
- type int,
- expires timestamp,
- ns varchar,
- other int,
- notes varchar,
- cred blob,
- prev blob,
- PRIMARY KEY (id,type,expires)
- );
-CREATE INDEX cred_ns ON cred(ns);
-
-// Certificate Cross Table
-// coordinated with CRED type 2
-CREATE TABLE cert (
- fingerprint blob,
- id varchar,
- x500 varchar,
- expires timestamp,
- PRIMARY KEY (fingerprint)
- );
-CREATE INDEX cert_id ON cert(id);
-CREATE INDEX cert_x500 ON cert(x500);
-
-CREATE TABLE notify (
- user text,
- type int,
- last timestamp,
- checksum int,
- PRIMARY KEY (user,type)
-);
-
-CREATE TABLE x509 (
- ca text,
- serial blob,
- id text,
- x500 text,
- x509 text,
- PRIMARY KEY (ca,serial)
-);
-
-
-CREATE INDEX x509_id ON x509 (id);
-CREATE INDEX x509_x500 ON x509 (x500);
-
-//
-// Deployment Artifact (for Certman)
-//
-CREATE TABLE artifact (
- mechid text,
- machine text,
- type Set<text>,
- sponsor text,
- ca text,
- dir text,
- os_user text,
- ns text,
- notify text,
- expires timestamp,
- renewDays int,
- sans Set<text>,
- PRIMARY KEY (mechid,machine)
-);
-CREATE INDEX artifact_machine ON artifact(machine);
-CREATE INDEX artifact_ns ON artifact(ns);
-
-//
-// Non-Critical Table functions
-//
-// Table Info - for Caching
-CREATE TABLE cache (
- name varchar,
- seg int, // cache Segment
- touched timestamp,
- PRIMARY KEY(name,seg)
-);
-
-CREATE TABLE history (
- id timeuuid,
- yr_mon int,
- user varchar,
- action varchar,
- target varchar, // user, user_role,
- subject varchar, // field for searching main portion of target key
- memo varchar, //description of the action
- reconstruct blob, //serialized form of the target
- // detail Map<varchar, varchar>, // additional information
- PRIMARY KEY (id)
-);
-CREATE INDEX history_yr_mon ON history(yr_mon);
-CREATE INDEX history_user ON history(user);
-CREATE INDEX history_subject ON history(subject);
-
-//
-// A place to hold objects to be created at a future time.
-//
-CREATE TABLE future (
- id uuid, // uniquify
- target varchar, // Target Table
- memo varchar, // Description
- start timestamp, // When it should take effect
- expires timestamp, // When not longer valid
- construct blob, // How to construct this object (like History)
- PRIMARY KEY(id)
-);
-CREATE INDEX future_idx ON future(target);
-CREATE INDEX future_start_idx ON future(start);
-
-
-CREATE TABLE approval (
- id timeuuid, // unique Key
- ticket uuid, // Link to Future Record
- user varchar, // the user who needs to be approved
- approver varchar, // user approving
- type varchar, // approver types i.e. Supervisor, Owner
- status varchar, // approval status. pending, approved, denied
- memo varchar, // Text for Approval to know what's going on
- operation varchar, // List operation to perform
- last_notified timestamp, // Timestamp for the last time approver was notified
- PRIMARY KEY(id)
- );
-CREATE INDEX appr_approver_idx ON approval(approver);
-CREATE INDEX appr_user_idx ON approval(user);
-CREATE INDEX appr_ticket_idx ON approval(ticket);
-CREATE INDEX appr_status_idx ON approval(status);
-
-CREATE TABLE approved (
- id timeuuid, // unique Key
- user varchar, // the user who needs to be approved
- approver varchar, // user approving
- type varchar, // approver types i.e. Supervisor, Owner
- status varchar, // approval status. pending, approved, denied
- memo varchar, // Text for Approval to know what's going on
- operation varchar, // List operation to perform
- PRIMARY KEY(id)
- );
-CREATE INDEX approved_approver_idx ON approved(approver);
-CREATE INDEX approved_user_idx ON approved(user);
-
-CREATE TABLE delegate (
- user varchar,
- delegate varchar,
- expires timestamp,
- PRIMARY KEY (user)
-);
-CREATE INDEX delg_delg_idx ON delegate(delegate);
-
-// OAuth Tokens
-CREATE TABLE oauth_token (
- id text, // Reference
- client_id text, // Creating Client ID
- user text, // User requesting
- active boolean, // Active or not
- type int, // Type of Token
- refresh text, // Refresh Token
- expires timestamp, // Expiration time/Date (signed long)
- exp_sec bigint, // Seconds from Jan 1, 1970
- content text, // Content of Token
- scopes Set<text>, // Scopes
- state text, // Context string (Optional)
- req_ip text, // Requesting IP (for logging purpose)
- PRIMARY KEY(id)
-) with default_time_to_live = 21600; // 6 hours
-CREATE INDEX oauth_token_user_idx ON oauth_token(user);
-
-CREATE TABLE locate (
- name text, // Component/Server name
- hostname text, // FQDN of Service/Component
- port int, // Port of Service
- major int, // Version, Major
- minor int, // Version, Minor
- patch int, // Version, Patch
- pkg int, // Version, Package (if available)
- latitude float, // Latitude
- longitude float, // Longitude
- protocol text, // Protocol (i.e. http https)
- subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https
- port_key uuid, // Key into locate_ports
- PRIMARY KEY(name,hostname,port)
-) with default_time_to_live = 1200; // 20 mins
-
-CREATE TABLE locate_ports (
- id uuid, // Id into locate
- port int, // SubPort
- name text, // Name of Other Port
- protocol text, // Protocol of Other (i.e. JMX, DEBUG)
- subprotocol set<text>, // Accepted sub protocols or versions
- PRIMARY KEY(id, port)
-) with default_time_to_live = 1200; // 20 mins;
-
-//
-// Used by authz-batch processes to ensure only 1 runs at a time
-//
-CREATE TABLE run_lock (
- class text,
- host text,
- start timestamp,
- PRIMARY KEY ((class))
-);
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// For Developer Machine single instance
-// CREATE KEYSPACE authz
-// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
-//
-//
-
-// Example of Network Topology, with Datacenter dc1 & dc2
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
-// Out of the box Docker Cassandra comes with "datacenter1", one instance
-CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' };
-//
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-// Create 'org' root NS
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org','Root Namespace','.',1,1);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','admin',{'org.access|*|*'},'Org Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
-
-// Create Root pass
-INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
-
-
-// Create org.osaaf
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.osaaf','OSAAF Namespace','org',2,2);
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
-
-// Create org.osaaf.aaf
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
-
-
-// ONAP Specific Entities
-// ONAP initial env Namespace
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.onap','ONAP','org',2,2);
-
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.onap.portal','access','*','read',{
- 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
- },'Portal Read Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
-
-// DEMO ID (OPS)
-insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// ADMIN
-insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// DESIGNER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
-
-// TESTER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
-
-// OPS
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
-
-// GOVERNOR
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
-
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ;
-
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostname: {{ include "common.name" . }}
containers:
- - args:
+ - name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
ports:
- containerPort: {{ .Values.service.externalPort }}
- containerPort: {{ .Values.service.externalPort2 }}
- containerPort: {{ .Values.service.externalPort3 }}
- containerPort: {{ .Values.service.externalPort4 }}
+ env:
+ - name: CASSANDRA_CLUSTER_NAME
+ value: "osaaf"
+ - name: CASSANDRA_DC
+ value: "dc1"
+ - name: HEAP_NEWSIZE
+ value: "512M"
+ - name: MAX_HEAP_SIZE
+ value: "1024M"
volumeMounts:
- - mountPath: /data
- name: aaf-cs-data
+ - mountPath: /var/lib/cassandra
+ name: cassandra-storage
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort3 }}
+ exec:
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"]
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- lifecycle:
- postStart:
- exec:
- command:
- - /bin/sh
- - -c
- - >
- /bin/sleep {{ .Values.readiness.initialDelaySeconds }};
- cd /data/;
- cqlsh -u root -p root -f keyspace.cql ;
- cqlsh -u root -p root -f init.cql ;
- cqlsh -u root -p root -f osaaf.cql ;
- cqlsh -u root -p root -f temp_identity.cql
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . | indent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-cs-data
- secret:
- secretName: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: cassandra-storage
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: library/cassandra:3.11
+image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
# application configuration
config: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 120
periodSeconds: 10
service:
requests:
cpu: 40m
memory: 9000Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
+
+persistence:
+ enabled: true
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 10Gi
+ storageClass: "manual"
\ No newline at end of file
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/fs"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_fs:2.1.1
+image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- - aaf-locate
+ - aaf-cm
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/gui"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_gui:2.1.1
+image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/hello"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
+flavor: small
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_hello:2.1.1
+image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
+ - aaf-service
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/locate"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
-# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines.
-# persistence:
-# mountPath: /dockerdata
flavor: small
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_locate:2.1.1
+image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
- - /root/ready.py
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/oauth"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
- #Example internal target port if required
- #targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}
{{- else -}}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_oauth:2.1.1
+image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- aaf-cs
- - --container-name
- - aaf-locate
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/service"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_service:2.1.1
+image: onap/aaf/aaf_service:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
--- /dev/null
+{
+ "domain": {
+ "name": "has",
+ "secrets": [
+ {
+ "name": "aai",
+ "values": {
+ "username": "OOF",
+ "password": "OOF"
+ }
+ },
+ {
+ "name": "conductor_api",
+ "values": {
+ "username": "admin1",
+ "password": "plan.15"
+ }
+ },
+ {
+ "name": "sdnc",
+ "values": {
+ "username": "admin",
+ "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U"
+ }
+ },
+ {
+ "name": "music_api",
+ "values": {
+ "aafuser": "conductor",
+ "aafpass": "c0nduct0r",
+ "aafns": "conductor"
+ }
+ }
+ ]
+ }
+}
--- /dev/null
+{
+ "domain": {
+ "name": "osdf",
+ "secrets": [
+ {
+ "name": "so",
+ "values": {
+ "UserName": "",
+ "Password": ""
+ }
+ },
+ {
+ "name": "conductor",
+ "values": {
+ "UserName": "admin1",
+ "Password": "plan.15"
+ }
+ },
+ {
+ "name": "policyPlatform",
+ "values": {
+ "UserName": "testpdp",
+ "Password": "alpha123"
+ }
+ },
+ {
+ "name": "policyClient",
+ "values": {
+ "UserName": "python",
+ "Password": "test"
+ }
+ },
+ {
+ "name": "dmaap",
+ "values": {
+ "UserName": "NA",
+ "Password": "NA"
+ }
+ },
+ {
+ "name": "sdc",
+ "values": {
+ "UserName": "NA",
+ "Password": "NA"
+ }
+ },
+ {
+ "name": "osdfPlacement",
+ "values": {
+ "UserName": "test",
+ "Password": "testpwd"
+ }
+ },
+ {
+ "name": "osdfPlacementSO",
+ "values": {
+ "UserName": "so_test",
+ "Password": "so_testpwd"
+ }
+ },
+ {
+ "name": "osdfPlacementVFC",
+ "values": {
+ "UserName": "vfc_test",
+ "Password": "vfc_testpwd"
+ }
+ },
+ {
+ "name": "osdfCMScheduler",
+ "values": {
+ "UserName": "test1",
+ "Password": "testpwd1"
+ }
+ },
+ {
+ "name": "configDb",
+ "values": {
+ "UserName": "osdf",
+ "Password": "passwd"
+ }
+ },
+ {
+ "name": "pciHMS",
+ "values": {
+ "UserName": "",
+ "Password": ""
+ }
+ },
+ {
+ "name": "osdfPCIOpt",
+ "values": {
+ "UserName": "pci_test",
+ "Password": "pci_testpwd"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
+{{/*
# Copyright 2018 Intel Corporation, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: ConfigMap
data:
smsconfig.json: |
{{ .Values.config | toJson }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-preload
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-preload
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+{{/*
+# Copyright 2018 Intel Corporation, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-preload
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - "aaf-sms"
+ - --container-name
+ - "aaf-sms-quorumclient"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-preload
+ command:
+ - "/sms/bin/preload"
+ - "-cacert"
+ - "/sms/certs/aaf_root_ca.cer"
+ - "-jsondir"
+ - "/preload/config"
+ - "-serviceport"
+ - "{{ .Values.service.internalPort }}"
+ - "-serviceurl"
+ - "https://aaf-sms.{{ include "common.namespace" . }}"
+ workingDir: /sms
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /preload/config
+ name: {{ include "common.name" . }}-preload
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name : {{ include "common.name" . }}-preload
+ configMap:
+ name: {{ include "common.fullname" . }}-preload
+ restartPolicy: OnFailure
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# BEGIN Store prev
-BD=/opt/app/osaaf/backup
-if [ -e "$BD/6day" ]; then
- rm -Rf $BD/6day
-fi
-
-PREV=$BD/6day
-for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do
- if [ -e "$D" ]; then
- mv "$D" "$PREV"
- fi
- PREV="$D"
-done
-
-if [ -e "$BD/today" ]; then
- if [ -e "$BD/backup.log" ]; then
- mv $BD/backup.log $BD/today
- fi
- gzip $BD/today/*
- mv $BD/today $BD/yesterday
-fi
-
-mkdir $BD/today
-
-# END Store prev
-date
-docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup"
-docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
-# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
-docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
-docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
-date
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cd /opt/app/cass_backup
-DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history"
-PWD=cassandra
-CQLSH="cqlsh -u cassandra -k authz -p $PWD"
-for T in $DATA ; do
- echo "Creating $T.dat"
- $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'"
-done
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.cm.props
-## AAF Certificate Manager properties
-## Note: Link to CA Properties in "local" dir
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props
-aaf_component=AAF_NS.cm:2.1.0.0
-port=8150
-cadi_registration_hostname={{.Values.config.cmServiceName}}
-#Certman
-cm_public_dir=/opt/app/osaaf/public
-cm_trust_cas=AAF_RootCA.cer
-
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-############################################################
-# Common properties for all AAF Components
-# on 2018-03-02 06:59.628-0500
-############################################################
-# Pull in Global Coordinates and Certificate Information
-aaf_root_ns=org.osaaf.aaf
-aaf_trust_perm=org.osaaf.aaf|org.onap|trust
-
-cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props
-cadi_protocols=TLSv1.1,TLSv1.2
-
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
-cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login
-
-# Standard for this App/Machine
-aaf_env=DEV
-aaf_data_dir=/opt/app/osaaf/data
-cadi_loglevel=DEBUG
-
-# Domain Support (which will accept)
-aaf_domain_support=.com:.org
-
-# Basic Auth
-aaf_default_realm=people.osaaf.org
-
-# OAuth2
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.fs:2.1.0.0
-port=8096
-cadi_registration_hostname={{.Values.config.fsServiceName}}
-
-aaf_public_dir=/opt/app/osaaf/public
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.gui:2.1.0.0
-port=8200
-cadi_registration_hostname={{.Values.config.guiServiceName}}
-
-aaf_gui_title=AAF
-aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved.
-aaf_gui_theme=theme/onap
-cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login
-
-# GUI URLS and Help URLS
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-gw_url=https://{{.Values.config.locateServiceName}}:8095
-fs_url=http://{{.Values.config.fsServiceName}}:8096
-
-aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding
-aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt
-
-aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
-aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide
-aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF
-aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide
-#aaf_url.cadi_help=
-aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar
-aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134
-aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F
-aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.locator:2.1.0.0
-port=8095
-cadi_registration_hostname={{.Values.config.locateServiceName}}
+++ /dev/null
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.INIT.File=${LOG4J_FILENAME_init}
-log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.INIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
-log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
-log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout
-log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
-
-log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
-log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
-
-# General Apache libraries
-log4j.rootLogger=WARN.SRVR
-log4j.logger.org.apache=WARN,SRVR
-log4j.logger.com.datastax=WARN,SRVR
-log4j.logger.init=INFO,INIT
-log4j.logger.service=${LOGGING_LEVEL},SRVR
-log4j.logger.audit=INFO,AUDIT
-# Additional configs, not cauth with Root Logger
-log4j.logger.io.netty=INFO,SRVR
-log4j.logger.org.eclipse=INFO,SRVR
-
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.oauth:2.1.0.0
-port=8140
-cadi_registration_hostname={{.Values.config.oauthServiceName}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Define Organizations for use in some of the components. Not all use them
-#
-Organization.org.osaaf=org.onap.aaf.org.DefaultOrg
-org.osaaf.mailHost=smtp.mail.att.com
-org.osaaf.mailFrom=DL-aaf-support@aaf.att.com
-org.osaaf.default=true
-org.osaaf.also_supports=org.osaaf.people
-
-
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.service
-## AAF Service Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.service:2.1.0.0
-port=8100
-cadi_registration_hostname={{.Values.config.serviceServiceName}}
+++ /dev/null
-name = localca
+++ /dev/null
-rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0
-sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng
-tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF
-Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz
-AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb
-yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By
-qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL
-y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco
-6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj
-4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz
--KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f
-Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC
-kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR
-PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3
-YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg
-yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN
-jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_
-biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1
-ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My
-c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf
-GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE
-G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw
-BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS
-acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d
-QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_
-2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im
-3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-#hostname=aaf.osaaf.org
-aaf_env=DEV
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile
-cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
-cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb
-#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
-cadi_alias=aaf-authz@aaf.osaaf.org
-cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12
-cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np
+++ /dev/null
-############################################################
-# Cassandra properties for AAF Components needing
-# on 2018-03-02 06:59.628-0500
-############################################################
-# LOCAL Cassandra
-cassandra.clusters={{.Values.config.csServiceName}}
-cassandra.clusters.port=9042
-#need this to be fully qualified name when REAL AAF integration
-cassandra.clusters.user=cassandra
-cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV
-
-# Name for exception that has happened in the past
-cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
-
-# Example Consistency Settings for Clusters with at least instances
-#cassandra.writeConsistency.ns=LOCAL_QUORUM
-#cassandra.writeConsistency.perm=LOCAL_QUORUM
-#cassandra.writeConsistency.role=LOCAL_QUORUM
-#cassandra.writeConsistency.user_role=LOCAL_QUORUM
-#cassandra.writeConsistency.cred=LOCAL_QUORUM
-#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
-
-# Consistency Settings when Single Instance
-cassandra.writeConsistency.ns=ONE
-cassandra.writeConsistency.perm=ONE
-cassandra.writeConsistency.role=ONE
-cassandra.writeConsistency.user_role=ONE
-cassandra.writeConsistency.cred=ONE
-cassandra.writeConsistency.ns_attrib=ONE
+++ /dev/null
-##
-## org.osaaf.cm.ca.props
-## Properties to access Certifiate Authority
-##
-
-#Certman
-cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw
-cm_ca.local.idDomains=org.osaaf
-cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
-cm_ca.local.perm_type=org.osaaf.aaf.ca
-
+++ /dev/null
-##
-## org.osaaf.location.props
-##
-## Localized Machine Information
-##
-# Almeda California
-cadi_latitude=37.78187
-cadi_longitude=-122.26147
-
-#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org
-cadi_trust_masks=10.12.6/24
-aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095
+++ /dev/null
-Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment.
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-backup
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-local
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-etc
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-data
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }}
apiVersion: batch/v1
kind: Job
metadata:
- name: {{ include "common.fullname" . }}-create-config
+ name: {{ .Release.Name }}-create-config
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
app: aaf-init-job
release: {{ .Release.Name }}
spec:
- initContainers:
- - name: {{ include "common.name" . }}-inject-config
- command:
- - /bin/bash
- - -c
- - >
- git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
- echo "Clone complete. Copying from /tmp/gerrit/ to /public";
- cp -rf /tmp/gerrit/auth/sample/public/* /public;
- echo "Done.";
- image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: aaf-public
- mountPath: "/public"
containers:
- - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"]
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ - name: {{ include "common.name" . }}-config-container
+ image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: aaf-init-job
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /data
- name: aaf-persistent-data
- - mountPath: /data1/etc
- name: aaf-etc
- - mountPath: /data1/data
- name: aaf-data
- - mountPath: /data1/public/iframe_denied_test.html
- name: aaf-public
- subPath: iframe_denied_test.html
- - mountPath: /data1/public/aaf_2_0.xsd
- name: aaf-public
- subPath: aaf_2_0.xsd
- - mountPath: /data1/public/truststoreONAP.p12
- name: aaf-public
- subPath: truststoreONAP.p12
- - mountPath: /data1/public/AAF_RootCA.cer
- name: aaf-public
- subPath: AAF_RootCA.cer
- - mountPath: /data1/public/truststoreONAPall.jks
- name: aaf-public
- subPath: truststoreONAPall.jks
- - mountPath: /data1/local/org.osaaf.location.props
- name: aaf-local
- subPath: org.osaaf.location.props
- - mountPath: /data1/local/org.osaaf.cm.ca.props
- name: aaf-local
- subPath: org.osaaf.cm.ca.props
- - mountPath: /data1/local/org.osaaf.cassandra.props
- name: aaf-local
- subPath: org.osaaf.cassandra.props
- - mountPath: /data1/local/org.osaaf.aaf.props
- name: aaf-local
- subPath: org.osaaf.aaf.props
- - mountPath: /data1/local/org.osaaf.aaf.trust.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.trust.p12
- - mountPath: /data1/local/org.osaaf.aaf.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.p12
- - mountPath: /data1/local/org.osaaf.aaf.keyfile
- name: aaf-local-secret
- subPath: org.osaaf.aaf.keyfile
- - mountPath: /data1/local/org.osaaf.aaf.cm.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.cm.p12
- - mountPath: /data1/backup
- name: aaf-backup
- - mountPath: /share
- name: aaf-public
+ - mountPath: "/opt/app/osaaf"
+ name: {{ include "common.name" . }}-config-vol
+ env:
+ - name: HOSTNAME
+ value: "{{ .Values.global.cadi.hostname }}"
+ - name: AAF_ENV
+ value: "{{ .Values.global.cadi.aaf_env }}"
+ - name: AAF_REGISTER_AS
+ value: "{{ .Values.global.cadi.aaf_register_as }}"
+ - name: LATITUDE
+ value: "{{ .Values.global.cadi.cadi_latitude }}"
+ - name: LONGITUDE
+ value: "{{ .Values.global.cadi.cadi_longitude }}"
+ - name: CASS_HOST
+ value: "{{ .Values.global.cassandraServiceName }}"
+ - name: AAF_LOCATOR_AS
+ value: "{{ .Values.global.locateServiceName }}"
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-local-secret
- secret:
- secretName: {{ .Release.Name }}-aaf-local-secret
- - name: aaf-etc
- configMap:
- name: {{ .Release.Name }}-aaf-etc
- - name: aaf-local
- configMap:
- name: {{ .Release.Name }}-aaf-local
- - name: aaf-backup
- configMap:
- name: {{ .Release.Name }}-aaf-backup
- - name: aaf-data
- configMap:
- name: {{ .Release.Name }}-aaf-data
- - name: aaf-persistent-data
+ - name: {{ include "common.name" . }}-config-vol
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
- - name: aaf-public
- emptyDir: {}
restartPolicy: OnFailure
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ .Release.Name }}-config
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-config
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
name: {{ include "common.fullname" . }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ .Values.persistence.config.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ .Values.persistence.config.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-logs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.logs.size}}
+ accessModes:
+ - {{ .Values.persistence.logs.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ .Release.Name }}-aaf-pvc
+ name: {{ .Release.Name }}-config
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-config
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
+{{- if .Values.persistence.config.annotations }}
annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{ toYaml .Values.persistence.config.annotations | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.name" . }}-config
accessModes:
- - {{ .Values.persistence.accessMode }}
+ - {{ .Values.persistence.config.accessMode }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
+ storage: {{ .Values.persistence.config.size }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
storageClassName: ""
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
{{- end }}
{{- end }}
-{{- end -}}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-logs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.logs.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.logs.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}-logs
+ accessModes:
+ - {{ .Values.persistence.logs.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.logs.size }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
persistence:
enabled: true
+
+ cadi:
+ hostname: "aaf.onap"
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+ aaf_env: "DEV"
+ aaf_register_as: "aaf.onap"
+ cassandraServiceName: aaf-cass
+ locateServiceName: aaf-locate
+
#################################################################
# Application configuration defaults.
#################################################################
-config:
- serviceServiceName: aaf-service
- locateServiceName: aaf-locate
- cmServiceName: aaf-cm
- fsServiceName: aaf-fs
- guiServiceName: aaf-gui
- helloServiceName: aaf-hello
- oauthServiceName: aaf-oauth
- csServiceName: aaf-cass
- # gerrit branch where the latest aaf/auth/sample/public code exists
- gerritProject: http://gerrit.onap.org/r/aaf/authz.git
- gerritBranch: 2.0.0-ONAP
+repository: nexus3.onap.org:10001
+aaf_config:
+ image: onap/aaf/aaf_config:2.1.2-SNAPSHOT
flavor: small
# default number of instances
## Persist data to a persitent volume
persistence:
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
+ mountPath: "/mnt/data/aaf"
+ enabled: true
+ config:
+ #existingClaim:
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountSubPath: "config"
+ storageClass: "manual"
+ logs:
+ #existingClaim:
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountSubPath: "logs"
+ storageClass: "manual"
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteMany
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: aaf/data
+aaf-cs:
+ persistence:
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 10Gi
+ storageClass: "manual"
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 2
- memory: 3Gi
- requests:
- cpu: 2
- memory: 3Gi
- large:
- limits:
- cpu: 4
- memory: 6Gi
- requests:
- cpu: 4
- memory: 6Gi
- unlimited: {}
+resources: {}
\ No newline at end of file
# ============LICENSE_END=========================================================\r
#\r
\r
-# Properties for the SchemaLocationsBean\r
\r
-# The AAI Schema jar will be unpacked to bundleconfig/etc\r
-schemaConfig=NA\r
-# OXM files named aai_oxm_v*.xml are unpacked here:\r
-nodeDir=/opt/app/data-router/bundleconfig/etc/oxm\r
-# DB Edge Rules are unpacked here:\r
+# Properties for the SchemaLocationsBean\r
+# Files named aai_oxm_v*.xml are unpacked here:\r
+nodeDir=/opt/app/data-router/onap/oxm\r
+# Dummy folder/directory:\r
edgeDir=\r
-# DB Edge Property files are copied here:\r
-edgePropsDir=\r
+\r
+# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0\r
+schema.configuration.location=N/A\r
+schema.nodes.location=/opt/app/data-router/onap/oxm/\r
+schema.edges.location=\r
+# These versions need to exist if they are included in the list\r
+schema.version.list=v9,v10,v11,v12,v13,v14\r
+# Decalares the oxm version to load\r
+schema.version.api.default=v14\r
+\r
+# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean)\r
+schema.version.depth.start=v14\r
+schema.version.related.link.start=v14\r
+schema.version.app.root.start=v14\r
+schema.version.namespace.change.start=v14\r
+schema.version.edge.label.start=v14\r
+~\r
+\r
--- /dev/null
+<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd
+ http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd">
+
+ <context:property-placeholder
+ location="file:${CONFIG_HOME}/schemaIngest.properties"
+ ignore-unresolvable="true" />
+
+ <bean id="schemaLocationsBean" class="org.onap.aai.setup.SchemaLocationsBean">
+ <!-- When running with AJSC these properties must be injected directly.
+ The reason for this is unknown. -->
+ <property name="nodeDirectory" value="${nodeDir}" />
+ <property name="edgeDirectory" value="${edgeDir}" />
+ </bean>
+
+ <bean id="schemaVersions" class="org.onap.aai.setup.SchemaVersions"/>
+
+</beans>
+
<property name="searchCertName" value="client-cert-onap.p12" />
<property name="searchKeystorePwd" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
<property name="searchKeystore" value="tomcat_keystore" />
+ <property name="schemaVersions" ref="schemaVersions" />
+ <property name="schemaLocationsBean" ref="schemaLocationsBean" />
</bean>
<bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer" >
<constructor-arg name="messageLimit" value="100" />
<constructor-arg name="transportType" value="HTTPAUTH" />
<constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
- <constructor-arg name="contentType" value="application/json" />
+ <constructor-arg name="filter"><null /></constructor-arg>
</bean>
<bean id="entityEventPolicy" class="org.onap.aai.datarouter.policy.EntityEventPolicy" init-method="startup" >
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }}
+
---
apiVersion: v1
kind: ConfigMap
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
\ No newline at end of file
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
- mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml
subPath: entity-event-policy.xml
name: {{ include "common.fullname" . }}-dynamic-policy
+ - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml
+ subPath: data-router-oxm.xml
+ name: {{ include "common.fullname" . }}-dynamic-oxm
- mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml
name: {{ include "common.fullname" . }}-logback-config
subPath: logback.xml
- mountPath: /var/log/onap
name: {{ include "common.fullname" . }}-logs
+ - mountPath: /logs
+ name: {{ include "common.fullname" . }}-logs
+
ports:
- containerPort: {{ .Values.service.internalPort }}
{{- if eq .Values.liveness.enabled true }}
name: filebeat-conf
- mountPath: /var/log/onap
name: {{ include "common.fullname" . }}-logs
+ - mountPath: /logs
+ name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: aai-filebeat
volumes:
- name: {{ include "common.fullname" . }}-dynamic-policy
configMap:
name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-dynamic-oxm
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-logback-config
--- /dev/null
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </logger>
+
+</configuration>
\ No newline at end of file
--- /dev/null
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
--- /dev/null
+[
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/services\/inventory\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ },
+ {
+ "uri": "\/services\/gizmo\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ }
+]
--- /dev/null
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# Configure AAF
+aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
--- /dev/null
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="debug">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </logger>
+
+</configuration>
--- /dev/null
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9520
--- /dev/null
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
--- /dev/null
+transactionid.header.name=X-TransactionId
\ No newline at end of file
--- /dev/null
+bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
+1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
+xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
+BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
+6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
+QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
+zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
+x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
+8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
+FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
+UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
+banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
+6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
+yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
+xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
+lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
+ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
+fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
+1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
+liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
+0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
+PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
+8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
+dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
+-85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
+c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
+uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+{{ end }}
+
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ {{ if .Values.global.installSidecarSecurity }}
+ hostAliases:
+ - ip: {{ .Values.global.aaf.serverIp }}
+ hostnames:
+ - {{ .Values.global.aaf.serverHostname }}
+
+ initContainers:
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- mountPath: /usr/share/filebeat/data
name: {{ include "common.fullname" . }}-data-filebeat
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
+ subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
volumes:
- name: localtime
hostPath:
- name: {{ include "common.fullname" . }}-model-config
configMap:
name: {{ include "common.fullname" . }}-model-configmap
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ {{ end }}
+
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
data:
KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
+{{ end }}
spec:
type: {{ .Values.service.type }}
ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
+ {{ if .Values.global.installSidecarSecurity }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.global.rproxy.port }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ else }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ end }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
- mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-graphadmin/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
subPath: application.properties
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
- mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.keyfile
--- /dev/null
+[{\r
+ "orgId": null,\r
+ "managerId": null,\r
+ "firstName": "Demo",\r
+ "middleInitial": null,\r
+ "lastName": "User",\r
+ "phone": null,\r
+ "email": "demo@email.com",\r
+ "hrid": null,\r
+ "orgUserId": "demo",\r
+ "orgCode": null,\r
+ "orgManagerUserId": null,\r
+ "jobTitle": null,\r
+ "loginId": "demo",\r
+ "active": false,\r
+ "roles": [{\r
+ "id": 1,\r
+ "name": "View"\r
+ }]\r
+}]
\ No newline at end of file
{{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
- mountPath: /opt/app/sparky/config/application-oxm-default.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-default.properties
-
+
- mountPath: /opt/app/sparky/config/application-oxm-override.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-override.properties
- mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-schema-prod.properties
-
+
+ - mountPath: /opt/app/sparky/config/roles.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: roles.config
+
+ - mountPath: /opt/app/sparky/config/users.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: users.config
+
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
- mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.keyfile
restartPolicy: Always
+ installSidecarSecurity: false
+
+ fproxy:
+ name: forward-proxy
+ activeSpringProfiles: noHostVerification,cadi
+ image: onap/fproxy:2.1-STAGING-latest
+ port: 10680
+
+ rproxy:
+ name: reverse-proxy
+ activeSpringProfiles: noHostVerification,cadi
+ image: onap/rproxy:2.1-STAGING-latest
+ port: 10692
+
+ tproxyConfig:
+ name: init-tproxy-config
+ image: onap/tproxy-config:2.1-STAGING-latest
+
+ # AAF server details. Only needed if the AAF DNS does not resolve from the pod
+ aaf:
+ serverIp: 10.12.6.214
+ serverHostname: aaf.osaaf.org
+ serverPort: 30247
+
cassandra:
serviceName: aai-cassandra
replicas: 3
requests:
cpu: 2
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
-# Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
################################################################################
#
# Licensed to the Apache Software Foundation (ASF) under one or more
#
################################################################################
-# Root logger
-log4j.rootLogger=INFO, async, osgi:*
-log4j.throwableRenderer=org.apache.log4j.OsgiThrowableRenderer
-
-maxFileSize=100MB
-maxBackupIndex=20
-logDir=/var/log/onap
-componentName=appc
-logDirectory=${logDir}/${componentName}
-karafLogName=karaf
-errorLogName=error
-metricsLogName=metrics
-auditLogName=audit
-debugLogName=debug
-
-
-# CONSOLE appender not used by default
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd'T'HH:mm:ss.SSS}\t%-16.16t\t%-5.5p\t%c{36}\t%X{bundle.id} - %X{bundle.name} - %X{bundle.version}\t%m%n
-
-# Async appender forwarding to file appender
-log4j.appender.async=org.apache.log4j.AsyncAppender
-log4j.appender.async.appenders=out
-
-# File appender
-log4j.appender.out=org.apache.log4j.RollingFileAppender
-log4j.appender.out.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.out.layout.Properties=true
-log4j.appender.out.file=${logDirectory}/${karafLogName}.log
-log4j.appender.out.append=true
-log4j.appender.out.maxFileSize=${maxFileSize}
-log4j.appender.out.maxBackupIndex=${maxBackupIndex}
-
-# Sift appender
-log4j.appender.sift=org.apache.log4j.sift.MDCSiftingAppender
-log4j.appender.sift.key=bundle.name
-log4j.appender.sift.default=karaf
-log4j.appender.sift.appender=org.apache.log4j.RollingFileAppender
-log4j.appender.sift.appender.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.sift.appender.layout.Properties=true
-log4j.appender.sift.appender.file=${logDirectory}/$\\{bundle.name\\}.log
-log4j.appender.sift.appender.append=true
-
-
-
-log4j.category.org.opendaylight.controller.netconf.persist.impl.osgi.ConfigPusherImpl=DEBUG
-log4j.category.org.opendaylight.controller.netconf.persist.impl.osgi.ConfigPersisterActivator=DEBUG
-
-
-#ECOMP Debug appender
-log4j.appender.debug=org.apache.log4j.RollingFileAppender
-log4j.appender.debug.key=bundle.name
-log4j.appender.debug.default=karaf
-log4j.appender.debug.appName=EELFDebug
-log4j.appender.debug.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.debug.layout.Properties=true
-log4j.appender.debug.file=${logDirectory}/${debugLogName}.log
-log4j.appender.debug.append=true
-log4j.appender.debug.maxFileSize=${maxFileSize}
-log4j.appender.debug.maxBackupIndex=${maxBackupIndex}
-#log4j.appender.debug.filter.f1=org.apache.log4j.varia.LevelRangeFilter
-#log4j.appender.debug.filter.f1.LevelMax=WARN
-#log4j.appender.debug.filter.f1.LevelMin=TRACE
+# Common pattern layout for appenders
+log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %m%n
+# Root logger
+log4j2.rootLogger.level = INFO
+# uncomment to use asynchronous loggers, which require mvn:com.lmax/disruptor/3.3.2 library
+#log4j2.rootLogger.type = asyncRoot
+#log4j2.rootLogger.includeLocation = false
+log4j2.rootLogger.appenderRef.RollingFile.ref = RollingFile
+log4j2.rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi
+log4j2.rootLogger.appenderRef.Console.ref = Console
+log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter
+log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF}
+
+# Loggers configuration
+
+# Spifly logger
+log4j2.logger.spifly.name = org.apache.aries.spifly
+log4j2.logger.spifly.level = WARN
+
+# Security audit logger
+log4j2.logger.audit.name = org.apache.karaf.jaas.modules.audit
+log4j2.logger.audit.level = INFO
+log4j2.logger.audit.additivity = false
+log4j2.logger.audit.appenderRef.AuditRollingFile.ref = AuditRollingFile
+
+# Appenders configuration
+
+# Console appender not used by default (see log4j2.rootLogger.appenderRefs)
+log4j2.appender.console.type = Console
+log4j2.appender.console.name = Console
+log4j2.appender.console.layout.type = PatternLayout
+log4j2.appender.console.layout.pattern = ${log4j2.pattern}
+
+# Rolling file appender
+log4j2.appender.rolling.type = RollingRandomAccessFile
+log4j2.appender.rolling.name = RollingFile
+log4j2.appender.rolling.fileName = ${karaf.data}/log/karaf.log
+log4j2.appender.rolling.filePattern = ${karaf.data}/log/karaf.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.rolling.immediateFlush = false
+log4j2.appender.rolling.append = true
+log4j2.appender.rolling.layout.type = PatternLayout
+log4j2.appender.rolling.layout.pattern = ${log4j2.pattern}
+log4j2.appender.rolling.policies.type = Policies
+log4j2.appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.rolling.policies.size.size = 16MB
+
+# Audit file appender
+log4j2.appender.audit.type = RollingRandomAccessFile
+log4j2.appender.audit.name = AuditRollingFile
+log4j2.appender.audit.fileName = ${karaf.data}/security/audit.log
+log4j2.appender.audit.filePattern = ${karaf.data}/security/audit.log.%i
+log4j2.appender.audit.append = true
+log4j2.appender.audit.layout.type = PatternLayout
+log4j2.appender.audit.layout.pattern = ${log4j2.pattern}
+log4j2.appender.audit.policies.type = Policies
+log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.audit.policies.size.size = 8MB
+
+# OSGi appender
+log4j2.appender.osgi.type = PaxOsgi
+log4j2.appender.osgi.name = PaxOsgi
+log4j2.appender.osgi.filter = *
+
+# help with identification of maven-related problems with pax-url-aether
+#log4j2.logger.aether.name = shaded.org.eclipse.aether
+#log4j2.logger.aether.level = TRACE
+#log4j2.logger.http-headers.name = shaded.org.apache.http.headers
+#log4j2.logger.http-headers.level = DEBUG
+#log4j2.logger.maven.name = org.ops4j.pax.url.mvn
+#log4j2.logger.maven.level = TRACE
-#Error appender
-log4j.appender.error=org.apache.log4j.RollingFileAppender
-log4j.appender.error.appName=EELFError
-log4j.appender.error.File=${logDirectory}/${errorLogName}.log
-log4j.appender.error.Threshold=ERROR
-log4j.appender.error.maxFileSize=${maxFileSize}
-log4j.appender.error.maxBackupIndex=${maxBackupIndex}
-log4j.appender.error.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.error.layout.Properties=true
-
-#Metrics appender
-log4j.appender.metric=org.apache.log4j.RollingFileAppender
-log4j.appender.metric.appName=EELFMetrics
-log4j.appender.metric.File=${logDirectory}/${metricsLogName}.log
-log4j.appender.metric.maxFileSize=${maxFileSize}
-log4j.appender.metric.maxBackupIndex=${maxBackupIndex}
-log4j.appender.metric.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.metric.layout.Properties=true
-
-#Audit appender
-log4j.appender.audit=org.apache.log4j.RollingFileAppender
-log4j.appender.audit.appName=EELFAudit
-log4j.appender.audit.File=${logDirectory}/${auditLogName}.log
-log4j.appender.audit.maxFileSize=${maxFileSize}
-log4j.appender.audit.maxBackupIndex=${maxBackupIndex}
-log4j.appender.audit.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.audit.layout.Properties=true
-
-#Loggers
-#Routing of all messages from root logger
-log4j.logger.com.att=TRACE, debug, error
-#Store to the same log file messages from upper level appender or not
-log4j.additivity.com.att=false
-
-#EELFManager loggers
-#EELF parent logger
-log4j.logger.com.att.eelf=TRACE, debug
-log4j.additivity.com.att.eelf=false
-
-#Audit logger routing
-log4j.logger.com.att.eelf.audit=DEBUG, audit
-log4j.additivity.com.att.eelf.audit=false
-
-#Metric logger routing
-log4j.logger.com.att.eelf.metrics=DEBUG, metric
-log4j.additivity.com.att.eelf.metrics=false
-
-#Performance logger routing
-log4j.logger.com.att.eelf.perf=DEBUG, metric
-log4j.additivity.com.att.eelf.perf=false
-
-#Server logger routing
-log4j.logger.com.att.eelf.server=DEBUG, debug
-log4j.additivity.com.att.eelf.server=false
-
-#Policy logger routing
-log4j.logger.com.att.eelf.policy=DEBUG, debug
-log4j.additivity.com.att.eelf.policy=false
-
-#Error logger routing
-log4j.logger.com.att.eelf.error=DEBUG, error
-log4j.additivity.com.att.eelf.error=false
-
-#Debug logger routing
-log4j.logger.com.att.eelf.debug=DEBUG, debug
-log4j.additivity.com.att.eelf.debug=false
# More info:
transport.tcp.port: {{.Values.service.externalPort2}}
-xpack.graph.enabled: false
+#xpack.graph.enabled: false
#Set to false to disable X-Pack graph features.
-xpack.ml.enabled: false
+#xpack.ml.enabled: false
#Set to false to disable X-Pack machine learning features.
-xpack.monitoring.enabled: false
+#xpack.monitoring.enabled: false
#Set to false to disable X-Pack monitoring features.
-xpack.security.enabled: false
+#xpack.security.enabled: false
#Set to false to disable X-Pack security features.
-xpack.watcher.enabled: false
+#xpack.watcher.enabled: false
#Set to false to disable Watcher.
# application image
loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch:5.6.9
+image: elasticsearch/elasticsearch-oss:6.1.3
pullPolicy: Always
# flag to enable debugging - application support required
+++ /dev/null
-{"_index":".kibana","_type":"visualization","_id":"AWI967sW8kHy-lwNJZrR","_score":1,"_source":{"title":"CL Total Activity","visState":"{\"title\":\"CL Total Activity\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"index-pattern","_id":"AWIk7j2UDjJ4k3sPXRaY","_score":1,"_source":{"title":"logstash-*","timeFieldName":"closedLoopAlarmStart","notExpandable":true,"fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.cloud-region.identity-url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.cloud-region.identity-url.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.complex.physical-location-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.complex.physical-location-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.generic-vnf.service-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.generic-vnf.service-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.generic-vnf.vnf-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.generic-vnf.vnf-name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.tenant.tenant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.tenant.tenant-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.is-closed-loop-disabled\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.is-closed-loop-disabled.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.prov-status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.prov-status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-selflink\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-selflink.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"OPS_CL_timer\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"closedLoopAlarmEnd\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopAlarmStart\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopControlName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopControlName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopEventClient\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopEventClient.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopEventStatus\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopEventStatus.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"from\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"from.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.actor\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.actor.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.end\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.message.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.operation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.operation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.outcome\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.outcome.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.start\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.subRequestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.subRequestId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.target\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.target.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"notification\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"notification.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"notificationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyScope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyScope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyVersion\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyVersion.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"requestID\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"requestID.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"target\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"target.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"target_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"target_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"eventDuration\",\"type\":\"number\",\"count\":0,\"scripted\":true,\"script\":\"if (doc.containsKey('closedLoopEventStatus') && doc.get('closedLoopEventStatus.keyword').value == 'ABATED') { \\n return doc.get('closedLoopAlarmEnd').value- doc.get('closedLoopAlarmStart').value; \\n} \\nreturn null\",\"lang\":\"painless\",\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false}]","fieldFormatMap":"{\"eventDuration\":{\"id\":\"duration\",\"params\":{\"inputFormat\":\"milliseconds\"}}}"}}
-{"_index":".kibana","_type":"visualization","_id":"AWIk-5O-DjJ4k3sPXRd1","_score":1,"_source":{"title":"ClosedLoopActivationsTable","visState":"{\"title\":\"ClosedLoopActivationsTable\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk8yDIDjJ4k3sPXRbu","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWIk9P-qDjJ4k3sPXRcQ","_score":1,"_source":{"title":"ABATED","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"query_string\":{\"query\":\"closedLoopEventStatus: \\\"ABATED\\\"\",\"analyze_wildcard\":true}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":\"ABATED\",\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ABATED\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ABATED\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":true,\"alias\":\"ONSET\",\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}}
-{"_index":".kibana","_type":"config","_id":"5.6.7","_score":1,"_source":{"buildNum":15610,"defaultIndex":"AWIk7j2UDjJ4k3sPXRaY"}}
-{"_index":".kibana","_type":"visualization","_id":"AWIlBLT7DjJ4k3sPXRe7","_score":1,"_source":{"title":"Closed loop failed action : needs attention","visState":"{\"title\":\"Closed loop failed action : needs attention\",\"type\":\"table\",\"params\":{\"perPage\":5,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIlAjTaDjJ4k3sPXRe1","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWI91Rvl8kHy-lwNJZrN","_score":1,"_source":{"title":"CL efficiency - CL reponse time","visState":"{\"title\":\"CL efficiency - CL reponse time\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJxqD67B2zw2CQxMIeq","_score":1,"_source":{"title":"Top Error Messages","visState":"{\"title\":\"Top Error Messages\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.actor.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Actor\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.message.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Message\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.operation.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Operation\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWI922pp8kHy-lwNJZrP","_score":1,"_source":{"title":"CLEventDurationTables","visState":"{\"title\":\"CLEventDurationTables\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\",\"customLabel\":\"Event Duration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\",\"row\":true}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"requestID.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWIk_VLEDjJ4k3sPXReS","_score":1,"_source":{"title":"Top 5 closed loop success action","visState":"{\"title\":\"Top 5 closed loop success action\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJoFDTyr1AwiIiFoV5R","_score":1,"_source":{"title":"Hottest closed loops","visState":"{\"title\":\"Hottest closed loops\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"legendOpen\":true}}","description":"","savedSearchId":"AWIk8yDIDjJ4k3sPXRbu","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWJsTEvYr1AwiIiFoV6S","_score":1,"_source":{"title":"FINAL: FAILURE","description":"","columns":["notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"negate\":false,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"type\":\"phrase\",\"key\":\"notification\",\"value\":\"FINAL: FAILURE\",\"disabled\":false,\"alias\":null},\"query\":{\"match\":{\"notification\":{\"query\":\"FINAL: FAILURE\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJsT-HUr1AwiIiFoV6T","_score":1,"_source":{"title":"CL Efficiency - Failed actions","visState":"{\"title\":\"CL Efficiency - Failed actions\",\"type\":\"gauge\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"gauge\":{\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":4},{\"from\":4,\"to\":6},{\"from\":7,\"to\":10}],\"extendRange\":false,\"gaugeColorMode\":\"Labels\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Arc\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":true},\"style\":{\"bgColor\":false,\"bgFill\":\"#eee\",\"bgMask\":false,\"bgWidth\":0.9,\"fontSize\":60,\"labelColor\":true,\"mask\":false,\"maskBars\":50,\"subText\":\"\",\"width\":0.9},\"type\":\"meter\",\"verticalSplit\":true},\"isDisplayWarning\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"defaultColors\":{\"0 - 4\":\"rgb(0,104,55)\",\"4 - 6\":\"rgb(255,255,190)\",\"7 - 10\":\"rgb(165,0,38)\"}}}","description":"","savedSearchId":"AWJsTEvYr1AwiIiFoV6S","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJoJdIjr1AwiIiFoV5T","_score":1,"_source":{"title":"CL Onset/Abated Variance","visState":"{\"title\":\"CL Onset/Abated Variance\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Closed Loop\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-3\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-3\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"horizontal_bar\",\"radiusRatio\":\"13\",\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Closed Loop\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopEventStatus.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}}],\"listeners\":{}}","uiStateJSON":"{}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWIlAjTaDjJ4k3sPXRe1","_score":1,"_source":{"title":"FAILURE NOTIFICATION","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"ABATED\",\"disabled\":true,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"closedLoopEventStatus.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"ABATED\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ABATED\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"ONSET\",\"disabled\":true,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"closedLoopEventStatus.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"FAILURE NOTIFICATION\",\"disabled\":false,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"notification.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"FINAL: FAILURE\"},\"query\":{\"match\":{\"notification.keyword\":{\"query\":\"FINAL: FAILURE\",\"type\":\"phrase\"}}}}]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWIk8yDIDjJ4k3sPXRbu","_score":1,"_source":{"title":"ONSET","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}}
-{"_index":".kibana","_type":"dashboard","_id":"AWI-9KyytmDBG_mksMZL","_score":1,"_source":{"title":"CLAMP Dashboard","description":"","panelsJSON":"[{\"col\":5,\"id\":\"AWIk_VLEDjJ4k3sPXReS\",\"panelIndex\":1,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWIlBLT7DjJ4k3sPXRe7\",\"panelIndex\":2,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWI967sW8kHy-lwNJZrR\",\"panelIndex\":3,\"row\":7,\"size_x\":5,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWI91Rvl8kHy-lwNJZrN\",\"panelIndex\":4,\"row\":4,\"size_x\":5,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWJoFDTyr1AwiIiFoV5R\",\"panelIndex\":5,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWJoJdIjr1AwiIiFoV5T\",\"panelIndex\":6,\"row\":7,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWJoMx0_r1AwiIiFoV5V\",\"panelIndex\":7,\"row\":4,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":6,\"id\":\"AWJsT-HUr1AwiIiFoV6T\",\"panelIndex\":8,\"row\":4,\"size_x\":3,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"AWJxqD67B2zw2CQxMIeq\",\"col\":1,\"row\":10}]","optionsJSON":"{\"darkTheme\":false}","uiStateJSON":"{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"legendOpen\":true}},\"P-8\":{\"vis\":{\"defaultColors\":{\"0 - 4\":\"rgb(0,104,55)\",\"4 - 6\":\"rgb(255,255,190)\",\"7 - 10\":\"rgb(165,0,38)\"},\"legendOpen\":false}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}","timeRestore":false,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[{\"query\":{\"match_all\":{}}}],\"highlightAll\":true,\"version\":true}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJoMx0_r1AwiIiFoV5V","_score":1,"_source":{"title":"CL Efficiency - Total Activity","visState":"{\"title\":\"CL Efficiency - Total Activity\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"closedLoopAlarmStart per 10 seconds\"},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Sum of eventDuration\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"defaultYExtents\":true,\"mode\":\"normal\",\"setYExtents\":false,\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Sum of eventDuration\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopAlarmStart\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":0,\"extended_bounds\":{}}}],\"listeners\":{}}","uiStateJSON":"{}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"exists\",\"key\":\"closedLoopAlarmEnd\",\"value\":\"exists\"},\"exists\":{\"field\":\"closedLoopAlarmEnd\"},\"$state\":{\"store\":\"appState\"}}]}"}}}
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-xpack.graph.enabled: false
+#xpack.graph.enabled: false
#Set to false to disable X-Pack graph features.
-xpack.ml.enabled: false
+#xpack.ml.enabled: false
#Set to false to disable X-Pack machine learning features.
-xpack.monitoring.enabled: false
+#xpack.monitoring.enabled: false
#Set to false to disable X-Pack monitoring features.
-xpack.reporting.enabled: false
+#xpack.reporting.enabled: false
#Set to false to disable X-Pack reporting features.
-xpack.security.enabled: false
+#xpack.security.enabled: false
#Set to false to disable X-Pack security features.
-xpack.watcher.enabled: false
+#xpack.watcher.enabled: false
#Set to false to disable Watcher.
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: {{.Values.service.externalPort}}
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
- - args:
- - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana
- - --input=/config/default.json
- - --type=data
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.configRepository }}/{{ .Values.configImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-config
- volumeMounts:
- - mountPath: /config/default.json
- name: {{ include "common.fullname" . }}
- subPath: default.json
containers:
- name: {{ include "common.name" . }}
- image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}"
+ image: "{{ .Values.global.imageRepository | default .Values.imageRepository }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
items:
- key: kibana.yml
path: kibana.yml
- - key: default.json
- path: default.json
-
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# Application configuration defaults.
#################################################################
-# Configuration image
-configRepository: docker.io
-configImage: taskrabbit/elasticsearch-dump
-
-
# BusyBox image
busyboxRepository: registry.hub.docker.com
busyboxImage: library/busybox:latest
# application image
-loggingRepository: docker.elastic.co
-image: kibana/kibana:5.6.9
+loggingRepository: nexus3.onap.org:10001
+image: onap/clamp-dashboard-kibana:3.0-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIEVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwNjA1MDg1MTQxWhcN
+MjMwNjA1MDg1MTQxWjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXCdZIoWM0EnEEw3qPiVMhAgNolWCTaLt
+eI2TjlTQdGDIcXdBZukHdNeOKYzOXRsLt6bLRtd5yARpn53EbzS/dgAyHuaz1HjE
+5IPWSFRg9SulfHUmcS+GBt1+KiMJTlOsw6wSA73H/PjjXBbWs/uRJTnaNmV3so7W
+DhNW6fHOrbom4p+3FucbB/QAM9b/3l/1LKnRgdXx9tekDnaKN5u3HVBmyOlRhaRp
+tscLUCT3jijoGAPRcYZybgrpa0z3iCWquibTO/eLwuO/Dn7yHWau9ZZAHGPBSn9f
+TiLKRYV55mNjr3zvs8diTPECFPW8w8sRIH3za1aKHgUC1gd87Yr3AgMBAAGjZjBk
+MB0GA1UdDgQWBBQa1FdycErTZ6nr4dxiMbKH0P7vqjAfBgNVHSMEGDAWgBRTVTPy
+S+vQUbHBeJrBKDF77+rtSTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
+AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAlA/RTPy5i09fJ4ytSAmAdytMwEwRaU9F
+dshG7LU9q95ODsuM79yJvV9+ISIJZRsBqf5PDv93bUCKKHIYGvR6kNd+n3yx/fce
+txDkC/tMj1T9D8TuDKAclGEO9K5+1roOQQFxr4SE6XKb/wjn8OMrCoJ75S0F3htF
+LKL85T77JeGeNgSk8JEsZvQvj32m0gv9rxi5jM/Zi5E2vxrBR9T1v3kVvlt6+PSF
+BoHXROk5HQmdHxnH+VYQtDHSwj9Xe9aoJMyL0WjYKd//8NUO+VACDOtK4Nia6gy9
+m/n9kMASMw6f9iF4n6t4902RWrRKTYM1CVu5wyVklVbEdE9i6Db4CpL9E8HpBUAP
+t44JiNzuFkDmSE/z5XuQIimDt6nzOaSF8pX2KHY2ICDLwpMNUvxzqXD9ECbdspiy
+JC2RGq8uARGGl6kQQBKDNO8SrO7rSBPANd1+LgqrKbCrHYfvFgkZPgT5MlQi+E1G
+LNT+i6fzZha9ed/L6yjl5Em71flJGFwRZl2pfErZRxp8pLPcznYyIpSjcwnqNCRC
+orhlp8nheiODC3oO3AFHDiFgUqvm8hgpnT2cPk2lpU2VY1TcZ8sW5qUDCxINIPcW
+u1SAsa87IJK3vEzPZfTCs/S6XThoqRfXj0c0Rahj7YFRi/PqIPY0ejwdtmZ9m9pZ
+8Lb0GYmlo44=
+-----END CERTIFICATE-----
#xpack.monitoring.elasticsearch.url: ["http://10.247.186.12:9200", "http://10.247.186.13:9200"]
#xpack.monitoring.elasticsearch.username: elastic
#xpack.monitoring.elasticsearch.password: changeme
-xpack.monitoring.enabled: false
+#xpack.monitoring.enabled: false
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
input {
- http_poller {
+ http_poller {
urls => {
event_queue => {
method => get
headers => {
Accept => "application/json"
}
- add_field => { "topic" => "${event_topic}" }
- type => "dmaap_event"
+ topic => "${event_topic}"
+ tags => [ "dmaap_source" ]
}
notification_queue => {
method => get
headers => {
Accept => "application/json"
}
- add_field => { "topic" => "${notification_topic}" }
- type => "dmaap_notification"
+ topic => "${notification_topic}"
+ tags => [ "dmaap_source" ]
}
request_queue => {
method => get
headers => {
Accept => "application/json"
}
- add_field => { "topic" => "${request_topic}" }
- type => "dmaap_request"
+ topic => "${request_topic}"
+ tags => [ "dmaap_source" ]
}
}
socket_timeout => 30
request_timeout => 30
- interval => 60
+ schedule => { "every" => "1m" }
codec => "plain"
- }
+ cacert => "/certs.d/aafca.pem"
+ }
}
+
filter {
- if [type] != "dmaap_log" {
- # avoid noise if no entry in the list
- if [message] == "[]" {
- drop { }
- }
+ # avoid noise if no entry in the list
+ if [message] == "[]" {
+ drop { }
+ }
+
+ if [http_request_failure] or [@metadata][code] != "200" {
+ mutate {
+ add_tag => [ "error" ]
+ }
+ }
- # parse json, split the list into multiple events, and parse each event
+ if "dmaap_source" in [tags] {
+ #
+ # Dmaap provides a json list, whose items are Strings containing the event
+ # provided to Dmaap, which itself is an escaped json.
+ #
+ # We first need to parse the json as we have to use the plaintext as it cannot
+ # work with list of events, then split that list into multiple string events,
+ # that we then transform into json.
+ #
json {
- source => "[message]"
- target => "message"
+ source => "[message]"
+ target => "message"
}
+ ruby {
+ code => "
+ for ev in event.get('message', [])
+ ev.set('@metadata', event.get('@metadata'))
+ end
+ "
+ }
+
split {
- field => "message"
- add_field => {
- "type" => "%{type}"
- "topic" => "%{topic}"
- }
+ field => "message"
}
json {
- source => "message"
+ source => "message"
+ }
+ mutate {
+ remove_field => [ "message" ]
}
- mutate { remove_field => [ "message" ] }
}
-
- # express timestamps in milliseconds instead of microseconds
- ruby {
+
+ #
+ # Some timestamps are expressed as milliseconds, some are in microseconds
+ #
+ if [closedLoopAlarmStart] {
+ ruby {
code => "
- if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999
- event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000)
- else
- event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10))
- end
- "
- }
- date {
- match => [ "closedLoopAlarmStart", UNIX_MS ]
- target => "closedLoopAlarmStart"
+ if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999
+ event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000)
+ else
+ event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10))
+ end
+ "
+ }
+ date {
+ match => [ "closedLoopAlarmStart", UNIX_MS ]
+ target => "closedLoopAlarmStart"
+ }
}
if [closedLoopAlarmEnd] {
ruby {
code => "
- if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999
- event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000)
- else
- event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10))
- end
- "
+ if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999
+ event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000)
+ else
+ event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10))
+ end
+ "
}
date {
match => [ "closedLoopAlarmEnd", UNIX_MS ]
}
}
- #"yyyy-MM-dd HH:mm:ss"
+
+
+ #
+ # Notification time are expressed under the form "yyyy-MM-dd HH:mm:ss", which
+ # is close to ISO8601, but lacks of T as spacer: "yyyy-MM-ddTHH:mm:ss"
+ #
if [notificationTime] {
- mutate {
- gsub => [
- "notificationTime", " ", "T"
- ]
- }
- date {
+ mutate {
+ gsub => [
+ "notificationTime", " ", "T"
+ ]
+ }
+ date {
match => [ "notificationTime", ISO8601 ]
target => "notificationTime"
- }
+ }
+ }
+
+
+ #
+ # Renaming some fields for readability
+ #
+ if [AAI][generic-vnf.vnf-name] {
+ mutate {
+ add_field => { "vnfName" => "%{[AAI][generic-vnf.vnf-name]}" }
+ }
+ }
+ if [AAI][generic-vnf.vnf-type] {
+ mutate {
+ add_field => { "vnfType" => "%{[AAI][generic-vnf.vnf-type]}" }
+ }
+ }
+ if [AAI][vserver.vserver-name] {
+ mutate {
+ add_field => { "vmName" => "%{[AAI][vserver.vserver-name]}" }
+ }
+ }
+ if [AAI][complex.city] {
+ mutate {
+ add_field => { "locationCity" => "%{[AAI][complex.city]}" }
+ }
+ }
+ if [AAI][complex.state] {
+ mutate {
+ add_field => { "locationState" => "%{[AAI][complex.state]}" }
+ }
+ }
+
+
+ #
+ # Adding some flags to ease aggregation
+ #
+ if [closedLoopEventStatus] =~ /(?i)ABATED/ {
+ mutate {
+ add_field => { "flagAbated" => "1" }
+ }
+ }
+ if [notification] =~ /^.*?(?:\b|_)FINAL(?:\b|_).*?(?:\b|_)FAILURE(?:\b|_).*?$/ {
+ mutate {
+ add_field => { "flagFinalFailure" => "1" }
+ }
+ }
+
+
+ if "error" not in [tags] {
+ #
+ # Creating data for a secondary index
+ #
+ clone {
+ clones => [ "event-cl-aggs" ]
+ add_tag => [ "event-cl-aggs" ]
+ }
+
+ if "event-cl-aggs" in [tags] {
+ #
+ # we only need a few fields for aggregations; remove all fields from clone except :
+ # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure
+ #
+ prune {
+ whitelist_names => ["^@.*$","^topic$","^type$","^tags$","^flagFinalFailure$","^flagAbated$","^locationState$","^locationCity$","^vmName$","^vnfName$","^vnfType$","^requestID$","^closedLoopAlarmStart$","^closedLoopControlName$","^closedLoopAlarmEnd$","^target$","^target_type$","^triggerSourceName$","^policyScope$","^policyName$","^policyVersion$"]
+ }
+
+ }
}
}
+
+
output {
stdout {
codec => rubydebug
}
- if [http_request_failure] {
+ if "error" in [tags] {
elasticsearch {
codec => "json"
hosts => ["${elasticsearch_base_url}"]
index => "errors-%{+YYYY.MM.DD}"
doc_as_upsert => true
}
- } else {
+
+ } else if "event-cl-aggs" in [tags] {
elasticsearch {
codec => "json"
hosts => ["${elasticsearch_base_url}"]
- index => "logstash-%{+YYYY.MM.DD}" # creates daily indexes
+ document_id => "%{requestID}"
+ index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop
doc_as_upsert => true
+ action => "update"
+ }
+ } else {
+ elasticsearch {
+ codec => "json"
+ hosts => ["${elasticsearch_base_url}"]
+ index => "events-%{+YYYY.MM.DD}" # creates daily indexes
+ doc_as_upsert => true
}
}
-
}
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-keys
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
- image: "{{ .Values.global.loggingRepository| default .Values.loggingRepository }}/{{ .Values.image }}"
+ image: "{{ .Values.global.imageRepository| default .Values.imageRepository }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: dmaap_consumer_group
- mountPath: /usr/share/logstash/pipeline/logstash.conf
name: {{ include "common.fullname" . }}
subPath: pipeline.conf
+ - name: {{ include "common.fullname" . }}-aaf-certs
+ mountPath: /certs.d/
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: logstash.yml
- key: pipeline.conf
path: pipeline.conf
+ - name: {{ include "common.fullname" . }}-aaf-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-aaf-keys
+
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
#################################################################
# application image
-loggingRepository: docker.elastic.co
-image: logstash/logstash:5.6.9
+imageRepository: nexus3.onap.org:10001
+image: onap/clamp-dashboard-logstash:3.0-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
config:
elasticsearchServiceName: cdash-es
elasticsearchPort: 9200
- dmaapHost: message-router.{{ include "common.namespace" . }}
+ dmaapHost: message-router
dmaapScheme: https
dmaapPort: 3905
dmaapConsumerGroup: "clampdashboard"
+++ /dev/null
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-pgpool-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
+++ /dev/null
-kind: "Service"
-apiVersion: "v1"
-metadata:
- name: "pgpool"
- labels:
- name: "pgpool"
-spec:
- ports:
- - protocol: "TCP"
- port: 5432
- targetPort: 5432
- selector:
- name: "pgpool"
- type: ClusterIP
# - Backend Connection Settings -
-backend_hostname0 = '{{.Values.container.primary}}'
+backend_hostname0 = '{{.Values.container.name.primary}}'
backend_port0 = 5432
backend_weight0= 1
backend_flag0= 'DISALLOW_TO_FAILOVER'
-backend_hostname1 = '{{.Values.container.replica}}'
+backend_hostname1 = '{{.Values.container.name.replica}}'
backend_port1 = 5432
backend_weight1= 1
backend_flag1= 'DISALLOW_TO_FAILOVER'
# LOAD BALANCING MODE
#------------------------------------------------------------------------------
-load_balance_mode = off
+load_balance_mode = on
# Activate load balancing mode
# (change requires restart)
ignore_leading_white_space = on
health_check_timeout = 10
# Health check timeout
# 0 means no timeout
-health_check_user = '{{.Values.credentials.pguser}}'
+health_check_user = '{{.Values.credentials.pgusername}}'
# Health check user
health_check_password = '{{.Values.credentials.pgpassword}}'
# Password for health check user
# ONLINE RECOVERY
#------------------------------------------------------------------------------
-recovery_user = '{{.Values.credentials.pguser}}'
+recovery_user = '{{.Values.credentials.pgusername}}'
# Online recovery user
recovery_password = '{{.Values.credentials.pgpassword}}'
# Online recovery password
testuser:md599e8713364988502fa6189781bcf648f
+postgres:md53175bce1d3201d16594cebf9d7eb3f9d
# limitations under the License.
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
- name: {{ .Release.Name}}-aaf-local-secret
+ name: {{ include "common.fullname" . }}-pgpool-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }}
-type: Opaque
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
*/}}
kind: Deployment
apiVersion: extensions/v1beta1
-metadata:
+metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-spec:
+spec:
replicas: 2
template:
metadata:
release: {{ .Release.Name }}
spec:
containers:
- - name: pgpool
- image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}"
+ - image: "{{.Values.repository}}/{{.Values.image}}"
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+ name: {{ include "common.name" . }}
env:
- name: PG_PRIMARY_SERVICE_NAME
value: {{.Values.container.name.primary}}
port: 5432
initialDelaySeconds: 20
periodSeconds: 10
- livenessProbe:
- tcpSocket:
+ livenessProbe:
+ tcpSocket:
port: 5432
initialDelaySeconds: 15
periodSeconds: 20
volumes:
- name: pgpool-pgconf
configMap:
- name: {{ .Release.Name }}-pgpool-configmap
+ name: {{ include "common.fullname" . }}-pgpool-configmap
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
# See the License for the specific language governing permissions and
# limitations under the License.
-name: pgpool
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence: {}
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: crunchydata
+image: crunchy-pgpool:centos7-10.4-2.0.0
+pullPolicy: Always
+
container:
port: 5432
name:
credentials:
pgusername: testuser
pgpassword: password
-serviceType: ClusterIP
-image:
- repository: crunchydata
- container: crunchy-pgpool
- tag: centos7-10.4-2.0.0
+service:
+ name: pgpool
+ type: ClusterIP
+ externalPort: 5432
+ internalPort: 5432
"interval": "15s",
"timeout": "1s"
},
+ {
+ "id": "multicloud-pike",
+ "name": "Multicloud Pike Health Check",
+ "http": "http://multicloud-pike:9007/api/multicloud-pike/v0/swagger.json",
+ "method": "HEAD",
+ "header": {
+ "Cache-Control": ["no-cache"],
+ "Content-Type": ["application/json"],
+ "Accept": ["application/json"]
+ },
+ "tls_skip_verify": true,
+ "interval": "15s",
+ "timeout": "1s"
+ },
{
"id": "multicloud-vio",
"name": "Multicloud Vio Health Check",
persistence:
mountSubPath: dcae/data
mountInitPath: dcae
+ pgpool:
+ nameOverride: dcae-pgpool
+ service:
+ name: dcae-pgpool
+ credentials:
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dcae-pgpool-primary
+ replica: dcae-pgpool-replica
# application image
repository: nexus3.onap.org:10001
# Use to override default setting in blueprints
componentImages:
config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
- datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.0
- deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.2
+ datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.2
+ deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.3
holmes_rules: onap/holmes/rule-management:1.2.0-STAGING-latest
holmes_engine: onap/holmes/engine-management:1.2.0-STAGING-latest
inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
persistence:
mountSubPath: dbc/data
mountInitPath: dbc
+ pgpool:
+ nameOverride: dbc-pgpool
+ service:
+ name: dbc-pgpool
+ credentials:
+ pgusername: dmaap_admin
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dbc-pgpool-primary
+ replica: dbc-pgpool-replica
ingress:
enabled: false
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:latest
+image: onap/dmaap/datarouter-node:1.0.2
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:latest
+image: onap/dmaap/datarouter-prov:1.0.2
pullPolicy: Always
# flag to enable debugging - application support required
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.hello:2.1.0.0
-port=8130
-cadi_registration_hostname={{.Values.config.helloServiceName}}
+apiVersion: v1
+description: ONAP multicloud Azure plugin
+name: multicloud-azure
+version: 3.0.0
--- /dev/null
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+ vio:
+ handlers: [azure_handler]
+ level: "DEBUG"
+ propagate: False
+handlers:
+ vio_handler:
+ level: "DEBUG"
+ class: "logging.handlers.RotatingFileHandler"
+ filename: "/var/log/onap/multicloud/azure/azure.log"
+ formatter: "mdcFormat"
+ maxBytes: 52428800
+ backupCount: 10
+formatters:
+ standard:
+ format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+ mdcFormat:
+ format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+ mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+ datefmt: "%Y-%m-%d %H:%M:%S"
+ (): onaplogging.mdcformatter.MDCFormatter
--- /dev/null
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: multicloud-azure
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+ spec:
+ containers:
+ - env:
+ - name: MSB_ADDR
+ value: "{{ .Values.config.msbgateway }}"
+ - name: MSB_PORT
+ value: "{{ .Values.config.msbPort }}.{{ include "common.namespace" . }}"
+ - name: AAI_ADDR
+ value: aai.{{ include "common.namespace" . }}
+ - name: AAI_PORT
+ value: "{{ .Values.config.aai.port }}"
+ - name: AAI_SCHEMA_VERSION
+ value: "{{ .Values.config.aai.schemaVersion }}"
+ - name: AAI_USERNAME
+ value: "{{ .Values.config.aai.username }}"
+ - name: AAI_PASSWORD
+ value: "{{ .Values.config.aai.password }}"
+ name: {{ include "common.name" . }}
+ volumeMounts:
+ - mountPath: /var/log/onap
+ name: azure-log
+ - mountPath: /opt/multicloud_azure/multicloud_azure/pub/config/log.yml
+ name: azure-logconfig
+ subPath: log.yml
+ resources:
+{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ httpGet:
+ path: /api/multicloud-azure/v0/swagger.json
+ port: {{ .Values.service.internalPort }}
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ {{ end -}}
+ # side car containers
+ - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat-onap
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ - mountPath: /var/log/onap
+ name: azure-log
+ - mountPath: /usr/share/filebeat/data
+ name: azure-data-filebeat
+ volumes:
+ - name: azure-log
+ emptyDir: {}
+ - name: azure-data-filebeat
+ emptyDir: {}
+ - name: filebeat-conf
+ configMap:
+ name: multicloud-filebeat-configmap
+ - name: azure-logconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Always
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "multicloud-azure",
+ "version": "v0",
+ "url": "/api/multicloud-azure/v0",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ }
+ ]'
+spec:
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ type: {{ .Values.service.type }}
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/multicloud/azure:1.2.0-SNAPSHOT
+pullPolicy: Always
+
+#Istio sidecar injection policy
+istioSidecar: true
+
+# application configuration
+config:
+ msbgateway: msb-iag
+ msbPort: 80
+ aai:
+ port: 8443
+ schemaVersion: v13
+ username: AAI
+ password: AAI
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 5
+ enabled: true
+
+service:
+ type: NodePort
+ portName: multicloud-azure
+ externalPort: 9008
+ internalPort: 9008
+ nodePort: 61
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 4Gi
+ requests:
+ cpu: 10m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 2
+ memory: 8Gi
+ requests:
+ cpu: 20m
+ memory: 2Gi
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-ocata",
+ "version": "v1",
+ "url": "/api/multicloud-ocata/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
}
]'
spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- - name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: http-{{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: NodePort
name: multicloud-ocata
+ portName: multicloud-ocata
externalPort: 9006
internalPort: 9006
nodePort: 93
requests:
cpu: 20m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright (c) 2018 Intel Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }}
+description: ONAP multicloud OpenStack Pike Plugin
+name: multicloud-pike
+version: 3.0.0
--- /dev/null
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+ pike:
+ handlers: [pike_handler]
+ level: "DEBUG"
+ propagate: False
+ newton_base:
+ handlers: [pike_handler]
+ level: "DEBUG"
+ propagate: False
+ common:
+ handlers: [pike_handler]
+ level: "DEBUG"
+ propagate: False
+
+handlers:
+ pike_handler:
+ level: "DEBUG"
+ class: "logging.handlers.RotatingFileHandler"
+ filename: "/var/log/onap/multicloud/openstack/pike/pike.log"
+ formatter: "mdcFormat"
+ maxBytes: 1024*1024*50
+ backupCount: 10
+
+formatters:
+ standard:
+ format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+ mdcFormat:
+ format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+ mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+ datefmt: "%Y-%m-%d %H:%M:%S"
+ (): onaplogging.mdcformatter.MDCFormatter
--- /dev/null
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
--- /dev/null
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+ spec:
+ containers:
+ - env:
+ - name: MSB_ADDR
+ value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
+ - name: MSB_PORT
+ value: "{{ .Values.config.msbPort }}"
+ - name: AAI_ADDR
+ value: aai.{{ include "common.namespace" . }}
+ - name: AAI_PORT
+ value: "{{ .Values.config.aai.port }}"
+ - name: AAI_SCHEMA_VERSION
+ value: "{{ .Values.config.aai.schemaVersion }}"
+ - name: AAI_USERNAME
+ value: "{{ .Values.config.aai.username }}"
+ - name: AAI_PASSWORD
+ value: "{{ .Values.config.aai.password }}"
+ name: {{ include "common.name" . }}
+ volumeMounts:
+ - mountPath: /var/log/onap
+ name: pike-log
+ - mountPath: /opt/pike/pike/pub/config/log.yml
+ name: pike-logconfig
+ subPath: log.yml
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ httpGet:
+ path: /api/multicloud-pike/v0/swagger.json
+ port: {{ .Values.service.internalPort }}
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ {{ end }}
+ # side car containers
+ - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat-onap
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ - mountPath: /var/log/onap
+ name: pike-log
+ - mountPath: /usr/share/filebeat/data
+ name: pike-data-filebeat
+
+ volumes:
+ - name: pike-log
+ emptyDir: {}
+ - name: pike-data-filebeat
+ emptyDir: {}
+ - name: filebeat-conf
+ configMap:
+ name: multicloud-filebeat-configmap
+ - name: pike-logconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Always
--- /dev/null
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "multicloud-pike",
+ "version": "v0",
+ "url": "/api/multicloud-pike/v0",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-pike",
+ "version": "v1",
+ "url": "/api/multicloud-pike/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ }
+ ]'
+
+spec:
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ type: {{ .Values.service.type }}
--- /dev/null
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/multicloud/openstack-pike:1.2.0-STAGING
+pullPolicy: Always
+
+#Istio sidecar injection policy
+istioSidecar: true
+
+# application configuration
+config:
+ msbgateway: msb-iag
+ msbPort: 80
+ aai:
+ port: 8443
+ schemaVersion: v13
+ username: AAI
+ password: AAI
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 5
+ enabled: true
+
+service:
+ type: NodePort
+ name: multicloud-pike
+ portName: multicloud-pike
+ externalPort: 9007
+ internalPort: 9007
+ nodePort: 96
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 4Gi
+ requests:
+ cpu: 10m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 2
+ memory: 8Gi
+ requests:
+ cpu: 20m
+ memory: 2Gi
+ unlimited: {}
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-vio",
+ "version": "v1",
+ "url": "/api/multicloud-vio/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
}
]'
spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- - name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: http-{{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: NodePort
name: multicloud-vio
+ portName: multicloud-vio
externalPort: 9004
internalPort: 9004
nodePort: 92
requests:
cpu: 20m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
"version": "v0",
"url": "/api/multicloud-titanium_cloud/v0",
"protocol": "REST",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
},
{
"version": "v0",
"url": "/api/multicloud-titaniumcloud/v0",
"protocol": "REST",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
},
{
"version": "v1",
"url": "/api/multicloud-titaniumcloud/v1",
"protocol": "REST",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
}
]'
spec:
ports:
{{ if eq .Values.service.type "NodePort" }}
- - name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{ else }}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: http-{{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{ end }}
selector:
app: {{ include "common.name" . }}
service:
type: NodePort
name: multicloud-titaniumcloud
+ portName: multicloud-titaniumcloud
externalPort: 9005
internalPort: 9005
nodePort: 94
requests:
cpu: 20m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
"extra_info_hint": "",
"provider_plugin": "multicloud-titaniumcloud"
},
+ "pike": {
+ "version": "pike",
+ "extra_info_hint": "",
+ "provider_plugin": "multicloud-pike"
+ },
"ocata": {
"version": "ocata",
"extra_info_hint": "",
}
},
"provider_plugin": "multicloud-vio"
+ },
+ "azure": {
+ "vim_type": "azure",
+ "versions": {
+ "1.0": {
+ "version": "1.0",
+ "extra_info_hint": "",
+ "provider_plugin": "multicloud-azure"
+ }
+ },
+ "provider_plugin": "multicloud-azure"
}
}
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud",
+ "version": "v1",
+ "url": "/api/multicloud/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
}
]'
spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- - name: {{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: NodePort
name: multicloud
+ portName: multicloud-framework
externalPort: 9001
internalPort: 9001
nodePort: 91
requests:
cpu: 20m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
# application image
repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:3.0.0-latest
+image: onap/externalapi/nbi:3.0.1
pullPolicy: Always
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
httpGet:
path: /nbi/api/v3/status
port: 8080
- initialDelaySeconds: 120
- periodSeconds: 20
+ initialDelaySeconds: 180
+ periodSeconds: 30
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
httpGet:
path: /nbi/api/v3/status
port: 8080
- initialDelaySeconds: 125
- periodSeconds: 20
+ initialDelaySeconds: 185
+ periodSeconds: 30
service:
type: NodePort
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
-osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }}
-osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }}
+placementVersioningEnabled: {{ .Values.config.placementVersioningEnabled }}
-osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
-osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
+# Placement API latest version numbers to be set in HTTP header
+placementMajorVersion: {{ .Values.config.placementMajorVersion }}
+placementMinorVersion: {{ .Values.config.placementMinorVersion }}
+placementPatchVersion: {{ .Values.config.placementPatchVersion }}
+
+# Placement API default version numbers to be set in HTTP header
+placementDefaultMajorVersion: {{ .Values.config.placementDefaultMajorVersion }}
+placementDefaultMinorVersion: {{ .Values.config.placementDefaultMinorVersion }}
+placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }}
+# Credentials for SO
soUsername: {{ .Values.config.soUsername }}
soPassword: {{ .Values.config.soPassword }}
+# Credentials for Conductor
conductorUrl: {{ .Values.config.conductorUrl }}
conductorUsername: {{ .Values.config.conductorUsername }}
conductorPassword: {{ .Values.config.conductorPassword }}
conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }}
conductorMaxRetries: {{ .Values.config.conductorMaxRetries }}
+# versions to be set in HTTP header
+conductorMinorVersion: {{ .Values.config.conductorMinorVersion }}
+# Policy Platform -- requires ClientAuth, Authorization, and Environment
policyPlatformUrl: {{ .Values.config.policyPlatformUrl }}
policyPlatformEnv: {{ .Values.config.policyPlatformEnv }}
policyPlatformUsername: {{ .Values.config.policyPlatformUsername }}
policyClientUsername: {{ .Values.config.policyClientUsername }}
policyClientPassword: {{ .Values.config.policyClientPassword }}
+# Credentials for DMaaP
messageReaderHosts: {{ .Values.config.messageReaderHosts }}
messageReaderTopic: {{ .Values.config.messageReaderTopic }}
messageReaderAafUserId: {{ .Values.config.messageReaderAafUserId }}
messageReaderAafPassword: {{ .Values.config.messageReaderAafPassword }}
+# Credentials for SDC
sdcUrl: {{ .Values.config.sdcUrl }}
sdcUsername: {{ .Values.config.sdcUsername }}
sdcPassword: {{ .Values.config.sdcPassword }}
sdcONAPInstanceID: {{ .Values.config.sdcONAPInstanceID }}
+# Credentials for the OOF placement service - Generic
osdfPlacementUsername: {{ .Values.config.osdfPlacementUsername }}
osdfPlacementPassword: {{ .Values.config.osdfPlacementPassword }}
+
+# Credentials for the OOF placement service - SO
+osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }}
+osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }}
+
+# Credentials for the OOF placement service - VFC
+osdfPlacementVFCUsername: {{ .Values.config.osdfPlacementVFCUsername }}
+osdfPlacementVFCPassword: {{ .Values.config.osdfPlacementVFCPassword }}
+
+# Credentials for the OOF CM scheduling service - Generic
+osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
+osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
+
+is_aaf_enabled: {{ .Values.config.is_aaf_enabled }}
+aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }}
+aaf_url: {{ .Values.config.aaf_url }}
+aaf_user_roles:
+ {{- range .Values.config.aaf_user_roles }}
+ - {{ . }}
+ {{- end }}
+
+# Secret Management Service from AAF
+aaf_sms_url: {{ .Values.config.aaf_sms_url }}
+aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }}
+secret_domain: {{ .Values.config.secret_domain }}
+aaf_ca_certs: {{ .Values.config.aaf_ca_certs }}
+
+# config db api
+configDbUrl: {{ .Values.config.configDbUrl }}
+configDbUserName: {{ .Values.config.configDbUserName }}
+configDbPassword: {{ .Values.config.configDbPassword }}
+configDbGetCellListUrl: {{ .Values.config.configDbGetCellListUrl }}
+configDbGetNbrListUrl: {{ .Values.config.configDbGetNbrListUrl }}
+
+# Credentials for PCIHandler
+pciHMSUsername: {{ .Values.config.pciHMSUsername }}
+pciHMSPassword: {{ .Values.config.pciHMSPassword }}
+
+# Credentials for the OOF PCI Opt service
+osdfPCIOptUsername: {{ .Values.config.osdfPCIOptUsername }}
+osdfPCIOptPassword: {{ .Values.config.osdfPCIOptPassword }}
- --container-name
- pdp
- --container-name
+ - aaf-service
+ - --container-name
+ - aaf-sms
+ - --container-name
- oof-has-api
env:
- name: NAMESPACE
- mountPath: /opt/app/config/osdf_config.yaml
name: {{ include "common.fullname" . }}-config
subPath: osdf_config.yaml
+ - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaf_root_ca.cer
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
items:
- key: osdf_config.yaml
path: osdf_config.yaml
+ - key: aaf_root_ca.cer
+ path: aaf_root_ca.cer
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
config:
msbgateway: msb-iag
msbPort: 80
- # Credentials for the OOF placement service – SO.
- osdfPlacementSOUsername: so_test
- osdfPlacementSOPassword: so_testpwd
- # Credentials for the OOF CM scheduling service – Generic.
- osdfCMSchedulerUsername: test1
- osdfCMSchedulerPassword: testpwd1
+ placementVersioningEnabled: False
+ # Placement API latest version numbers to be set in HTTP header
+ placementMajorVersion: "1"
+ placementMinorVersion: "0"
+ placementPatchVersion: "0"
+ # Placement API default version numbers to be set in HTTP header
+ placementDefaultMajorVersion: "1"
+ placementDefaultMinorVersion: "0"
+ placementDefaultPatchVersion: "0"
# Credentials of the callback url for SO.
soUsername: "" # SO username for call back.
soPassword: "" # SO password for call back.
conductorPassword: plan.15
conductorPingWaitTime: 60
conductorMaxRetries: 30
+ # versions to be set in HTTP header
+ conductorMinorVersion: 0
# Url and credentials for the Policy Platform
policyPlatformUrl: http://pdp:8081/pdp/api/getConfig # Policy Dev platform URL
policyPlatformEnv: TEST # Environment for policy platform
# Credentials for the placement service – Generic.
osdfPlacementUsername: "test"
osdfPlacementPassword: "testpwd"
+ # Credentials for the OOF placement service – SO.
+ osdfPlacementSOUsername: so_test
+ osdfPlacementSOPassword: so_testpwd
+ # Credentials for the OOF placement service - VFC
+ osdfPlacementVFCUsername: vfc_test
+ osdfPlacementVFCPassword: vfc_testpwd
+ # Credentials for the OOF CM scheduling service – Generic.
+ osdfCMSchedulerUsername: test1
+ osdfCMSchedulerPassword: testpwd1
+ #AAF Authentication
+ is_aaf_enabled: False
+ aaf_cache_expiry_hrs: 3
+ aaf_url: https://aaf-service:8100
+ aaf_user_roles:
+ - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL'
+ # Secret Management Service from AAF
+ aaf_sms_url: https://aaf-sms:10443
+ aaf_sms_timeout: 30
+ secret_domain: osdf
+ aaf_ca_certs: /opt/app/ssl_cert/aaf_root_ca.cer
+ # config db api
+ configDbUrl: http://config.db.url:8080
+ configDbUserName: osdf
+ configDbPassword: passwd
+ configDbGetCellListUrl: 'SDNCConfigDBAPI/getCellList'
+ configDbGetNbrListUrl: 'SDNCConfigDBAPI/getNbrList'
+ # Credentials for PCIHandler
+ pciHMSUsername: "" # pcihandler username for call back.
+ pciHMSPassword: "" # pcihandler password for call back.
+ # Credentials for the OOF PCI Opt service
+ osdfPCIOptUsername: pci_test
+ osdfPCIOptPassword: pci_testpwd
# default number of instances
replicaCount: 1
nodeSelector: {}
#-----------------------ONAP-PORTAL-Properties----------------------
-ONAP_REDIRECT_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
-ONAP_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
+ONAP_REDIRECT_URL=https://portal-app.{{.Release.Namespace}}:30225/ONAPPORTAL/login.htm
+ONAP_REST_URL=https://portal-app:8443/ONAPPORTAL/auxapi
ONAP_UEB_URL_LIST=
ONAP_PORTAL_INBOX_NAME=
ONAP_UEB_APP_KEY=
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- keystoreFile="keystoreONAP.keystore" keystorePass="{{ .Values.global.keypass }}"
+ keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}"
clientAuth="false" sslProtocol="TLS" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
data:
{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }}
- name: javax.net.ssl.keyStore
value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
- name: javax.net.ssl.keyStorePassword
- value: {{ .Values.global.keypass }}
+ value: {{ .Values.global.trustpass }}
- name: javax.net.ssl.trustStore
value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
- name: javax.net.ssl.trustStorePassword
- value: {{ .Values.global.keypass }}
+ value: {{ .Values.global.trustpass }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
- name: properties-onapportal
mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
subPath: server.xml
- - name: properties-onapportal
+ - name: authz-onapportal
mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}"
subPath: {{ .Values.global.keystoreFile}}
- - name: properties-onapportal
+ - name: authz-onapportal
mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}"
subPath: {{ .Values.global.truststoreFile}}
- name: var-log-onap
configMap:
name: {{ include "common.fullname" . }}-onapportal
defaultMode: 0755
+ - name: authz-onapportal
+ secret:
+ secretName: {{ include "common.fullname" . }}-authz-onapportal
- name: filebeat-conf
configMap:
name: portal-filebeat
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-authz-onapportal
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
-/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*/
-
-USE portal;
-/*
-Any updates required by OOM to the portaldb are made here.
-1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
-while the OOM K8s version has these service split up.
-*/
--- app_url is the FE, app_rest_endpoint is the BE
---portal-sdk => TODO: doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';
---dmaap-bc => the dmaap-bc doesn't open a node port..
-update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
---sdc-be => 8443:30204, 8080:30205
---sdc-fe => 8181:30206, 9443:30207
-update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';
---pap => 8443:30219
-update fn_app set app_url = 'http://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'http://pap:8443/onap/api/v2' where app_name = 'Policy';
---vid => 8080:30200
-update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';
---sparky => TODO: sparky doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
---cli => 8080:30260
-update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
---msb-discovery => 10081:30281 this is clearly incorrect
-update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';
+/*\r
+# Copyright © 2018 Amdocs, Bell Canada, AT&T\r
+#\r
+# Licensed under the Apache License, Version 2.0 (the "License");\r
+# you may not use this file except in compliance with the License.\r
+# You may obtain a copy of the License at\r
+#\r
+# http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing, software\r
+# distributed under the License is distributed on an "AS IS" BASIS,\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+# See the License for the specific language governing permissions and\r
+# limitations under the License.\r
+\r
+*/\r
+\r
+USE portal;\r
+/*\r
+Any updates required by OOM to the portaldb are made here.\r
+1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP\r
+while the OOM K8s version has these service split up.\r
+*/\r
+-- app_url is the FE, app_rest_endpoint is the BE\r
+--portal-sdk => TODO: doesn't open a node port yet\r
+update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';\r
+--dmaap-bc => the dmaap-bc doesn't open a node port..\r
+update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';\r
+--sdc-be => 8443:30204, 8080:30205\r
+--sdc-fe => 8181:30206, 9443:30207\r
+update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';\r
+--pap => 8443:30219\r
+update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v2' where app_name = 'Policy';\r
+--vid => 8080:30200\r
+update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';\r
+--sparky => TODO: sparky doesn't open a node port yet\r
+update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';\r
+--cli => 8080:30260\r
+update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';\r
+--msb-discovery => 10081:30281 this is clearly incorrect\r
+update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';\r
portalPort: "8989"
# application's front end hostname. Must be resolvable on the client side environment
portalHostName: "portal.api.simpledemo.onap.org"
- keystoreFile: "keystoreONAP.keystore"
- truststoreFile: "keystoreONAPall.jks"
- keypass: "changeit"
+ keystoreFile: "keystoreONAPPortal.p12"
+ truststoreFile: "truststoreONAPall.jks"
+ keypass: ",@{9!OOv%HO@#c+0Z}axu!xV"
+ trustpass: "changeit"
config:
logstashServiceName: log-ls
GLOBAL_ASDC_BE_USERNAME = "beep"
GLOBAL_ASDC_BE_PASSWORD = "boop"
# clamp info - everything is from the private oam network (also called onap private network)
-GLOBAL_CLAMP_SERVER_PROTOCOL = "http"
-GLOBAL_CLAMP_SERVER_PORT = "8080"
+GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
+GLOBAL_CLAMP_SERVER_PORT = "8443"
# nbi info - everything is from the private oam network (also called onap private network)
GLOBAL_NBI_SERVER_PROTOCOL = "http"
GLOBAL_NBI_SERVER_PORT = "8080"
GLOBAL_DNS_TRAFFIC_DURATION = "600"
# location where heat templates are loaded from
GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat"
-
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 180
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 180
periodSeconds: 10
service:
# Configuration file for SDNC Controller Module
#
-org.onap.ccsdk.features.rest.adaptors.envtype=solo
+org.onap.ccsdk.features.blueprints.adaptors.envtype=solo
# Config Generator Microservices
-org.onap.ccsdk.features.rest.adaptors.modelservice.type=generic
-org.onap.ccsdk.features.rest.adaptors.modelservice.enable=true
-org.onap.ccsdk.features.rest.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
-org.onap.ccsdk.features.rest.adaptors.modelservice.user=ccsdkapps
-org.onap.ccsdk.features.rest.adaptors.modelservice.passwd=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.type=generic
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.enable=true
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=ccsdkapps
# Generic RESTCONF Adaptor
-org.onap.ccsdk.features.rest.adaptors.restconf.type=generic
-org.onap.ccsdk.features.rest.adaptors.restconf.enable=true
-org.onap.ccsdk.features.rest.adaptors.restconf.user=admin
-org.onap.ccsdk.features.rest.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
-org.onap.ccsdk.features.rest.adaptors.restconf.url=http://sdnc:8282/restconf/
+org.onap.ccsdk.features.blueprints.adaptors.restconf.type=generic
+org.onap.ccsdk.features.blueprints.adaptors.restconf.enable=true
+org.onap.ccsdk.features.blueprints.adaptors.restconf.user=admin
+org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
+org.onap.ccsdk.features.blueprints.adaptors.restconf.url=http://sdnc:8282/restconf/
auth: 33293332AEC4930F655D8E2E8BB08937
password: B8EBDE0311F0AF355CF3F2FD505A8CAD
sdnc:
- endpoint: http://mso-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter
+ endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter
rest:
- endpoint: http://mso-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc
+ endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc
timeout: PT60S
tenant:
endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/TenantAdapter
vnf:
endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAdapter
rest:
- endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/vnfs/v1/vnfs
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/vnfs
volume-groups:
rest:
endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}g:8087/services/rest/v1/volume-groups
vnf-async:
- endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsyncAdapter
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsync
bpmn:
process:
historyTimeToLive: '30'
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
vnfadapter:
create:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
delete:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
query:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
rollback:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
global:
dmaap:
username: testuser
db:
auth: Basic YnBlbDpwYXNzd29yZDEk
spring:
- datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
- initialize: false
- initialization-mode: never
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
- jpa:
- generate-ddl: false
- show-sql: false
- hibernate:
- ddl-auto: validate
- naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
- enable-lazy-load-no-trans: true
- database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
security:
usercredentials:
-
#Actuator
management:
context-path: /manage
-flyway:
- baseline-on-migrate: true
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+# @author: gareth.roper@ericsson.com
+apiVersion: v1
+description: A Helm chart for ONAP Service Orchestration Monitoring
+name: so-monitoring
+version: 3.0.0
\ No newline at end of file
--- /dev/null
+server:
+ port: 8088
+ tomcat:
+ max-threads: 50
+ssl-enable: false
+camunda:
+ rest:
+ api:
+ url: http://bpmn-infra.{{ include "common.namespace" . }}:8081/engine-rest/engine/
+ engine: default
+ auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
+mso:
+ database:
+ rest:
+ api:
+ url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/
+ auth: Basic YnBlbDpwYXNzd29yZDEk
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+# @author: gareth.roper@ericsson.com
+apiVersion: v1
+data:
+ LOG_PATH: {{ index .Values.logPath }}
+ APP: {{ index .Values.app }}
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-app-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+# @author: gareth.roper@ericsson.com
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+spec:
+ replicas: {{ index .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: so-chown
+ image: alpine:3.6
+ volumeMounts:
+ - name: logs
+ mountPath: /app/logs
+ imagePullPolicy: {{ index .Values.pullPolicy }}
+ command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"]
+ restartPolicy: Always
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "common.repository" . }}/{{ .Values.image }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ env:
+ - name: DB_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.host
+ - name: DB_PORT
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.port
+ - name: DB_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.rolename
+ - name: DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.password
+ - name: DB_ADMIN_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.admin.rolename
+ - name: DB_ADMIN_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.admin.password
+ envFrom:
+ - configMapRef:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullPolicy: {{ index .Values "global" "pullPolicy" }}
+ volumeMounts:
+ - name: logs
+ mountPath: /app/logs
+ - name: config
+ mountPath: /app/config
+ readOnly: true
+ readinessProbe:
+ tcpSocket:
+ port: {{ index .Values.readinessProbe.port }}
+ initialDelaySeconds: {{ index .Values.readinessProbe.initialDelaySeconds}}
+ periodSeconds: {{ index .Values.readinessProbe.periodSeconds}}
+ livenessProbe:
+ tcpSocket:
+ port: {{ index .Values.livenessProbe.port }}
+ initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
+ periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
+ successThreshold: {{ index .Values.livenessProbe.successThreshold}}
+ failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
+
+ ports:
+ - containerPort: {{ index .Values.containerPort }}
+ name: {{ .Values.service.portName }}
+ protocol: TCP
+ volumes:
+ - name: logs
+ emptyDir: {}
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}-app-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+
+
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+# @author: gareth.roper@ericsson.com
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
+
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+# @author: gareth.roper@ericsson.com
+image: onap/so/so-monitoring:latest
+pullPolicy: IfNotPresent
+replicaCount: 1
+minReadySeconds: 10
+containerPort: 9091
+logPath: app/logs/
+app: so-monitoring
+service:
+ type: ClusterIP
+ internalPort: 9091
+ externalPort: 9091
+ portName: so-monitor-port
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
+# Resource Limit flavor -By Default using small
+flavor: small
+#Segregation for different environment (Small or large)
+resources:
+ small:
+ requests:
+ memory: 1Gi
+ cpu: 10m
+ limits:
+ memory: 4Gi
+ cpu: 1
+ large:
+ requests:
+ memory: 2Gi
+ cpu: 20m
+ limits:
+ memory: 8Gi
+ cpu: 2
+readinessProbe:
+ port: 9091
+ initialDelaySeconds: 20
+ periodSeconds: 10
+ timeoutSeconds: 10
+livenessProbe:
+ port: 9091
+ initialDelaySeconds: 40
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+ingress:
+ enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}
+
spring:
datasource:
url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
+ username: ${DB_ADMIN_USERNAME}
+ password: ${DB_ADMIN_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
dbcp2:
initial-size: 5
identity_url: "https://identity.api.rackspacecloud.com/v2.0"
mso_id: "RACKSPACE_ACCOUNT_ID"
mso_pass: "RACKSPACE_ACCOUNT_APIKEY"
- admin_tenant: "service"
+ admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
member_role: "admin"
tenant_metadata: true
identity_server_type: "KEYSTONE"
identity_authentication_type: "RACKSPACE_APIKEY"
+ DEFAULT_KEYSTONE:
+ identity_url: "{{ .Values.config.openStackKeyStoneUrl }}"
+ mso_id: "{{ .Values.config.openStackUserName }}"
+ mso_pass: "{{ .Values.config.openStackEncryptedPasswordHere }}"
+ admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
+ member_role: "admin"
+ tenant_metadata: true
+ identity_server_type: "KEYSTONE"
+ identity_authentication_type: "USERNAME_PASSWORD"
cloud_sites:
Dallas:
region_id: "DFW"
clli: "ORD"
aic_version: "2.5"
identity_service_id: "RAX_KEYSTONE"
+ RegionOne:
+ region_id: "RegionOne"
+ clli: "RegionOne"
+ aic_version: "2.5"
+ identity_service_id: "DEFAULT_KEYSTONE"
DEFAULT:
- region_id: "DFW"
- clli: "DFW"
+ region_id: "{{ .Values.config.openStackRegion }}"
+ clli: "{{ .Values.config.openStackRegion }}"
aic_version: "2.5"
- identity_service_id: "RAX_KEYSTONE"
+ identity_service_id: "DEFAULT_KEYSTONE"
failureThreshold: 3
ingress:
enabled: false
+config:
+ openStackUserName: "vnf_user"
+ openStackRegion: "RegionOne"
+ openStackKeyStoneUrl: "http://1.2.3.4:5000/v2.0"
+ openStackServiceTenantName: "service"
+ openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
+ openStackTenantId: "d570c718cbc545029f40e50b75eb13df"
nodeSelector: {}
tolerations: []
affinity: {}
myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify
rest:
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
- sdncauth: 406B2AE613211B6FB52466DE6E1769AC
+ sdncauth: 263f7d5f944d4d0c76db74b4148bec67d0bc796a874bc0d2a2a12aae89a866aa69133f700f391f784719a37f6a68d29bf5a2fbae1dab0402db7788c800c5ba73
sdncconnecttime: 5000
- sdncurl10: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
- sdncurl11: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
- sdncurl12: http://sdnc.{{ include "common.namespace" . }}:8282/
- sdncurl5: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config
- sdncurl6: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
- sdncurl8: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
- sdncurl9: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation
+ sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
+ sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
+ sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
+ sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
+ sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
+ sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
+ sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
service:
infra:
service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1
pgPrimaryPassword: postgres
pgUserPassword: postgres
pgRootPassword: postgres
+ pgpool:
+ nameOverride: vnfsdk-pgpool
+ service:
+ name: vnfsdk-pgpool
+ credentials:
+ pgusername: postgres
+ pgpassword: postgres
+ container:
+ name:
+ primary: pgpool-primary
+ replica: pgpool-replica
# flag to enable debugging - application support required
debugEnabled: false
Code Review / oom.git / commitdiff