Merge "Update MSB annotations SO helm chart service"
authorAlexis de Talhouët <alexis.de_talhouet@bell.ca>
Fri, 12 Oct 2018 17:56:06 +0000 (17:56 +0000)
committerGerrit Code Review <gerrit@onap.org>
Fri, 12 Oct 2018 17:56:06 +0000 (17:56 +0000)
176 files changed:
kubernetes/aaf/.helmignore
kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
kubernetes/aaf/charts/aaf-cm/values.yaml
kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql [deleted file]
kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql [deleted file]
kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql [deleted file]
kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql [deleted file]
kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
kubernetes/aaf/charts/aaf-cs/templates/pv.yaml [new file with mode: 0644]
kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml [new file with mode: 0644]
kubernetes/aaf/charts/aaf-cs/values.yaml
kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
kubernetes/aaf/charts/aaf-fs/values.yaml
kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
kubernetes/aaf/charts/aaf-gui/values.yaml
kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
kubernetes/aaf/charts/aaf-hello/values.yaml
kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
kubernetes/aaf/charts/aaf-locate/values.yaml
kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
kubernetes/aaf/charts/aaf-oauth/values.yaml
kubernetes/aaf/charts/aaf-service/.helmignore [new file with mode: 0644]
kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
kubernetes/aaf/charts/aaf-service/values.yaml
kubernetes/aaf/charts/aaf-sms/resources/config/has.json [new file with mode: 0644]
kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json [new file with mode: 0644]
kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml
kubernetes/aaf/charts/aaf-sms/templates/job.yaml [new file with mode: 0644]
kubernetes/aaf/resources/config/backup/backup.sh [deleted file]
kubernetes/aaf/resources/config/backup/cbackup.sh [deleted file]
kubernetes/aaf/resources/config/data/identities.dat [deleted file]
kubernetes/aaf/resources/config/data/sample.identities.dat [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.cm.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.common.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.fs.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.gui.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.locate.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props [deleted file]
kubernetes/aaf/resources/config/etc/org.osaaf.service.props [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11 [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.aaf.props [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props [deleted file]
kubernetes/aaf/resources/config/local/org.osaaf.location.props [deleted file]
kubernetes/aaf/resources/config/public/README.txt [deleted file]
kubernetes/aaf/templates/configmap.yaml [deleted file]
kubernetes/aaf/templates/job.yaml
kubernetes/aaf/templates/pv.yaml
kubernetes/aaf/templates/pvc.yaml
kubernetes/aaf/values.yaml
kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties
kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml [new file with mode: 0644]
kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml
kubernetes/aai/charts/aai-data-router/templates/configmap.yaml
kubernetes/aai/charts/aai-data-router/templates/deployment.yaml
kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile [new file with mode: 0644]
kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
kubernetes/aai/charts/aai-gizmo/templates/service.yaml
kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
kubernetes/aai/charts/aai-resources/resources/config/realm.properties
kubernetes/aai/charts/aai-resources/templates/deployment.yaml
kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config [moved from kubernetes/aai/charts/aai-sparky-be/resources/config/portal/roles.config with 100% similarity]
kubernetes/aai/charts/aai-sparky-be/resources/config/users.config [new file with mode: 0644]
kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml
kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
kubernetes/aai/values.yaml
kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg
kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml
kubernetes/clamp/charts/clamp-dash-es/values.yaml
kubernetes/clamp/charts/clamp-dash-kibana/resources/config/default.json [deleted file]
kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml
kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml
kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
kubernetes/clamp/charts/clamp-dash-logstash/resources/certs/aafca.pem [new file with mode: 0644]
kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml
kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf
kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml
kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml
kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
kubernetes/common/pgpool/templates/configmap.yaml [deleted file]
kubernetes/common/pgpool/templates/service.yaml [deleted file]
kubernetes/common/postgres/charts/pgpool/Chart.yaml [moved from kubernetes/common/pgpool/Chart.yaml with 100% similarity]
kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf [moved from kubernetes/common/pgpool/configs/pgpool.conf with 99% similarity]
kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf [moved from kubernetes/common/pgpool/configs/pool_hba.conf with 100% similarity]
kubernetes/common/postgres/charts/pgpool/configs/pool_passwd [moved from kubernetes/common/pgpool/configs/pool_passwd with 50% similarity]
kubernetes/common/postgres/charts/pgpool/requirements.yaml [moved from kubernetes/common/pgpool/requirements.yaml with 100% similarity]
kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml [moved from kubernetes/aaf/templates/secrets.yaml with 67% similarity, mode: 0755]
kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml [moved from kubernetes/common/pgpool/templates/deployment.yaml with 86% similarity]
kubernetes/common/postgres/charts/pgpool/templates/service.yaml [new file with mode: 0644]
kubernetes/common/postgres/charts/pgpool/values.yaml [moved from kubernetes/common/pgpool/values.yaml with 53% similarity]
kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml
kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml
kubernetes/multicloud/charts/multicloud-azure/.helmignore [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-azure/Chart.yaml [moved from kubernetes/aaf/resources/config/etc/org.osaaf.hello.props with 72% similarity]
kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-azure/values.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-ocata/templates/service.yaml
kubernetes/multicloud/charts/multicloud-ocata/values.yaml
kubernetes/multicloud/charts/multicloud-pike/.helmignore [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-pike/Chart.yaml [moved from kubernetes/aaf/charts/aaf-cs/templates/secret.yaml with 69% similarity]
kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-pike/values.yaml [new file with mode: 0644]
kubernetes/multicloud/charts/multicloud-vio/templates/service.yaml
kubernetes/multicloud/charts/multicloud-vio/values.yaml
kubernetes/multicloud/charts/multicloud-windriver/templates/service.yaml
kubernetes/multicloud/charts/multicloud-windriver/values.yaml
kubernetes/multicloud/resources/config/provider-plugin.json
kubernetes/multicloud/templates/service.yaml
kubernetes/multicloud/values.yaml
kubernetes/nbi/values.yaml
kubernetes/oof/resources/config/aaf_root_ca.cer [new file with mode: 0755]
kubernetes/oof/resources/config/osdf_config.yaml
kubernetes/oof/templates/deployment.yaml
kubernetes/oof/values.yaml
kubernetes/policy/resources/config/pe/console.conf
kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore [deleted file]
kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks [new file with mode: 0644]
kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 [new file with mode: 0644]
kubernetes/portal/charts/portal-app/resources/server/server.xml
kubernetes/portal/charts/portal-app/templates/configmap.yaml
kubernetes/portal/charts/portal-app/templates/deployment.yaml
kubernetes/portal/charts/portal-app/templates/secret.yaml [new file with mode: 0644]
kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
kubernetes/portal/values.yaml
kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
kubernetes/robot/values.yaml
kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml
kubernetes/so/charts/so-monitoring/Chart.yaml [new file with mode: 0644]
kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml [new file with mode: 0644]
kubernetes/so/charts/so-monitoring/templates/configmap.yaml [new file with mode: 0644]
kubernetes/so/charts/so-monitoring/templates/deployment.yaml [new file with mode: 0644]
kubernetes/so/charts/so-monitoring/templates/service.yaml [new file with mode: 0644]
kubernetes/so/charts/so-monitoring/values.yaml [new file with mode: 0644]
kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
kubernetes/so/charts/so-openstack-adapter/values.yaml
kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
kubernetes/vnfsdk/values.yaml

index daebc7d..542b339 100644 (file)
@@ -18,4 +18,4 @@
 # Various IDEs\r
 .project\r
 .idea/\r
-*.tmproj\r
+*.tmproj
\ No newline at end of file
index 11b0811..3954425 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,13 +45,11 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
+      - name: {{ include "common.name" . }}-readiness
+        command:
         - /root/ready.py
         args:
         - --container-name
-        - aaf-cs
-        - --container-name
         - aaf-locate
         env:
         - name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/cm"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"]
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -103,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index a149f06..9ddb366 100644 (file)
@@ -20,20 +20,14 @@ global:
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.0
 flavor: small
-
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_cm:2.1.1
+image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -44,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
deleted file mode 100644 (file)
index c4f77d8..0000000
+++ /dev/null
@@ -1,279 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// Table Initialization
-// First make sure the keyspace exists.
-
-USE authz;
-
-//
-// CORE Table function
-//
-
-// Namespace - establish hierarchical authority to modify
-// Permissions and Roles
-// "scope" is flag to determine Policy.  Typical important scope
-// is "company" (1)
-CREATE TABLE ns (
-  name                 varchar,
-  scope                        int,  // deprecated 2.0.11
-  description          varchar,
-  parent               varchar,
-  type                 int,
-  PRIMARY KEY (name)  
-);
-CREATE INDEX ns_parent on ns(parent);
-  
-CREATE TABLE ns_attrib (
-  ns            varchar,
-  key           varchar,
-  value         varchar,
-  PRIMARY KEY (ns,key)
-);
-create index ns_attrib_key on ns_attrib(key);
-
-// Will be cached
-CREATE TABLE role (
-  ns       varchar,
-  name         varchar,
-  perms                set<varchar>, // Use "Key" of "name|type|action"
-  description varchar,
-  PRIMARY KEY (ns,name)
-);
-CREATE INDEX role_name  ON role(name);
-// Will be cached
-CREATE TABLE perm (
-  ns       varchar,
-  type                 varchar,
-  instance     varchar,
-  action       varchar,
-  roles                set<varchar>, // Need to find Roles given Permissions
-  description varchar,
-  PRIMARY KEY (ns,type,instance,action)
-);
-
-// This table is user for Authorization
-CREATE TABLE user_role (
-    user               varchar,
-    role               varchar, // deprecated: change to ns/rname after 2.0.11
-    ns                 varchar,
-    rname              varchar,
-    expires            timestamp,
-    PRIMARY KEY(user,role)
-  );
-CREATE INDEX user_role_ns ON user_role(ns);
-CREATE INDEX user_role_role ON user_role(role);
-
-// This table is only for the case where return User Credential (MechID) Authentication
-CREATE TABLE cred (
-    id    varchar,
-    type  int,
-    expires timestamp,  
-    ns    varchar,
-    other int,
-    notes varchar,
-    cred  blob,
-    prev  blob,
-    PRIMARY KEY (id,type,expires)
-  );
-CREATE INDEX cred_ns ON cred(ns);
-
-// Certificate Cross Table
-//   coordinated with CRED type 2
-CREATE TABLE cert (
-    fingerprint blob,
-    id         varchar,
-    x500       varchar,
-    expires    timestamp,  
-    PRIMARY KEY (fingerprint)
-  );
-CREATE INDEX cert_id ON cert(id);
-CREATE INDEX cert_x500 ON cert(x500);
-
-CREATE TABLE notify (
-  user                 text,
-  type                 int,
-  last                 timestamp,
-  checksum     int,
-  PRIMARY KEY (user,type)
-);
-
-CREATE TABLE x509 (
-  ca     text,
-  serial blob,
-  id     text,
-  x500   text,
-  x509   text,
-  PRIMARY KEY (ca,serial)
-);
-
-
-CREATE INDEX x509_id   ON x509 (id);
-CREATE INDEX x509_x500 ON x509 (x500);
-
-// 
-// Deployment Artifact (for Certman)
-//
-CREATE TABLE artifact (
-  mechid        text,
-  machine       text,
-  type          Set<text>,
-  sponsor       text,
-  ca            text,
-  dir           text,
-  os_user       text,
-  ns           text,
-  notify        text,
-  expires      timestamp,
-  renewDays     int,
-  sans         Set<text>,
-  PRIMARY KEY (mechid,machine)
-);
-CREATE INDEX artifact_machine ON artifact(machine); 
-CREATE INDEX artifact_ns ON artifact(ns); 
-
-//
-// Non-Critical Table functions
-//
-// Table Info - for Caching
-CREATE TABLE cache (
-   name                varchar,
-   seg         int,            // cache Segment
-   touched     timestamp,
-   PRIMARY KEY(name,seg)
-);
-
-CREATE TABLE history (
-  id                   timeuuid,
-  yr_mon               int,
-  user                 varchar,
-  action               varchar,
-  target               varchar,   // user, user_role, 
-  subject              varchar,   // field for searching main portion of target key
-  memo                 varchar,   //description of the action
-  reconstruct  blob,      //serialized form of the target
-  // detail    Map<varchar, varchar>,  // additional information
-  PRIMARY KEY (id)
-);
-CREATE INDEX history_yr_mon ON history(yr_mon);
-CREATE INDEX history_user ON history(user); 
-CREATE INDEX history_subject ON history(subject); 
-
-// 
-// A place to hold objects to be created at a future time.
-//
-CREATE TABLE future (
-  id        uuid,              // uniquify
-  target    varchar,                   // Target Table
-  memo     varchar,            // Description
-  start     timestamp,                 // When it should take effect
-  expires   timestamp,                 // When not longer valid
-  construct blob,              // How to construct this object (like History)
-  PRIMARY KEY(id)
-);
-CREATE INDEX future_idx ON future(target);
-CREATE INDEX future_start_idx ON future(start);
-
-
-CREATE TABLE approval (
-  id       timeuuid,         // unique Key
-  ticket    uuid,            // Link to Future Record
-  user             varchar,          // the user who needs to be approved
-  approver  varchar,         // user approving
-  type      varchar,          // approver types i.e. Supervisor, Owner
-  status    varchar,          // approval status. pending, approved, denied
-  memo      varchar,          // Text for Approval to know what's going on
-  operation varchar,         // List operation to perform
-  last_notified timestamp,    // Timestamp for the last time approver was notified
-  PRIMARY KEY(id)
- );
-CREATE INDEX appr_approver_idx ON approval(approver);
-CREATE INDEX appr_user_idx ON approval(user);
-CREATE INDEX appr_ticket_idx ON approval(ticket);
-CREATE INDEX appr_status_idx ON approval(status);
-
-CREATE TABLE approved (
-  id        timeuuid,         // unique Key
-  user      varchar,          // the user who needs to be approved
-  approver  varchar,          // user approving
-  type      varchar,          // approver types i.e. Supervisor, Owner
-  status    varchar,          // approval status. pending, approved, denied
-  memo      varchar,          // Text for Approval to know what's going on
-  operation varchar,          // List operation to perform
-  PRIMARY KEY(id)
- );
-CREATE INDEX approved_approver_idx ON approved(approver);
-CREATE INDEX approved_user_idx ON approved(user);
-
-CREATE TABLE delegate (
-  user      varchar,
-  delegate  varchar,
-  expires   timestamp,
-  PRIMARY KEY (user)  
-);
-CREATE INDEX delg_delg_idx ON delegate(delegate);
-
-// OAuth Tokens
-CREATE TABLE oauth_token (
-  id            text,                   // Reference
-  client_id     text,                   // Creating Client ID
-  user          text,                   // User requesting
-  active       boolean,                // Active or not
-  type         int,                    // Type of Token
-  refresh       text,                   // Refresh Token
-  expires       timestamp,              // Expiration time/Date (signed long)
-  exp_sec      bigint,                 // Seconds from Jan 1, 1970
-  content       text,                   // Content of Token
-  scopes        Set<text>,             // Scopes
-  state                text,                   // Context string (Optional)
-  req_ip       text,                   // Requesting IP (for logging purpose)
-  PRIMARY KEY(id)
-) with default_time_to_live = 21600;    // 6 hours
-CREATE INDEX oauth_token_user_idx ON oauth_token(user);
-
-CREATE TABLE locate (
-  name         text,                   // Component/Server name
-  hostname     text,                   // FQDN of Service/Component
-  port         int,                    // Port of Service
-  major                int,                    // Version, Major
-  minor                int,                    // Version, Minor
-  patch                int,                    // Version, Patch
-  pkg          int,                    // Version, Package (if available)
-  latitude     float,                  // Latitude
-  longitude    float,                  // Longitude
-  protocol     text,                   // Protocol (i.e. http https)
-  subprotocol   set<text>,             // Accepted SubProtocols, ie. TLS1.1 for https
-  port_key      uuid,                  // Key into locate_ports
-  PRIMARY KEY(name,hostname,port)
-) with default_time_to_live = 1200;    // 20 mins
-
-CREATE TABLE locate_ports (
-  id           uuid,                   // Id into locate
-  port         int,                    // SubPort
-  name         text,                   // Name of Other Port
-  protocol     text,                   // Protocol of Other (i.e. JMX, DEBUG)
-  subprotocol   set<text>,             // Accepted sub protocols or versions
-  PRIMARY KEY(id, port)
-) with default_time_to_live = 1200;    // 20 mins; 
-
-//
-// Used by authz-batch processes to ensure only 1 runs at a time
-//
-CREATE TABLE run_lock (
-  class text,
-  host text,
-  start timestamp,
-  PRIMARY KEY ((class))
-);
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql
deleted file mode 100644 (file)
index 2951b2a..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// For Developer Machine single instance
-// CREATE KEYSPACE authz
-//  WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
-// 
-//
-// Example of Network Topology, with Datacenter dc1 & dc2
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
-// Out of the box Docker Cassandra comes with "datacenter1", one instance
-CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' };
-// 
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql
deleted file mode 100644 (file)
index 89da60f..0000000
+++ /dev/null
@@ -1,136 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-// Create 'org' root NS
-INSERT INTO ns (name,description,parent,scope,type)
-  VALUES('org','Root Namespace','.',1,1);
-
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org','admin',{'org.access|*|*'},'Org Admins');
-
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description) 
-  VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description) 
-  VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
-
-// Create Root pass
-INSERT INTO cred (id,ns,type,cred,expires)
-  VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
-
-
-// Create org.osaaf
-INSERT INTO ns (name,description,parent,scope,type)
-  VALUES('org.osaaf','OSAAF Namespace','org',2,2);
-
-INSERT INTO role(ns, name, perms,description)
-  VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles,description) 
-  VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
-
-INSERT INTO role(ns, name, perms,description)
-  VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles,description) 
-  VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
-
-// Create org.osaaf.aaf
-INSERT INTO ns (name,description,parent,scope,type)
-  VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
-
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles, description) 
-  VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description) 
-  VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
-
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
-
-
-// ONAP Specific Entities
-// ONAP initial env Namespace
-INSERT INTO ns (name,description,parent,scope,type)
-  VALUES('org.onap','ONAP','org',2,2);
-
-INSERT INTO ns (name,description,parent,scope,type)
-  VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
-
-INSERT INTO perm(ns, type, instance, action, roles, description) 
-  VALUES ('org.onap.portal','access','*','read',{
-    'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
-  },'Portal Read Access');
-
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
-
-INSERT INTO perm(ns, type, instance, action, roles, description) 
-  VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
-
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
-
-// DEMO ID (OPS)
-insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// ADMIN
-insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// DESIGNER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
-
-// TESTER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
-
-// OPS
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
-
-// GOVERNOR
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
-  VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
-
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql
deleted file mode 100644 (file)
index 4b6bf44..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
-  VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ;
-
index cfece70..e0d500c 100644 (file)
@@ -30,25 +30,31 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ .Release.Name }}
     spec:
-      hostname: {{ include "common.name" . }}
       containers:
-      - args:
+      - name: {{ include "common.name" . }}
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
         ports:
         - containerPort: {{ .Values.service.externalPort }}
         - containerPort: {{ .Values.service.externalPort2 }}
         - containerPort: {{ .Values.service.externalPort3 }}
         - containerPort: {{ .Values.service.externalPort4 }}
+        env:
+        - name: CASSANDRA_CLUSTER_NAME
+          value: "osaaf"
+        - name: CASSANDRA_DC
+          value: "dc1"
+        - name: HEAP_NEWSIZE
+          value: "512M"
+        - name: MAX_HEAP_SIZE
+          value: "1024M"
         volumeMounts:
-        - mountPath: /data
-          name: aaf-cs-data
+        - mountPath: /var/lib/cassandra
+          name: cassandra-storage
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -57,25 +63,12 @@ spec:
           periodSeconds: {{ .Values.liveness.periodSeconds }}
         {{ end -}}
         readinessProbe:
-          tcpSocket:
-            port: {{ .Values.service.internalPort3 }}
+          exec:
+            command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"]
           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
           periodSeconds: {{ .Values.readiness.periodSeconds }}
-        lifecycle:
-          postStart:
-            exec:
-              command:
-              - /bin/sh
-              - -c
-              - >
-                /bin/sleep {{ .Values.readiness.initialDelaySeconds }};
-                cd /data/;
-                cqlsh -u root -p root -f keyspace.cql ;
-                cqlsh -u root -p root -f init.cql ;
-                cqlsh -u root -p root -f osaaf.cql ;
-                cqlsh -u root -p root -f temp_identity.cql
         resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . | indent 10 }}
       {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 10 }}
@@ -85,11 +78,15 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
       {{- end }}
       volumes:
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: aaf-cs-data
-          secret:
-            secretName: {{ include "common.fullname" . }}
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name: cassandra-storage
+      {{- if .Values.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ include "common.fullname" . }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml
new file mode 100644 (file)
index 0000000..4209179
--- /dev/null
@@ -0,0 +1,44 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    name: {{ include "common.fullname" . }}
+spec:
+  capacity:
+    storage: {{ .Values.persistence.size}}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+  hostPath:
+    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml
new file mode 100644 (file)
index 0000000..b102ffa
--- /dev/null
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
index 73dac29..a914b54 100644 (file)
@@ -24,12 +24,9 @@ flavor: small
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: library/cassandra:3.11
+image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
 # application configuration
 config: {}
 
@@ -42,14 +39,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 180
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 180
+  initialDelaySeconds: 120
   periodSeconds: 10
 
 service:
@@ -87,4 +84,14 @@ resources:
     requests:
       cpu: 40m
       memory: 9000Mi
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
+
+persistence:
+  enabled: true
+  #existingClaim:
+  mountPath: /dockerdata-nfs
+  mountSubPath: "cass"
+  volumeReclaimPolicy: Retain
+  accessMode: ReadWriteOnce
+  size: 10Gi
+  storageClass: "manual"
\ No newline at end of file
index d269dc6..5125eb1 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,13 +45,11 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
+      - name: {{ include "common.name" . }}-readiness
+        command:
         - /root/ready.py
         args:
         - --container-name
-        - aaf-cs
-        - --container-name
         - aaf-locate
         env:
         - name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/fs"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "]
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -103,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index 0e3a81a..0f0d7c4 100644 (file)
@@ -25,14 +25,9 @@ flavor: small
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_fs:2.1.1
+image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
index b24a008..24c8e68 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,14 +45,12 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
+      - name: {{ include "common.name" . }}-readiness
+        command:
         - /root/ready.py
         args:
         - --container-name
-        - aaf-cs
-        - --container-name
-        - aaf-locate
+        - aaf-cm
         env:
         - name: NAMESPACE
           valueFrom:
@@ -60,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/gui"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "]
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -103,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index 5665d1d..d44ac5e 100644 (file)
@@ -25,14 +25,9 @@ flavor: small
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_gui:2.1.1
+image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
index c76c084..f932228 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,13 +45,11 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
+      - name: {{ include "common.name" . }}-readiness
+        command:
         - /root/ready.py
         args:
         - --container-name
-        - aaf-cs
-        - --container-name
         - aaf-locate
         env:
         - name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/hello"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "]
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -103,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index 6fcf861..9f694be 100644 (file)
@@ -19,20 +19,15 @@ global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.0
-
+flavor: small
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_hello:2.1.1
+image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
index 6e69f2c..a3a9e28 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,12 +45,12 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
+      - name: {{ include "common.name" . }}-readiness
+        command:
         - /root/ready.py
         args:
         - --container-name
-        - aaf-cs
+        - aaf-service
         env:
         - name: NAMESPACE
           valueFrom:
@@ -58,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/locate"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "]
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -101,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index c924002..ba1e563 100644 (file)
@@ -19,24 +19,15 @@ global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.0
-
-# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines.
-#  persistence:
-#    mountPath: /dockerdata
 flavor: small
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_locate:2.1.1
+image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -47,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
index fd4ae21..06cf273 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,13 +45,11 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
-        - /root/ready.py
+      - name: {{ include "common.name" . }}-readiness
+        command:
+          - /root/ready.py
         args:
         - --container-name
-        - aaf-cs
-        - --container-name
         - aaf-locate
         env:
         - name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/oauth"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "] 
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -103,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index 281aa1c..d94bcae 100644 (file)
@@ -26,8 +26,6 @@ spec:
   ports:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.externalPort }}
-      #Example internal target port if required
-      #targetPort: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
       name: {{ .Values.service.portName }}
     {{- else -}}
index 943ad16..e52075a 100644 (file)
@@ -25,14 +25,9 @@ flavor: small
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_oauth:2.1.1
+image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
diff --git a/kubernetes/aaf/charts/aaf-service/.helmignore b/kubernetes/aaf/charts/aaf-service/.helmignore
new file mode 100644 (file)
index 0000000..f0c1319
--- /dev/null
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
index a07d06f..c3c140a 100644 (file)
@@ -31,11 +31,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       initContainers:
-      - command:
+      - name: {{ include "common.name" . }}-job-complete
+        command:
         - /root/job_complete.py
         args:
-        - -j
-        - {{ .Release.Name }}-aaf-create-config
+        - --job-name
+        - {{ .Release.Name }}-create-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -44,14 +45,12 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-job-complete
-      - command:
+      - name: {{ include "common.name" . }}-readiness
+        command:
         - /root/ready.py
         args:
         - --container-name
         - aaf-cs
-        - --container-name
-        - aaf-locate
         env:
         - name: NAMESPACE
           valueFrom:
@@ -60,23 +59,17 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
-      - env:
-        - name: CASSANDRA_CLUSTER
-          value: cassandra_container
-        name: {{ include "common.name" . }}
+      - name: {{ include "common.name" . }}
+        command: ["/bin/bash","/opt/app/aaf/bin/service"]
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "]
         volumeMounts:
-        - mountPath: /opt/app/osaaf
-          name: aaf-persistent-vol
+        - mountPath: "/opt/app/osaaf"
+          name: shared-config-volume
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        # disable liveness probe when breakpoints set in debugger
-        # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -103,12 +96,12 @@ spec:
       - name: localtime
         hostPath:
           path: /etc/localtime
-      - name: aaf-persistent-vol
+      - name: shared-config-volume
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
       imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
index 5ad31ff..7ec6364 100644 (file)
@@ -25,14 +25,9 @@ flavor: small
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_service:2.1.1
+image: onap/aaf/aaf_service:2.1.2-SNAPSHOT
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
 
 # default number of instances
 replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 300
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 30
   periodSeconds: 10
 
 service:
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json
new file mode 100644 (file)
index 0000000..9d017f9
--- /dev/null
@@ -0,0 +1,36 @@
+{
+    "domain": {
+        "name": "has",
+        "secrets": [
+            {
+                "name": "aai",
+                "values": {
+                    "username": "OOF",
+                    "password": "OOF"
+                }
+            },
+            {
+                "name": "conductor_api",
+                "values": {
+                    "username": "admin1",
+                    "password": "plan.15"
+                }
+            },
+            {
+                "name": "sdnc",
+                "values": {
+                    "username": "admin",
+                    "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U"
+                }
+            },
+            {
+                "name": "music_api",
+                "values": {
+                    "aafuser": "conductor",
+                    "aafpass": "c0nduct0r",
+                    "aafns": "conductor"
+                }
+            }
+        ]
+    }
+}
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
new file mode 100644 (file)
index 0000000..0950957
--- /dev/null
@@ -0,0 +1,98 @@
+{
+    "domain": {
+        "name": "osdf",
+        "secrets": [
+            {
+                "name": "so",
+                "values": {
+                    "UserName": "",
+                    "Password": ""
+                }
+            },
+            {
+                "name": "conductor",
+                "values": {
+                    "UserName": "admin1",
+                    "Password": "plan.15"
+                }
+            },
+            {
+                "name": "policyPlatform",
+                "values": {
+                    "UserName": "testpdp",
+                    "Password": "alpha123"
+                }
+            },
+            {
+                "name": "policyClient",
+                "values": {
+                    "UserName": "python",
+                    "Password": "test"
+                }
+            },
+            {
+                "name": "dmaap",
+                "values": {
+                    "UserName": "NA",
+                    "Password": "NA"
+                }
+            },
+            {
+                "name": "sdc",
+                "values": {
+                    "UserName": "NA",
+                    "Password": "NA"
+                }
+            },
+            {
+                "name": "osdfPlacement",
+                "values": {
+                    "UserName": "test",
+                    "Password": "testpwd"
+                }
+            },
+            {
+                "name": "osdfPlacementSO",
+                "values": {
+                    "UserName": "so_test",
+                    "Password": "so_testpwd"
+                }
+            },
+            {
+                "name": "osdfPlacementVFC",
+                "values": {
+                    "UserName": "vfc_test",
+                    "Password": "vfc_testpwd"
+                }
+            },
+            {
+                "name": "osdfCMScheduler",
+                "values": {
+                    "UserName": "test1",
+                    "Password": "testpwd1"
+                }
+            },
+            {
+                "name": "configDb",
+                "values": {
+                    "UserName": "osdf",
+                    "Password": "passwd"
+                }
+            },
+            {
+                "name": "pciHMS",
+                "values": {
+                    "UserName": "",
+                    "Password": ""
+                }
+            },
+            {
+                "name": "osdfPCIOpt",
+                "values": {
+                    "UserName": "pci_test",
+                    "Password": "pci_testpwd"
+                }
+            }
+        ]
+    }
+}
\ No newline at end of file
index 72ce6fb..b513d99 100644 (file)
@@ -1,3 +1,4 @@
+{{/*
 # Copyright 2018 Intel Corporation, Inc
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,6 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+*/}}
 
 apiVersion: v1
 kind: ConfigMap
@@ -25,3 +27,16 @@ metadata:
 data:
   smsconfig.json: |
     {{ .Values.config | toJson }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-preload
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}-preload
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
new file mode 100644 (file)
index 0000000..2cee8d5
--- /dev/null
@@ -0,0 +1,92 @@
+{{/*
+# Copyright 2018 Intel Corporation, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "common.fullname" . }}-preload
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - image:  "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+        command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - "aaf-sms"
+        - --container-name
+        - "aaf-sms-quorumclient"
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+      containers:
+      - image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+        imagePullPolicy: {{ .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-preload
+        command:
+          - "/sms/bin/preload"
+          - "-cacert"
+          - "/sms/certs/aaf_root_ca.cer"
+          - "-jsondir"
+          - "/preload/config"
+          - "-serviceport"
+          - "{{ .Values.service.internalPort }}"
+          - "-serviceurl"
+          - "https://aaf-sms.{{ include "common.namespace" . }}"
+        workingDir: /sms
+        volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /preload/config
+            name: {{ include "common.name" . }}-preload
+        resources:
+{{ include "common.resources" . | indent 10 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name : {{ include "common.name" . }}-preload
+        configMap:
+          name: {{ include "common.fullname" . }}-preload
+      restartPolicy: OnFailure
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/resources/config/backup/backup.sh b/kubernetes/aaf/resources/config/backup/backup.sh
deleted file mode 100644 (file)
index 0cc2f62..0000000
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# BEGIN Store prev
-BD=/opt/app/osaaf/backup
-if [ -e "$BD/6day" ]; then
-   rm -Rf $BD/6day
-fi
-
-PREV=$BD/6day
-for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do
-   if [ -e "$D" ]; then
-      mv "$D" "$PREV"
-   fi
-   PREV="$D"
-done
-
-if [ -e "$BD/today" ]; then
-    if [ -e "$BD/backup.log" ]; then
-       mv $BD/backup.log $BD/today
-    fi
-    gzip $BD/today/*
-    mv $BD/today $BD/yesterday
-fi
-
-mkdir $BD/today
-
-# END Store prev
-date
-docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup"
-docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
-# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
-docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
-docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
-date
diff --git a/kubernetes/aaf/resources/config/backup/cbackup.sh b/kubernetes/aaf/resources/config/backup/cbackup.sh
deleted file mode 100644 (file)
index de91852..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cd /opt/app/cass_backup
-DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history"
-PWD=cassandra
-CQLSH="cqlsh -u cassandra -k authz -p $PWD"
-for T in $DATA ; do
-    echo "Creating $T.dat"
-    $CQLSH -e  "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'"
-done
diff --git a/kubernetes/aaf/resources/config/data/identities.dat b/kubernetes/aaf/resources/config/data/identities.dat
deleted file mode 100644 (file)
index cb7f01d..0000000
+++ /dev/null
@@ -1,41 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout.  note, in this example, Application IDs and People IDs are mixed.  You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-#  0 - unique ID
-#  1 - full name
-#  2 - first name
-#  3 - last name
-#  4 - phone
-#  5 - official email
-#  6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-#  7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/data/sample.identities.dat b/kubernetes/aaf/resources/config/data/sample.identities.dat
deleted file mode 100644 (file)
index cf2ca6d..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout.  note, in this example, Application IDs and People IDs are mixed.  You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-#  0 - unique ID
-#  1 - full name
-#  2 - first name
-#  3 - last name
-#  4 - phone
-#  5 - official email
-#  6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-#  7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props b/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props
deleted file mode 100644 (file)
index ccd8a33..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.cm.props
-## AAF Certificate Manager properties
-## Note: Link to CA Properties in "local" dir
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props
-aaf_component=AAF_NS.cm:2.1.0.0
-port=8150
-cadi_registration_hostname={{.Values.config.cmServiceName}}
-#Certman
-cm_public_dir=/opt/app/osaaf/public
-cm_trust_cas=AAF_RootCA.cer
-
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.common.props b/kubernetes/aaf/resources/config/etc/org.osaaf.common.props
deleted file mode 100644 (file)
index 052a2ec..0000000
+++ /dev/null
@@ -1,43 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-############################################################
-# Common properties for all AAF Components
-#   on 2018-03-02 06:59.628-0500
-############################################################
-# Pull in Global Coordinates and Certificate Information
-aaf_root_ns=org.osaaf.aaf
-aaf_trust_perm=org.osaaf.aaf|org.onap|trust
-
-cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props
-cadi_protocols=TLSv1.1,TLSv1.2
-
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
-cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login
-
-# Standard for this App/Machine
-aaf_env=DEV
-aaf_data_dir=/opt/app/osaaf/data
-cadi_loglevel=DEBUG
-
-# Domain Support (which will accept)
-aaf_domain_support=.com:.org
-
-# Basic Auth
-aaf_default_realm=people.osaaf.org
-
-# OAuth2
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props
deleted file mode 100644 (file)
index 266e08e..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator 
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.fs:2.1.0.0
-port=8096
-cadi_registration_hostname={{.Values.config.fsServiceName}}
-
-aaf_public_dir=/opt/app/osaaf/public
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props b/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props
deleted file mode 100644 (file)
index 6c40b40..0000000
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator 
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.gui:2.1.0.0
-port=8200
-cadi_registration_hostname={{.Values.config.guiServiceName}}
-
-aaf_gui_title=AAF
-aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved.
-aaf_gui_theme=theme/onap
-cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login
-
-# GUI URLS and Help URLS
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-gw_url=https://{{.Values.config.locateServiceName}}:8095
-fs_url=http://{{.Values.config.fsServiceName}}:8096
-
-aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding
-aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt
-
-aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
-aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide
-aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF
-aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide
-#aaf_url.cadi_help=
-aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar
-aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134
-aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F
-aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props b/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props
deleted file mode 100644 (file)
index 1026dd8..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator 
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.locator:2.1.0.0
-port=8095
-cadi_registration_hostname={{.Values.config.locateServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props b/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props
deleted file mode 100644 (file)
index 9f10802..0000000
+++ /dev/null
@@ -1,51 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender 
-log4j.appender.INIT.File=${LOG4J_FILENAME_init}
-log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.INIT.layout=org.apache.log4j.PatternLayout 
-log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender 
-log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
-log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
-log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout 
-log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
-
-log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
-log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout 
-log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
-
-# General Apache libraries
-log4j.rootLogger=WARN.SRVR
-log4j.logger.org.apache=WARN,SRVR
-log4j.logger.com.datastax=WARN,SRVR
-log4j.logger.init=INFO,INIT
-log4j.logger.service=${LOGGING_LEVEL},SRVR
-log4j.logger.audit=INFO,AUDIT
-# Additional configs, not cauth with Root Logger
-log4j.logger.io.netty=INFO,SRVR
-log4j.logger.org.eclipse=INFO,SRVR
-
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props b/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props
deleted file mode 100644 (file)
index d2a5b97..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.locator 
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.oauth:2.1.0.0
-port=8140
-cadi_registration_hostname={{.Values.config.oauthServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props
deleted file mode 100644 (file)
index c609de2..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# 
-# Define Organizations for use in some of the components.  Not all use them
-#
-Organization.org.osaaf=org.onap.aaf.org.DefaultOrg
-org.osaaf.mailHost=smtp.mail.att.com
-org.osaaf.mailFrom=DL-aaf-support@aaf.att.com
-org.osaaf.default=true
-org.osaaf.also_supports=org.osaaf.people
-
-
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.service.props b/kubernetes/aaf/resources/config/etc/org.osaaf.service.props
deleted file mode 100644 (file)
index adb9032..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.service 
-## AAF Service Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.service:2.1.0.0
-port=8100
-cadi_registration_hostname={{.Values.config.serviceServiceName}}
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12
deleted file mode 100644 (file)
index 63aedd2..0000000
Binary files a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 and /dev/null differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11
deleted file mode 100644 (file)
index 05fe60f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-name = localca
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile
deleted file mode 100644 (file)
index 7206ad9..0000000
+++ /dev/null
@@ -1,27 +0,0 @@
-rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0
-sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng
-tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF
-Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz
-AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb
-yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By
-qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL
-y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco
-6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj
-4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz
--KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f
-Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC
-kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR
-PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3
-YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg
-yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN
-jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_
-biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1
-ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My
-c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf
-GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE
-G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw
-BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS
-acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d
-QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_
-2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im
-3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a
\ No newline at end of file
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12
deleted file mode 100644 (file)
index ac1dece..0000000
Binary files a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 and /dev/null differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props
deleted file mode 100644 (file)
index 21910eb..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-#hostname=aaf.osaaf.org
-aaf_env=DEV
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile
-cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
-cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb
-#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
-cadi_alias=aaf-authz@aaf.osaaf.org
-cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12
-cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12
deleted file mode 100644 (file)
index d01e856..0000000
Binary files a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 and /dev/null differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props b/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props
deleted file mode 100644 (file)
index 17f238b..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-############################################################
-# Cassandra properties for AAF Components  needing
-#   on 2018-03-02 06:59.628-0500
-############################################################
-# LOCAL Cassandra
-cassandra.clusters={{.Values.config.csServiceName}}
-cassandra.clusters.port=9042
-#need this to be fully qualified name when REAL AAF integration
-cassandra.clusters.user=cassandra
-cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV
-
-# Name for exception that has happened in the past
-cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
-
-# Example Consistency Settings for Clusters with at least instances
-#cassandra.writeConsistency.ns=LOCAL_QUORUM
-#cassandra.writeConsistency.perm=LOCAL_QUORUM
-#cassandra.writeConsistency.role=LOCAL_QUORUM
-#cassandra.writeConsistency.user_role=LOCAL_QUORUM
-#cassandra.writeConsistency.cred=LOCAL_QUORUM
-#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
-
-# Consistency Settings when Single Instance
-cassandra.writeConsistency.ns=ONE
-cassandra.writeConsistency.perm=ONE
-cassandra.writeConsistency.role=ONE
-cassandra.writeConsistency.user_role=ONE
-cassandra.writeConsistency.cred=ONE
-cassandra.writeConsistency.ns_attrib=ONE
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props b/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props
deleted file mode 100644 (file)
index 8843705..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-##
-## org.osaaf.cm.ca.props
-## Properties to access Certifiate Authority
-##
-
-#Certman
-cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw
-cm_ca.local.idDomains=org.osaaf
-cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
-cm_ca.local.perm_type=org.osaaf.aaf.ca
-
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.location.props b/kubernetes/aaf/resources/config/local/org.osaaf.location.props
deleted file mode 100644 (file)
index fd52d6d..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-##
-## org.osaaf.location.props
-##
-## Localized Machine Information
-##
-# Almeda California
-cadi_latitude=37.78187
-cadi_longitude=-122.26147
-
-#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org
-cadi_trust_masks=10.12.6/24
-aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095
diff --git a/kubernetes/aaf/resources/config/public/README.txt b/kubernetes/aaf/resources/config/public/README.txt
deleted file mode 100644 (file)
index 48aaa96..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment.
diff --git a/kubernetes/aaf/templates/configmap.yaml b/kubernetes/aaf/templates/configmap.yaml
deleted file mode 100644 (file)
index 9d21e05..0000000
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Release.Name }}-aaf-backup
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Release.Name }}-aaf-local
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Release.Name }}-aaf-etc
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Release.Name }}-aaf-data
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }}
index 719b6dc..103b908 100644 (file)
@@ -15,7 +15,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: {{ include "common.fullname" . }}-create-config
+  name: {{ .Release.Name }}-create-config
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -29,79 +29,28 @@ spec:
         app: aaf-init-job
         release: {{ .Release.Name }}
     spec:
-      initContainers:
-      - name: {{ include "common.name" . }}-inject-config
-        command:
-        - /bin/bash
-        - -c
-        - >
-          git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
-          echo "Clone complete. Copying from /tmp/gerrit/ to /public";
-          cp -rf /tmp/gerrit/auth/sample/public/* /public;
-          echo "Done.";
-        image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        volumeMounts:
-        - name: aaf-public
-          mountPath: "/public"
       containers:
-      - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"]
-        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+      - name: {{ include "common.name" . }}-config-container
+        image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: aaf-init-job
         volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        - mountPath: /data
-          name: aaf-persistent-data
-        - mountPath: /data1/etc
-          name: aaf-etc
-        - mountPath: /data1/data
-          name: aaf-data
-        - mountPath: /data1/public/iframe_denied_test.html
-          name: aaf-public
-          subPath: iframe_denied_test.html
-        - mountPath: /data1/public/aaf_2_0.xsd
-          name: aaf-public
-          subPath: aaf_2_0.xsd
-        - mountPath: /data1/public/truststoreONAP.p12
-          name: aaf-public
-          subPath: truststoreONAP.p12
-        - mountPath: /data1/public/AAF_RootCA.cer
-          name: aaf-public
-          subPath: AAF_RootCA.cer
-        - mountPath: /data1/public/truststoreONAPall.jks
-          name: aaf-public
-          subPath: truststoreONAPall.jks
-        - mountPath: /data1/local/org.osaaf.location.props
-          name: aaf-local
-          subPath: org.osaaf.location.props
-        - mountPath: /data1/local/org.osaaf.cm.ca.props
-          name: aaf-local
-          subPath: org.osaaf.cm.ca.props
-        - mountPath: /data1/local/org.osaaf.cassandra.props
-          name: aaf-local
-          subPath: org.osaaf.cassandra.props
-        - mountPath: /data1/local/org.osaaf.aaf.props
-          name: aaf-local
-          subPath: org.osaaf.aaf.props
-        - mountPath: /data1/local/org.osaaf.aaf.trust.p12
-          name: aaf-local-secret
-          subPath: org.osaaf.aaf.trust.p12
-        - mountPath: /data1/local/org.osaaf.aaf.p12
-          name: aaf-local-secret
-          subPath: org.osaaf.aaf.p12
-        - mountPath: /data1/local/org.osaaf.aaf.keyfile
-          name: aaf-local-secret
-          subPath: org.osaaf.aaf.keyfile
-        - mountPath: /data1/local/org.osaaf.aaf.cm.p12
-          name: aaf-local-secret
-          subPath: org.osaaf.aaf.cm.p12
-        - mountPath: /data1/backup
-          name: aaf-backup
-        - mountPath: /share
-          name: aaf-public
+        - mountPath: "/opt/app/osaaf"
+          name: {{ include "common.name" . }}-config-vol
+        env:
+          - name: HOSTNAME
+            value: "{{ .Values.global.cadi.hostname }}"
+          - name: AAF_ENV
+            value: "{{ .Values.global.cadi.aaf_env }}"
+          - name: AAF_REGISTER_AS
+            value: "{{ .Values.global.cadi.aaf_register_as }}"
+          - name: LATITUDE
+            value: "{{ .Values.global.cadi.cadi_latitude }}"
+          - name: LONGITUDE
+            value: "{{ .Values.global.cadi.cadi_longitude }}"
+          - name: CASS_HOST
+            value: "{{ .Values.global.cassandraServiceName }}"
+          - name: AAF_LOCATOR_AS
+            value: "{{ .Values.global.locateServiceName }}"
         resources:
 {{ include "common.resources" . | indent 12 }}
       {{- if .Values.nodeSelector }}
@@ -113,33 +62,13 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
       {{- end }}
       volumes:
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
-      - name: aaf-local-secret
-        secret:
-          secretName: {{ .Release.Name }}-aaf-local-secret
-      - name: aaf-etc
-        configMap:
-          name: {{ .Release.Name }}-aaf-etc
-      - name: aaf-local
-        configMap:
-          name: {{ .Release.Name }}-aaf-local
-      - name: aaf-backup
-        configMap:
-          name: {{ .Release.Name }}-aaf-backup
-      - name: aaf-data
-        configMap:
-          name: {{ .Release.Name }}-aaf-data
-      - name: aaf-persistent-data
+      - name: {{ include "common.name" . }}-config-vol
       {{- if .Values.global.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ .Release.Name }}-aaf-pvc
+          claimName: {{ .Release.Name }}-config
       {{- else }}
         emptyDir: {}
       {{- end }}
-      - name: aaf-public
-        emptyDir: {}
       restartPolicy: OnFailure
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
index d9b58f6..9d28184 100644 (file)
 # limitations under the License.
 */}}
 
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
 kind: PersistentVolume
 apiVersion: v1
 metadata:
-  name: {{ include "common.fullname" . }}
+  name: {{ .Release.Name }}-config
   namespace: {{ include "common.namespace" . }}
   labels:
-    app: {{ include "common.name" . }}
+    app: {{ include "common.name" . }}-config
     chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
     release: "{{ .Release.Name }}"
     heritage: "{{ .Release.Service }}"
     name: {{ include "common.fullname" . }}
 spec:
   capacity:
-    storage: {{ .Values.persistence.size}}
+    storage: {{ .Values.persistence.config.size}}
   accessModes:
-    - {{ .Values.persistence.accessMode }}
-  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+    - {{ .Values.persistence.config.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
   hostPath:
-    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: {{ .Release.Name }}-logs
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}-logs
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    name: {{ include "common.fullname" . }}
+spec:
+  capacity:
+    storage: {{ .Values.persistence.logs.size}}
+  accessModes:
+    - {{ .Values.persistence.logs.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }}
+  hostPath:
+    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
index 255c277..a9c8b90 100644 (file)
 # limitations under the License.
 */}}
 
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
-  name: {{ .Release.Name }}-aaf-pvc
+  name: {{ .Release.Name }}-config
   namespace: {{ include "common.namespace" . }}
   labels:
-    app: {{ include "common.name" . }}
+    app: {{ include "common.name" . }}-config
     chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
     release: "{{ .Release.Name }}"
     heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
+{{- if .Values.persistence.config.annotations }}
   annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{ toYaml .Values.persistence.config.annotations | indent 4 }}
 {{- end }}
 spec:
   selector:
     matchLabels:
-      name: {{ include "common.fullname" . }}
+      app: {{ include "common.name" . }}-config
   accessModes:
-    - {{ .Values.persistence.accessMode }}
+    - {{ .Values.persistence.config.accessMode }}
   resources:
     requests:
-      storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
+      storage: {{ .Values.persistence.config.size }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
   storageClassName: ""
 {{- else }}
-  storageClassName: "{{ .Values.persistence.storageClass }}"
+  storageClassName: "{{ .Values.persistence.config.storageClass }}"
 {{- end }}
 {{- end }}
-{{- end -}}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ .Release.Name }}-logs
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}-logs
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.logs.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.logs.annotations | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}-logs
+  accessModes:
+    - {{ .Values.persistence.logs.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.logs.size }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
index 931a31d..4cc69c2 100644 (file)
@@ -23,21 +23,22 @@ global:
   ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
   persistence:
     enabled: true
+
+  cadi:
+    hostname: "aaf.onap"
+    cadi_latitude: "38.0"
+    cadi_longitude: "-72.0"
+    aaf_env: "DEV"
+    aaf_register_as: "aaf.onap"
+  cassandraServiceName: aaf-cass
+  locateServiceName: aaf-locate
+
 #################################################################
 # Application configuration defaults.
 #################################################################
-config:
-  serviceServiceName: aaf-service
-  locateServiceName: aaf-locate
-  cmServiceName: aaf-cm
-  fsServiceName: aaf-fs
-  guiServiceName: aaf-gui
-  helloServiceName: aaf-hello
-  oauthServiceName: aaf-oauth
-  csServiceName: aaf-cass
-  # gerrit branch where the latest aaf/auth/sample/public code exists
-  gerritProject: http://gerrit.onap.org/r/aaf/authz.git
-  gerritBranch: 2.0.0-ONAP
+repository: nexus3.onap.org:10001
+aaf_config:
+  image: onap/aaf/aaf_config:2.1.2-SNAPSHOT
 
 flavor: small
 # default number of instances
@@ -64,39 +65,31 @@ ingress:
 
 ## Persist data to a persitent volume
 persistence:
-  ## A manually managed Persistent Volume and Claim
-  ## Requires persistence.enabled: true
-  ## If defined, PVC must be created manually before volume will be bound
-  # existingClaim:
-  volumeReclaimPolicy: Retain
+  mountPath: "/mnt/data/aaf"
+  enabled: true
+  config:
+    #existingClaim:
+    volumeReclaimPolicy: Retain
+    accessMode: ReadWriteMany
+    size: 2Gi
+    mountSubPath: "config"
+    storageClass: "manual"
+  logs:
+    #existingClaim:
+    volumeReclaimPolicy: Retain
+    accessMode: ReadWriteMany
+    size: 2Gi
+    mountSubPath: "logs"
+    storageClass: "manual"
 
-  ## database data Persistent Volume Storage Class
-  ## If defined, storageClassName: <storageClass>
-  ## If set to "-", storageClassName: "", which disables dynamic provisioning
-  ## If undefined (the default) or set to null, no storageClassName spec is
-  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-  ##   GKE, AWS & OpenStack)
-  ##
-  # storageClass: "-"
-  accessMode: ReadWriteMany
-  size: 2Gi
-  mountPath: /dockerdata-nfs
-  mountSubPath: aaf/data
+aaf-cs:
+  persistence:
+    #existingClaim:
+    mountPath: /dockerdata-nfs
+    mountSubPath: "cass"
+    volumeReclaimPolicy: Retain
+    accessMode: ReadWriteOnce
+    size: 10Gi
+    storageClass: "manual"
 
-# Configure resource requests and limits
-resources:
-  small:
-    limits:
-      cpu: 2
-      memory: 3Gi
-    requests:
-      cpu: 2
-      memory: 3Gi
-  large:
-    limits:
-      cpu: 4
-      memory: 6Gi
-    requests:
-      cpu: 4
-      memory: 6Gi
-  unlimited: {}
+resources: {}
\ No newline at end of file
index d091651..8c680b5 100644 (file)
 # ============LICENSE_END=========================================================\r
 #\r
 \r
-# Properties for the SchemaLocationsBean\r
 \r
-# The AAI Schema jar will be unpacked to bundleconfig/etc\r
-schemaConfig=NA\r
-# OXM files named aai_oxm_v*.xml are unpacked here:\r
-nodeDir=/opt/app/data-router/bundleconfig/etc/oxm\r
-# DB Edge Rules are unpacked here:\r
+# Properties for the SchemaLocationsBean\r
+# Files named aai_oxm_v*.xml are unpacked here:\r
+nodeDir=/opt/app/data-router/onap/oxm\r
+# Dummy folder/directory:\r
 edgeDir=\r
-# DB Edge Property files are copied here:\r
-edgePropsDir=\r
+\r
+# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0\r
+schema.configuration.location=N/A\r
+schema.nodes.location=/opt/app/data-router/onap/oxm/\r
+schema.edges.location=\r
+# These versions need to exist if they are included in the list\r
+schema.version.list=v9,v10,v11,v12,v13,v14\r
+# Decalares the oxm version to load\r
+schema.version.api.default=v14\r
+\r
+# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean)\r
+schema.version.depth.start=v14\r
+schema.version.related.link.start=v14\r
+schema.version.app.root.start=v14\r
+schema.version.namespace.change.start=v14\r
+schema.version.edge.label.start=v14\r
+~\r
+\r
diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml
new file mode 100644 (file)
index 0000000..c945c39
--- /dev/null
@@ -0,0 +1,22 @@
+<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context"
+        xmlns:task="http://www.springframework.org/schema/task"
+        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+                http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd
+                http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd">
+
+  <context:property-placeholder
+        location="file:${CONFIG_HOME}/schemaIngest.properties"
+        ignore-unresolvable="true" />
+
+  <bean id="schemaLocationsBean" class="org.onap.aai.setup.SchemaLocationsBean">
+                <!-- When running with AJSC these properties must be injected directly.
+                                             The reason for this is unknown. -->
+                <property name="nodeDirectory" value="${nodeDir}" />
+                <property name="edgeDirectory" value="${edgeDir}" />
+        </bean>
+
+  <bean id="schemaVersions" class="org.onap.aai.setup.SchemaVersions"/>
+
+</beans>
+
index 60e71ec..b5e4129 100644 (file)
@@ -32,6 +32,8 @@
     <property name="searchCertName" value="client-cert-onap.p12" />
     <property name="searchKeystorePwd" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
     <property name="searchKeystore" value="tomcat_keystore" />
+    <property name="schemaVersions" ref="schemaVersions" />
+    <property name="schemaLocationsBean" ref="schemaLocationsBean" />
   </bean>
   
   <bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer" >
@@ -45,7 +47,7 @@
     <constructor-arg name="messageLimit" value="100" />
     <constructor-arg name="transportType" value="HTTPAUTH" />
     <constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
-    <constructor-arg name="contentType" value="application/json" />
+    <constructor-arg name="filter"><null /></constructor-arg>
   </bean>
 
   <bean id="entityEventPolicy" class="org.onap.aai.datarouter.policy.EntityEventPolicy" init-method="startup" >
index 23d3dbb..c8532b2 100644 (file)
@@ -37,7 +37,9 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }}
+
 ---
 apiVersion: v1
 kind: ConfigMap
@@ -63,4 +65,4 @@ metadata:
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
 data:
-{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
\ No newline at end of file
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
index 83542da..a7ecbce 100644 (file)
@@ -94,11 +94,17 @@ spec:
         - mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml
           subPath: entity-event-policy.xml
           name: {{ include "common.fullname" . }}-dynamic-policy
+        - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml
+          subPath: data-router-oxm.xml
+          name: {{ include "common.fullname" . }}-dynamic-oxm
         - mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml
           name: {{ include "common.fullname" . }}-logback-config
           subPath: logback.xml
         - mountPath: /var/log/onap
           name: {{ include "common.fullname" . }}-logs
+        - mountPath: /logs
+          name: {{ include "common.fullname" . }}-logs
+
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         {{- if eq .Values.liveness.enabled true }}
@@ -126,6 +132,8 @@ spec:
           name: filebeat-conf
         - mountPath: /var/log/onap
           name: {{ include "common.fullname" . }}-logs
+        - mountPath: /logs
+          name: {{ include "common.fullname" . }}-logs
         - mountPath: /usr/share/filebeat/data
           name: aai-filebeat
       volumes:
@@ -154,6 +162,9 @@ spec:
       - name: {{ include "common.fullname" . }}-dynamic-policy
         configMap:
           name: {{ include "common.fullname" . }}-dynamic
+      - name: {{ include "common.fullname" . }}-dynamic-oxm
+        configMap:
+          name: {{ include "common.fullname" . }}-dynamic
       - name: {{ include "common.fullname" . }}-logs
         emptyDir: {}
       - name: {{ include "common.fullname" . }}-logback-config
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12
new file mode 100644 (file)
index 0000000..dbf4fca
Binary files /dev/null and b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore
new file mode 100644 (file)
index 0000000..9eec841
Binary files /dev/null and b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
new file mode 100644 (file)
index 0000000..f512fb7
--- /dev/null
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
new file mode 100644 (file)
index 0000000..3a35b76
--- /dev/null
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+    <property name="LOGS" value="./logs/AAF-FPS" />
+    <property name="FILEPREFIX" value="application" />
+
+    <appender name="Console"
+        class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+            <Pattern>
+                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+            </Pattern>
+        </layout>
+    </appender>
+
+    <appender name="RollingFile"
+        class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOGS}/${FILEPREFIX}.log</file>
+        <encoder
+            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+        </encoder>
+
+        <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <!-- rollover daily and when the file reaches 10 MegaBytes -->
+            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+            </fileNamePattern>
+            <timeBasedFileNamingAndTriggeringPolicy
+                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+                <maxFileSize>10MB</maxFileSize>
+            </timeBasedFileNamingAndTriggeringPolicy>
+        </rollingPolicy>
+    </appender>
+
+    <!-- LOG everything at INFO level -->
+    <root level="info">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </root>
+
+    <!-- LOG "com.baeldung*" at TRACE level -->
+    <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </logger>
+
+</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt
new file mode 100644 (file)
index 0000000..79cf29e
--- /dev/null
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
new file mode 100644 (file)
index 0000000..dbf4fca
Binary files /dev/null and b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
new file mode 100644 (file)
index 0000000..99129c1
Binary files /dev/null and b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644 (file)
index 0000000..e468b3d
--- /dev/null
@@ -0,0 +1,99 @@
+[
+  {
+    "uri": "\/not\/allowed\/at\/all$",
+    "permissions": [
+      "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+     ]
+  },
+  {
+    "uri": "\/one\/auth\/required$",
+    "permissions": [
+      "test.auth.access.aSimpleSingleAuth"
+     ]
+  },
+  {
+    "uri": "\/multi\/auth\/required$",
+    "permissions": [
+      "test.auth.access.aMultipleAuth1",
+      "test.auth.access.aMultipleAuth2",
+      "test.auth.access.aMultipleAuth3"
+     ]
+  },
+  {
+    "uri": "\/one\/[^\/]+\/required$",
+    "permissions": [
+      "test.auth.access.aSimpleSingleAuth"
+     ]
+  },
+  {
+    "uri": "\/services\/getAAFRequest$",
+    "permissions": [
+      "test.auth.access|services|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/admin\/getAAFRequest$",
+    "permissions": [
+      "test.auth.access|admin|GET,PUT,POST"
+     ]
+  },
+  {
+    "uri": "\/service\/aai\/webapp\/index.html$",
+    "permissions": [
+      "test.auth.access|services|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/services\/aai\/webapp\/index.html$",
+    "permissions": [
+      "test.auth.access|services|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/$",
+    "permissions": [
+       "\\|services\\|GET",
+      "test\\.auth\\.access\\|services\\|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+    "permissions": [
+      "test\\.auth\\.access\\|rest\\|read"
+     ]
+  },
+  {
+    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+    "permissions": [
+      "test.auth.access|clouds|read",
+      "test.auth.access|tenants|read"
+    ]
+  },
+  {
+    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+    "permissions": [
+      "test.auth.access|clouds|read",
+      "test.auth.access|tenants|read",
+      "test.auth.access|vservers|read"
+    ]
+  },
+  {
+    "uri": "\/backend$",
+    "permissions": [
+      "test\\.auth\\.access\\|services\\|GET,PUT",
+      "\\|services\\|GET"
+     ]
+  },
+  {
+    "uri": "\/services\/inventory\/.*",
+    "permissions": [
+      "org\\.access\\|\\*\\|\\*"
+     ]
+  },
+  {
+    "uri": "\/services\/gizmo\/.*",
+    "permissions": [
+      "org\\.access\\|\\*\\|\\*"
+     ]
+  }
+]
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
new file mode 100644 (file)
index 0000000..a82e38c
--- /dev/null
@@ -0,0 +1,25 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name 
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# Configure AAF
+aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
new file mode 100644 (file)
index 0000000..1b58d42
--- /dev/null
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
new file mode 100644 (file)
index 0000000..289fe75
--- /dev/null
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+    <property name="LOGS" value="./logs/reverse-proxy" />
+    <property name="FILEPREFIX" value="application" />
+
+    <appender name="Console"
+        class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+            <Pattern>
+                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+            </Pattern>
+        </layout>
+    </appender>
+
+    <appender name="RollingFile"
+        class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOGS}/${FILEPREFIX}.log</file>
+        <encoder
+            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+        </encoder>
+
+        <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <!-- rollover daily and when the file reaches 10 MegaBytes -->
+            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+            </fileNamePattern>
+            <timeBasedFileNamingAndTriggeringPolicy
+                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+                <maxFileSize>10MB</maxFileSize>
+            </timeBasedFileNamingAndTriggeringPolicy>
+        </rollingPolicy>
+    </appender>
+
+    <!-- LOG everything at INFO level -->
+    <root level="debug">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </root>
+
+    <!-- LOG "com.baeldung*" at TRACE level  -->
+    <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </logger>
+
+</configuration>
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
new file mode 100644 (file)
index 0000000..8ab780e
--- /dev/null
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9520
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt
new file mode 100644 (file)
index 0000000..79cf29e
--- /dev/null
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
new file mode 100644 (file)
index 0000000..8d46e1f
--- /dev/null
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
new file mode 100644 (file)
index 0000000..6cd12fc
--- /dev/null
@@ -0,0 +1,27 @@
+bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
+1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
+xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
+BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
+6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
+QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
+zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
+x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
+8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
+FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
+UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
+banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
+6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
+yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
+xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
+lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
+ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
+fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
+1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
+liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
+0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
+PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
+8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
+dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
+-85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
+c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
+uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
index 8d8a8fa..a25dcbc 100644 (file)
@@ -64,3 +64,39 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-fproxy-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-fproxy-log-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-log-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+{{ end }}
+
index 278a8f5..1e68712 100644 (file)
@@ -31,6 +31,19 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ .Release.Name }}
     spec:
+    {{ if .Values.global.installSidecarSecurity }}
+      hostAliases:
+      - ip: {{ .Values.global.aaf.serverIp }}
+        hostnames:
+        - {{ .Values.global.aaf.serverHostname }}
+
+      initContainers:
+        - name: {{ .Values.global.tproxyConfig.name }}
+          image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          securityContext:
+            privileged: true
+    {{ end }}
       containers:
         - name: {{ .Chart.Name }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -111,6 +124,79 @@ spec:
           - mountPath: /usr/share/filebeat/data
             name: {{ include "common.fullname" . }}-data-filebeat
 
+    {{ if .Values.global.installSidecarSecurity }}
+        - name: {{ .Values.global.rproxy.name }}
+          image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          env:
+          - name: CONFIG_HOME
+            value: "/opt/app/rproxy/config"
+          - name: KEY_STORE_PASSWORD
+            value: {{ .Values.config.keyStorePassword }}
+          - name: spring_profiles_active
+            value: {{ .Values.global.rproxy.activeSpringProfiles }}
+          volumeMounts:
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/forward-proxy.properties
+            subPath: forward-proxy.properties
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/primary-service.properties
+            subPath: primary-service.properties
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+            subPath: reverse-proxy.properties
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/cadi.properties
+            subPath: cadi.properties
+          - name: {{ include "common.fullname" . }}-rproxy-log-config
+            mountPath: /opt/app/rproxy/config/logback-spring.xml
+            subPath: logback-spring.xml
+          - name: {{ include "common.fullname" . }}-rproxy-auth-config
+            mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+            subPath: tomcat_keystore
+          - name: {{ include "common.fullname" . }}-rproxy-auth-config
+            mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+            subPath: client-cert.p12
+          - name: {{ include "common.fullname" . }}-rproxy-auth-config
+            mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+            subPath: uri-authorization.json
+          - name: {{ include "common.fullname" . }}-rproxy-auth-config
+            mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
+            subPath: aaf_truststore.jks
+          - name: {{ include "common.fullname" . }}-rproxy-security-config
+            mountPath: /opt/app/rproxy/config/security/keyfile
+            subPath: keyfile
+
+          ports:
+          - containerPort: {{ .Values.global.rproxy.port }}
+
+        - name: {{ .Values.global.fproxy.name }}
+          image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          env:
+          - name: CONFIG_HOME
+            value: "/opt/app/fproxy/config"
+          - name: KEY_STORE_PASSWORD
+            value: {{ .Values.config.keyStorePassword }}
+          - name: spring_profiles_active
+            value: {{ .Values.global.fproxy.activeSpringProfiles }}
+          volumeMounts:
+          - name: {{ include "common.fullname" . }}-fproxy-config
+            mountPath: /opt/app/fproxy/config/fproxy.properties
+            subPath: fproxy.properties
+          - name: {{ include "common.fullname" . }}-fproxy-log-config
+            mountPath: /opt/app/fproxy/config/logback-spring.xml
+            subPath: logback-spring.xml
+          - name: {{ include "common.fullname" . }}-fproxy-auth-config
+            mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+            subPath: tomcat_keystore
+          - name: {{ include "common.fullname" . }}-fproxy-auth-config
+            mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+            subPath: client-cert.p12
+          ports:
+          - containerPort: {{ .Values.global.fproxy.port }}
+    {{ end }}
+
       volumes:
         - name: localtime
           hostPath:
@@ -144,5 +230,29 @@ spec:
         - name: {{ include "common.fullname" . }}-model-config
           configMap:
             name: {{ include "common.fullname" . }}-model-configmap
+    {{ if .Values.global.installSidecarSecurity }}
+        - name: {{ include "common.fullname" . }}-rproxy-config
+          configMap:
+            name: {{ include "common.fullname" . }}-rproxy-config
+        - name: {{ include "common.fullname" . }}-rproxy-log-config
+          configMap:
+            name: {{ include "common.fullname" . }}-rproxy-log-config
+        - name: {{ include "common.fullname" . }}-rproxy-auth-config
+          secret:
+            secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+        - name: {{ include "common.fullname" . }}-rproxy-security-config
+          secret:
+            secretName: {{ include "common.fullname" . }}-rproxy-security-config
+        - name: {{ include "common.fullname" . }}-fproxy-config
+          configMap:
+            name: {{ include "common.fullname" . }}-fproxy-config
+        - name: {{ include "common.fullname" . }}-fproxy-log-config
+          configMap:
+            name: {{ include "common.fullname" . }}-fproxy-log-config
+        - name: {{ include "common.fullname" . }}-fproxy-auth-config
+          secret:
+            secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+    {{ end }}
+
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
index 58d5769..7db7605 100644 (file)
@@ -40,3 +40,33 @@ type: Opaque
 data:
   KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
   KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-fproxy-auth-config
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-auth-config
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-security-config
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
+{{ end }}
index 88948cf..ac34ed9 100644 (file)
@@ -27,15 +27,27 @@ metadata:
 spec:
   type: {{ .Values.service.type }}
   ports:
-    {{if eq .Values.service.type "NodePort" -}}
-    - port: {{ .Values.service.internalPort }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort }}
-      targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
-    {{- end}}
+  {{ if .Values.global.installSidecarSecurity }}
+      {{if eq .Values.service.type "NodePort" -}}
+      - port: {{ .Values.global.rproxy.port }}
+        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+        name: {{ .Values.service.portName }}
+      {{- else -}}
+      - port: {{ .Values.service.externalPort }}
+        targetPort: {{ .Values.global.rproxy.port }}
+        name: {{ .Values.service.portName }}
+      {{- end}}
+  {{ else }}
+      {{if eq .Values.service.type "NodePort" -}}
+      - port: {{ .Values.service.internalPort }}
+        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+        name: {{ .Values.service.portName }}
+      {{- else -}}
+      - port: {{ .Values.service.externalPort }}
+        targetPort: {{ .Values.service.internalPort }}
+        name: {{ .Values.service.portName }}
+      {{- end}}
+  {{ end }}
   selector:
     app: {{ include "common.name" . }}
     release: {{ .Release.Name }}
index 573cd2a..97627ea 100644 (file)
@@ -16,7 +16,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # ============LICENSE_END=========================================================
-
 # format : username: password[,rolename ...]
 # default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
 AAI:OBF:1gfr1ev31gg7,admin
@@ -39,3 +38,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
index 5b23fa6..869eac0 100644 (file)
@@ -96,6 +96,9 @@ spec:
         - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
           name: {{ include "common.fullname" . }}-localhost-access-log-conf
           subPath: localhost-access-logback.xml
+        - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties
+          name: {{ include "common.fullname" . }}-realm-conf
+          subPath: realm.properties
         - mountPath: /opt/app/aai-graphadmin/resources/application.properties
           name: {{ include "common.fullname" . }}-springapp-conf
           subPath: application.properties
index 2aa3e01..0499b34 100644 (file)
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 # format : username: password[,rolename ...]
 # default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
 AAI:OBF:1gfr1ev31gg7,admin
@@ -34,3 +33,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
index 04549df..2b124f0 100644 (file)
@@ -472,6 +472,9 @@ spec:
         - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
           name: {{ include "common.fullname" . }}-localhost-access-log-conf
           subPath: localhost-access-logback.xml
+        - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
+          name: {{ include "common.fullname" . }}-realm-conf
+          subPath: realm.properties
         - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
           name: {{ include "common.fullname" . }}-aaf-certs
           subPath: org.onap.aai.keyfile
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config b/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config
new file mode 100644 (file)
index 0000000..ce69e88
--- /dev/null
@@ -0,0 +1,20 @@
+[{\r
+    "orgId": null,\r
+    "managerId": null,\r
+    "firstName": "Demo",\r
+    "middleInitial": null,\r
+    "lastName": "User",\r
+    "phone": null,\r
+    "email": "demo@email.com",\r
+    "hrid": null,\r
+    "orgUserId": "demo",\r
+    "orgCode": null,\r
+    "orgManagerUserId": null,\r
+    "jobTitle": null,\r
+    "loginId": "demo",\r
+    "active": false,\r
+    "roles": [{\r
+        "id": 1,\r
+        "name": "View"\r
+    }]\r
+}]
\ No newline at end of file
index 055c5ba..50238aa 100644 (file)
@@ -29,6 +29,8 @@ data:
 {{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }}
 ---
 apiVersion: v1
 kind: ConfigMap
index 3ecbd80..d622be6 100644 (file)
@@ -90,7 +90,7 @@ spec:
         - mountPath:  /opt/app/sparky/config/application-oxm-default.properties
           name: {{ include "common.fullname" . }}-properties
           subPath: application-oxm-default.properties
-          
+
         - mountPath:  /opt/app/sparky/config/application-oxm-override.properties
           name: {{ include "common.fullname" . }}-properties
           subPath: application-oxm-override.properties
@@ -98,7 +98,15 @@ spec:
         - mountPath:  /opt/app/sparky/config/application-oxm-schema-prod.properties
           name: {{ include "common.fullname" . }}-properties
           subPath: application-oxm-schema-prod.properties
-        
+
+        - mountPath:  /opt/app/sparky/config/roles.config
+          name: {{ include "common.fullname" . }}-properties
+          subPath: roles.config
+
+        - mountPath:  /opt/app/sparky/config/users.config
+          name: {{ include "common.fullname" . }}-properties
+          subPath: users.config
+
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         - containerPort: {{ .Values.service.internalPort2 }}
index 2aa3e01..0499b34 100644 (file)
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 # format : username: password[,rolename ...]
 # default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
 AAI:OBF:1gfr1ev31gg7,admin
@@ -34,3 +33,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
 oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
index 68bd018..6a5a7db 100644 (file)
@@ -304,6 +304,9 @@ spec:
         - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
           name: {{ include "common.fullname" . }}-localhost-access-log-conf
           subPath: localhost-access-logback.xml
+        - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
+          name: {{ include "common.fullname" . }}-realm-conf
+          subPath: realm.properties
         - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
           name: {{ include "common.fullname" . }}-aaf-certs
           subPath: org.onap.aai.keyfile
index bf1602e..0bc707e 100644 (file)
@@ -30,6 +30,30 @@ global: # global defaults
 
   restartPolicy: Always
 
+  installSidecarSecurity: false
+
+  fproxy:
+    name: forward-proxy
+    activeSpringProfiles: noHostVerification,cadi
+    image: onap/fproxy:2.1-STAGING-latest
+    port: 10680
+
+  rproxy:
+    name: reverse-proxy
+    activeSpringProfiles: noHostVerification,cadi
+    image: onap/rproxy:2.1-STAGING-latest
+    port: 10692
+
+  tproxyConfig:
+    name: init-tproxy-config
+    image: onap/tproxy-config:2.1-STAGING-latest
+
+  # AAF server details. Only needed if the AAF DNS does not resolve from the pod
+  aaf:
+    serverIp: 10.12.6.214
+    serverHostname: aaf.osaaf.org
+    serverPort: 30247
+
   cassandra:
     serviceName: aai-cassandra
     replicas: 3
@@ -257,4 +281,4 @@ resources:
     requests:
       cpu: 2
       memory: 2Gi
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
index 8e1160e..0bbdbb7 100644 (file)
@@ -1,4 +1,3 @@
-# Modifications Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
 ################################################################################
 #
 #    Licensed to the Apache Software Foundation (ASF) under one or more
 #
 ################################################################################
 
-# Root logger
-log4j.rootLogger=INFO, async, osgi:*
-log4j.throwableRenderer=org.apache.log4j.OsgiThrowableRenderer
-
-maxFileSize=100MB
-maxBackupIndex=20
-logDir=/var/log/onap
-componentName=appc
-logDirectory=${logDir}/${componentName}
-karafLogName=karaf
-errorLogName=error
-metricsLogName=metrics
-auditLogName=audit
-debugLogName=debug
-
-
-# CONSOLE appender not used by default
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd'T'HH:mm:ss.SSS}\t%-16.16t\t%-5.5p\t%c{36}\t%X{bundle.id} - %X{bundle.name} - %X{bundle.version}\t%m%n
-
-# Async appender forwarding to file appender
-log4j.appender.async=org.apache.log4j.AsyncAppender
-log4j.appender.async.appenders=out
-
-# File appender
-log4j.appender.out=org.apache.log4j.RollingFileAppender
-log4j.appender.out.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.out.layout.Properties=true
-log4j.appender.out.file=${logDirectory}/${karafLogName}.log
-log4j.appender.out.append=true
-log4j.appender.out.maxFileSize=${maxFileSize}
-log4j.appender.out.maxBackupIndex=${maxBackupIndex}
-
-# Sift appender
-log4j.appender.sift=org.apache.log4j.sift.MDCSiftingAppender
-log4j.appender.sift.key=bundle.name
-log4j.appender.sift.default=karaf
-log4j.appender.sift.appender=org.apache.log4j.RollingFileAppender
-log4j.appender.sift.appender.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.sift.appender.layout.Properties=true
-log4j.appender.sift.appender.file=${logDirectory}/$\\{bundle.name\\}.log
-log4j.appender.sift.appender.append=true
-
-
-
-log4j.category.org.opendaylight.controller.netconf.persist.impl.osgi.ConfigPusherImpl=DEBUG
-log4j.category.org.opendaylight.controller.netconf.persist.impl.osgi.ConfigPersisterActivator=DEBUG
-
-
-#ECOMP Debug appender
-log4j.appender.debug=org.apache.log4j.RollingFileAppender
-log4j.appender.debug.key=bundle.name
-log4j.appender.debug.default=karaf
-log4j.appender.debug.appName=EELFDebug
-log4j.appender.debug.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.debug.layout.Properties=true
-log4j.appender.debug.file=${logDirectory}/${debugLogName}.log
-log4j.appender.debug.append=true
-log4j.appender.debug.maxFileSize=${maxFileSize}
-log4j.appender.debug.maxBackupIndex=${maxBackupIndex}
-#log4j.appender.debug.filter.f1=org.apache.log4j.varia.LevelRangeFilter
-#log4j.appender.debug.filter.f1.LevelMax=WARN
-#log4j.appender.debug.filter.f1.LevelMin=TRACE
+# Common pattern layout for appenders
+log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %m%n
 
+# Root logger
+log4j2.rootLogger.level = INFO
+# uncomment to use asynchronous loggers, which require mvn:com.lmax/disruptor/3.3.2 library
+#log4j2.rootLogger.type = asyncRoot
+#log4j2.rootLogger.includeLocation = false
+log4j2.rootLogger.appenderRef.RollingFile.ref = RollingFile
+log4j2.rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi
+log4j2.rootLogger.appenderRef.Console.ref = Console
+log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter
+log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF}
+
+# Loggers configuration
+
+# Spifly logger
+log4j2.logger.spifly.name = org.apache.aries.spifly
+log4j2.logger.spifly.level = WARN
+
+# Security audit logger
+log4j2.logger.audit.name = org.apache.karaf.jaas.modules.audit
+log4j2.logger.audit.level = INFO
+log4j2.logger.audit.additivity = false
+log4j2.logger.audit.appenderRef.AuditRollingFile.ref = AuditRollingFile
+
+# Appenders configuration
+
+# Console appender not used by default (see log4j2.rootLogger.appenderRefs)
+log4j2.appender.console.type = Console
+log4j2.appender.console.name = Console
+log4j2.appender.console.layout.type = PatternLayout
+log4j2.appender.console.layout.pattern = ${log4j2.pattern}
+
+# Rolling file appender
+log4j2.appender.rolling.type = RollingRandomAccessFile
+log4j2.appender.rolling.name = RollingFile
+log4j2.appender.rolling.fileName = ${karaf.data}/log/karaf.log
+log4j2.appender.rolling.filePattern = ${karaf.data}/log/karaf.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.rolling.immediateFlush = false
+log4j2.appender.rolling.append = true
+log4j2.appender.rolling.layout.type = PatternLayout
+log4j2.appender.rolling.layout.pattern = ${log4j2.pattern}
+log4j2.appender.rolling.policies.type = Policies
+log4j2.appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.rolling.policies.size.size = 16MB
+
+# Audit file appender
+log4j2.appender.audit.type = RollingRandomAccessFile
+log4j2.appender.audit.name = AuditRollingFile
+log4j2.appender.audit.fileName = ${karaf.data}/security/audit.log
+log4j2.appender.audit.filePattern = ${karaf.data}/security/audit.log.%i
+log4j2.appender.audit.append = true
+log4j2.appender.audit.layout.type = PatternLayout
+log4j2.appender.audit.layout.pattern = ${log4j2.pattern}
+log4j2.appender.audit.policies.type = Policies
+log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.audit.policies.size.size = 8MB
+
+# OSGi appender
+log4j2.appender.osgi.type = PaxOsgi
+log4j2.appender.osgi.name = PaxOsgi
+log4j2.appender.osgi.filter = *
+
+# help with identification of maven-related problems with pax-url-aether
+#log4j2.logger.aether.name = shaded.org.eclipse.aether
+#log4j2.logger.aether.level = TRACE
+#log4j2.logger.http-headers.name = shaded.org.apache.http.headers
+#log4j2.logger.http-headers.level = DEBUG
+#log4j2.logger.maven.name = org.ops4j.pax.url.mvn
+#log4j2.logger.maven.level = TRACE
 
-#Error appender
-log4j.appender.error=org.apache.log4j.RollingFileAppender
-log4j.appender.error.appName=EELFError
-log4j.appender.error.File=${logDirectory}/${errorLogName}.log
-log4j.appender.error.Threshold=ERROR
-log4j.appender.error.maxFileSize=${maxFileSize}
-log4j.appender.error.maxBackupIndex=${maxBackupIndex}
-log4j.appender.error.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.error.layout.Properties=true
-
-#Metrics appender
-log4j.appender.metric=org.apache.log4j.RollingFileAppender
-log4j.appender.metric.appName=EELFMetrics
-log4j.appender.metric.File=${logDirectory}/${metricsLogName}.log
-log4j.appender.metric.maxFileSize=${maxFileSize}
-log4j.appender.metric.maxBackupIndex=${maxBackupIndex}
-log4j.appender.metric.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.metric.layout.Properties=true
-
-#Audit appender
-log4j.appender.audit=org.apache.log4j.RollingFileAppender
-log4j.appender.audit.appName=EELFAudit
-log4j.appender.audit.File=${logDirectory}/${auditLogName}.log
-log4j.appender.audit.maxFileSize=${maxFileSize}
-log4j.appender.audit.maxBackupIndex=${maxBackupIndex}
-log4j.appender.audit.layout=org.apache.log4j.xml.XMLLayout
-log4j.appender.audit.layout.Properties=true
-
-#Loggers
-#Routing of all messages from root logger
-log4j.logger.com.att=TRACE, debug, error
-#Store to the same log file messages from upper level appender or not
-log4j.additivity.com.att=false
-
-#EELFManager loggers
-#EELF parent logger
-log4j.logger.com.att.eelf=TRACE, debug
-log4j.additivity.com.att.eelf=false
-
-#Audit logger routing
-log4j.logger.com.att.eelf.audit=DEBUG, audit
-log4j.additivity.com.att.eelf.audit=false
-
-#Metric logger routing
-log4j.logger.com.att.eelf.metrics=DEBUG, metric
-log4j.additivity.com.att.eelf.metrics=false
-
-#Performance logger routing
-log4j.logger.com.att.eelf.perf=DEBUG, metric
-log4j.additivity.com.att.eelf.perf=false
-
-#Server logger routing
-log4j.logger.com.att.eelf.server=DEBUG, debug
-log4j.additivity.com.att.eelf.server=false
-
-#Policy logger routing
-log4j.logger.com.att.eelf.policy=DEBUG, debug
-log4j.additivity.com.att.eelf.policy=false
-
-#Error logger routing
-log4j.logger.com.att.eelf.error=DEBUG, error
-log4j.additivity.com.att.eelf.error=false
-
-#Debug logger routing
-log4j.logger.com.att.eelf.debug=DEBUG, debug
-log4j.additivity.com.att.eelf.debug=false
index 15edc45..996d218 100644 (file)
@@ -130,17 +130,17 @@ http.port: {{.Values.service.externalPort}}
 # More info:
 transport.tcp.port: {{.Values.service.externalPort2}}
 
-xpack.graph.enabled: false
+#xpack.graph.enabled: false
 #Set to false to disable X-Pack graph features.
 
-xpack.ml.enabled: false
+#xpack.ml.enabled: false
 #Set to false to disable X-Pack machine learning features.
 
-xpack.monitoring.enabled: false
+#xpack.monitoring.enabled: false
 #Set to false to disable X-Pack monitoring features.
 
-xpack.security.enabled: false
+#xpack.security.enabled: false
 #Set to false to disable X-Pack security features.
 
-xpack.watcher.enabled: false
+#xpack.watcher.enabled: false
 #Set to false to disable Watcher.
index eb0588f..98ce044 100644 (file)
@@ -31,7 +31,7 @@ busyboxImage: library/busybox:latest
 
 # application image
 loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch:5.6.9
+image: elasticsearch/elasticsearch-oss:6.1.3
 pullPolicy: Always
 
 # flag to enable debugging - application support required
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/default.json b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/default.json
deleted file mode 100644 (file)
index 6e8fa5f..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-{"_index":".kibana","_type":"visualization","_id":"AWI967sW8kHy-lwNJZrR","_score":1,"_source":{"title":"CL Total Activity","visState":"{\"title\":\"CL Total Activity\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"index-pattern","_id":"AWIk7j2UDjJ4k3sPXRaY","_score":1,"_source":{"title":"logstash-*","timeFieldName":"closedLoopAlarmStart","notExpandable":true,"fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.cloud-region.identity-url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.cloud-region.identity-url.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.complex.physical-location-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.complex.physical-location-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.generic-vnf.service-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.generic-vnf.service-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.generic-vnf.vnf-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.generic-vnf.vnf-name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.tenant.tenant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.tenant.tenant-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.is-closed-loop-disabled\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.is-closed-loop-disabled.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.prov-status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.prov-status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-selflink\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-selflink.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"OPS_CL_timer\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"closedLoopAlarmEnd\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopAlarmStart\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopControlName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopControlName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopEventClient\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopEventClient.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopEventStatus\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopEventStatus.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"from\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"from.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.actor\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.actor.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.end\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.message.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.operation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.operation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.outcome\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.outcome.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.start\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.subRequestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.subRequestId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.target\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.target.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"notification\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"notification.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"notificationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyScope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyScope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyVersion\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyVersion.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"requestID\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"requestID.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"target\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"target.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"target_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"target_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"eventDuration\",\"type\":\"number\",\"count\":0,\"scripted\":true,\"script\":\"if (doc.containsKey('closedLoopEventStatus') && doc.get('closedLoopEventStatus.keyword').value == 'ABATED') {                                                                                            \\n   return doc.get('closedLoopAlarmEnd').value- doc.get('closedLoopAlarmStart').value;                                                                        \\n}                                                                                                                                                            \\nreturn null\",\"lang\":\"painless\",\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false}]","fieldFormatMap":"{\"eventDuration\":{\"id\":\"duration\",\"params\":{\"inputFormat\":\"milliseconds\"}}}"}}
-{"_index":".kibana","_type":"visualization","_id":"AWIk-5O-DjJ4k3sPXRd1","_score":1,"_source":{"title":"ClosedLoopActivationsTable","visState":"{\"title\":\"ClosedLoopActivationsTable\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk8yDIDjJ4k3sPXRbu","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWIk9P-qDjJ4k3sPXRcQ","_score":1,"_source":{"title":"ABATED","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"query_string\":{\"query\":\"closedLoopEventStatus: \\\"ABATED\\\"\",\"analyze_wildcard\":true}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":\"ABATED\",\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ABATED\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ABATED\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":true,\"alias\":\"ONSET\",\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}}
-{"_index":".kibana","_type":"config","_id":"5.6.7","_score":1,"_source":{"buildNum":15610,"defaultIndex":"AWIk7j2UDjJ4k3sPXRaY"}}
-{"_index":".kibana","_type":"visualization","_id":"AWIlBLT7DjJ4k3sPXRe7","_score":1,"_source":{"title":"Closed loop failed action : needs attention","visState":"{\"title\":\"Closed loop failed action : needs attention\",\"type\":\"table\",\"params\":{\"perPage\":5,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIlAjTaDjJ4k3sPXRe1","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWI91Rvl8kHy-lwNJZrN","_score":1,"_source":{"title":"CL efficiency - CL reponse time","visState":"{\"title\":\"CL efficiency - CL reponse time\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJxqD67B2zw2CQxMIeq","_score":1,"_source":{"title":"Top Error Messages","visState":"{\"title\":\"Top Error Messages\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.actor.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Actor\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.message.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Message\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.operation.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Operation\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWI922pp8kHy-lwNJZrP","_score":1,"_source":{"title":"CLEventDurationTables","visState":"{\"title\":\"CLEventDurationTables\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\",\"customLabel\":\"Event Duration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\",\"row\":true}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"requestID.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWIk_VLEDjJ4k3sPXReS","_score":1,"_source":{"title":"Top 5 closed loop success action","visState":"{\"title\":\"Top 5 closed loop success action\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJoFDTyr1AwiIiFoV5R","_score":1,"_source":{"title":"Hottest closed loops","visState":"{\"title\":\"Hottest closed loops\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"legendOpen\":true}}","description":"","savedSearchId":"AWIk8yDIDjJ4k3sPXRbu","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWJsTEvYr1AwiIiFoV6S","_score":1,"_source":{"title":"FINAL: FAILURE","description":"","columns":["notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"negate\":false,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"type\":\"phrase\",\"key\":\"notification\",\"value\":\"FINAL: FAILURE\",\"disabled\":false,\"alias\":null},\"query\":{\"match\":{\"notification\":{\"query\":\"FINAL: FAILURE\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJsT-HUr1AwiIiFoV6T","_score":1,"_source":{"title":"CL Efficiency - Failed actions","visState":"{\"title\":\"CL Efficiency - Failed actions\",\"type\":\"gauge\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"gauge\":{\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":4},{\"from\":4,\"to\":6},{\"from\":7,\"to\":10}],\"extendRange\":false,\"gaugeColorMode\":\"Labels\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Arc\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":true},\"style\":{\"bgColor\":false,\"bgFill\":\"#eee\",\"bgMask\":false,\"bgWidth\":0.9,\"fontSize\":60,\"labelColor\":true,\"mask\":false,\"maskBars\":50,\"subText\":\"\",\"width\":0.9},\"type\":\"meter\",\"verticalSplit\":true},\"isDisplayWarning\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"defaultColors\":{\"0 - 4\":\"rgb(0,104,55)\",\"4 - 6\":\"rgb(255,255,190)\",\"7 - 10\":\"rgb(165,0,38)\"}}}","description":"","savedSearchId":"AWJsTEvYr1AwiIiFoV6S","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJoJdIjr1AwiIiFoV5T","_score":1,"_source":{"title":"CL Onset/Abated Variance","visState":"{\"title\":\"CL Onset/Abated Variance\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Closed Loop\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-3\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-3\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"horizontal_bar\",\"radiusRatio\":\"13\",\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Closed Loop\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopEventStatus.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}}],\"listeners\":{}}","uiStateJSON":"{}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWIlAjTaDjJ4k3sPXRe1","_score":1,"_source":{"title":"FAILURE NOTIFICATION","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"ABATED\",\"disabled\":true,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"closedLoopEventStatus.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"ABATED\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ABATED\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"ONSET\",\"disabled\":true,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"closedLoopEventStatus.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"FAILURE NOTIFICATION\",\"disabled\":false,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"notification.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"FINAL: FAILURE\"},\"query\":{\"match\":{\"notification.keyword\":{\"query\":\"FINAL: FAILURE\",\"type\":\"phrase\"}}}}]}"}}}
-{"_index":".kibana","_type":"search","_id":"AWIk8yDIDjJ4k3sPXRbu","_score":1,"_source":{"title":"ONSET","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}}
-{"_index":".kibana","_type":"dashboard","_id":"AWI-9KyytmDBG_mksMZL","_score":1,"_source":{"title":"CLAMP Dashboard","description":"","panelsJSON":"[{\"col\":5,\"id\":\"AWIk_VLEDjJ4k3sPXReS\",\"panelIndex\":1,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWIlBLT7DjJ4k3sPXRe7\",\"panelIndex\":2,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWI967sW8kHy-lwNJZrR\",\"panelIndex\":3,\"row\":7,\"size_x\":5,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWI91Rvl8kHy-lwNJZrN\",\"panelIndex\":4,\"row\":4,\"size_x\":5,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWJoFDTyr1AwiIiFoV5R\",\"panelIndex\":5,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWJoJdIjr1AwiIiFoV5T\",\"panelIndex\":6,\"row\":7,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWJoMx0_r1AwiIiFoV5V\",\"panelIndex\":7,\"row\":4,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":6,\"id\":\"AWJsT-HUr1AwiIiFoV6T\",\"panelIndex\":8,\"row\":4,\"size_x\":3,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"AWJxqD67B2zw2CQxMIeq\",\"col\":1,\"row\":10}]","optionsJSON":"{\"darkTheme\":false}","uiStateJSON":"{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"legendOpen\":true}},\"P-8\":{\"vis\":{\"defaultColors\":{\"0 - 4\":\"rgb(0,104,55)\",\"4 - 6\":\"rgb(255,255,190)\",\"7 - 10\":\"rgb(165,0,38)\"},\"legendOpen\":false}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}","timeRestore":false,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[{\"query\":{\"match_all\":{}}}],\"highlightAll\":true,\"version\":true}"}}}
-{"_index":".kibana","_type":"visualization","_id":"AWJoMx0_r1AwiIiFoV5V","_score":1,"_source":{"title":"CL Efficiency - Total Activity","visState":"{\"title\":\"CL Efficiency - Total Activity\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"closedLoopAlarmStart per 10 seconds\"},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Sum of eventDuration\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"defaultYExtents\":true,\"mode\":\"normal\",\"setYExtents\":false,\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Sum of eventDuration\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopAlarmStart\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":0,\"extended_bounds\":{}}}],\"listeners\":{}}","uiStateJSON":"{}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"exists\",\"key\":\"closedLoopAlarmEnd\",\"value\":\"exists\"},\"exists\":{\"field\":\"closedLoopAlarmEnd\"},\"$state\":{\"store\":\"appState\"}}]}"}}}
index f529785..1747c75 100644 (file)
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-xpack.graph.enabled: false
+#xpack.graph.enabled: false
 #Set to false to disable X-Pack graph features.
-xpack.ml.enabled: false
+#xpack.ml.enabled: false
 #Set to false to disable X-Pack machine learning features.
-xpack.monitoring.enabled: false
+#xpack.monitoring.enabled: false
 #Set to false to disable X-Pack monitoring features.
-xpack.reporting.enabled: false
+#xpack.reporting.enabled: false
 #Set to false to disable X-Pack reporting features.
-xpack.security.enabled: false
+#xpack.security.enabled: false
 #Set to false to disable X-Pack security features.
-xpack.watcher.enabled: false
+#xpack.watcher.enabled: false
 #Set to false to disable Watcher.
 # Kibana is served by a back end server. This setting specifies the port to use.
 server.port: {{.Values.service.externalPort}}
index cd8e102..0f5a933 100644 (file)
@@ -46,26 +46,9 @@ spec:
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
-      - args:
-        - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana
-        - --input=/config/default.json
-        - --type=data
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.configRepository }}/{{ .Values.configImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-config
-        volumeMounts:
-          - mountPath: /config/default.json
-            name: {{ include "common.fullname" . }}
-            subPath: default.json
       containers:
         - name: {{ include "common.name" . }}
-          image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}"
+          image: "{{ .Values.global.imageRepository | default .Values.imageRepository }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
@@ -112,8 +95,5 @@ spec:
             items:
             - key: kibana.yml
               path: kibana.yml
-            - key: default.json
-              path: default.json
-
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
index 1c32d39..88c541a 100644 (file)
@@ -27,18 +27,13 @@ global:
 # Application configuration defaults.
 #################################################################
 
-# Configuration image
-configRepository: docker.io
-configImage: taskrabbit/elasticsearch-dump
-
-
 # BusyBox image
 busyboxRepository: registry.hub.docker.com
 busyboxImage: library/busybox:latest
 
 # application image
-loggingRepository: docker.elastic.co
-image: kibana/kibana:5.6.9
+loggingRepository: nexus3.onap.org:10001
+image: onap/clamp-dashboard-kibana:3.0-STAGING-latest
 pullPolicy: Always
 
 # flag to enable debugging - application support required
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/certs/aafca.pem b/kubernetes/clamp/charts/clamp-dash-logstash/resources/certs/aafca.pem
new file mode 100644 (file)
index 0000000..cf12ec4
--- /dev/null
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwNjA1MDg1MTQxWhcN
+MjMwNjA1MDg1MTQxWjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXCdZIoWM0EnEEw3qPiVMhAgNolWCTaLt
+eI2TjlTQdGDIcXdBZukHdNeOKYzOXRsLt6bLRtd5yARpn53EbzS/dgAyHuaz1HjE
+5IPWSFRg9SulfHUmcS+GBt1+KiMJTlOsw6wSA73H/PjjXBbWs/uRJTnaNmV3so7W
+DhNW6fHOrbom4p+3FucbB/QAM9b/3l/1LKnRgdXx9tekDnaKN5u3HVBmyOlRhaRp
+tscLUCT3jijoGAPRcYZybgrpa0z3iCWquibTO/eLwuO/Dn7yHWau9ZZAHGPBSn9f
+TiLKRYV55mNjr3zvs8diTPECFPW8w8sRIH3za1aKHgUC1gd87Yr3AgMBAAGjZjBk
+MB0GA1UdDgQWBBQa1FdycErTZ6nr4dxiMbKH0P7vqjAfBgNVHSMEGDAWgBRTVTPy
+S+vQUbHBeJrBKDF77+rtSTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
+AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAlA/RTPy5i09fJ4ytSAmAdytMwEwRaU9F
+dshG7LU9q95ODsuM79yJvV9+ISIJZRsBqf5PDv93bUCKKHIYGvR6kNd+n3yx/fce
+txDkC/tMj1T9D8TuDKAclGEO9K5+1roOQQFxr4SE6XKb/wjn8OMrCoJ75S0F3htF
+LKL85T77JeGeNgSk8JEsZvQvj32m0gv9rxi5jM/Zi5E2vxrBR9T1v3kVvlt6+PSF
+BoHXROk5HQmdHxnH+VYQtDHSwj9Xe9aoJMyL0WjYKd//8NUO+VACDOtK4Nia6gy9
+m/n9kMASMw6f9iF4n6t4902RWrRKTYM1CVu5wyVklVbEdE9i6Db4CpL9E8HpBUAP
+t44JiNzuFkDmSE/z5XuQIimDt6nzOaSF8pX2KHY2ICDLwpMNUvxzqXD9ECbdspiy
+JC2RGq8uARGGl6kQQBKDNO8SrO7rSBPANd1+LgqrKbCrHYfvFgkZPgT5MlQi+E1G
+LNT+i6fzZha9ed/L6yjl5Em71flJGFwRZl2pfErZRxp8pLPcznYyIpSjcwnqNCRC
+orhlp8nheiODC3oO3AFHDiFgUqvm8hgpnT2cPk2lpU2VY1TcZ8sW5qUDCxINIPcW
+u1SAsa87IJK3vEzPZfTCs/S6XThoqRfXj0c0Rahj7YFRi/PqIPY0ejwdtmZ9m9pZ
+8Lb0GYmlo44=
+-----END CERTIFICATE-----
index 51470d2..369b582 100644 (file)
@@ -26,4 +26,4 @@ config.reload.automatic: true
 #xpack.monitoring.elasticsearch.url: ["http://10.247.186.12:9200", "http://10.247.186.13:9200"]
 #xpack.monitoring.elasticsearch.username: elastic
 #xpack.monitoring.elasticsearch.password: changeme
-xpack.monitoring.enabled: false
+#xpack.monitoring.enabled: false
index f88e40d..317b428 100644 (file)
@@ -1,4 +1,4 @@
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
+# Copyright (c) 2018 AT&T Intellectual Property.  All rights reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 input {
-  http_poller {
+    http_poller {
         urls => {
             event_queue => {
                 method => get
@@ -20,8 +20,8 @@ input {
                 headers => {
                     Accept => "application/json"
                 }
-                add_field => { "topic" => "${event_topic}" }
-                type => "dmaap_event"
+                topic => "${event_topic}"
+                tags => [ "dmaap_source" ]
             }
             notification_queue => {
                 method => get
@@ -29,8 +29,8 @@ input {
                 headers => {
                     Accept => "application/json"
                 }
-                add_field => { "topic" => "${notification_topic}" }
-                type => "dmaap_notification"
+                topic => "${notification_topic}"
+                tags => [ "dmaap_source" ]
             }
             request_queue => {
                 method => get
@@ -38,66 +38,91 @@ input {
                 headers => {
                     Accept => "application/json"
                 }
-                add_field => { "topic" => "${request_topic}" }
-                type => "dmaap_request"
+                topic => "${request_topic}"
+                tags => [ "dmaap_source" ]
             }
         }
         socket_timeout => 30
         request_timeout => 30
-        interval => 60
+        schedule => { "every" => "1m" }
         codec => "plain"
-  }
+        cacert => "/certs.d/aafca.pem"
+    }
 }
 
+
 filter {
-       if [type] != "dmaap_log" {
-        # avoid noise if no entry in the list
-        if [message] == "[]" {
-           drop { }
-        }
+    # avoid noise if no entry in the list
+    if [message] == "[]" {
+        drop { }
+    }
+
+    if [http_request_failure] or [@metadata][code] != "200" {
+       mutate {
+                  add_tag => [ "error" ]
+       }
+    }
 
-        # parse json, split  the list into multiple events, and parse each event
+    if "dmaap_source" in [tags] {
+        #
+        # Dmaap provides a json list, whose items are Strings containing the event
+        # provided to Dmaap, which itself is an escaped json.
+        #
+        # We first need to parse the json as we have to use the plaintext as it cannot
+        # work with list of events, then split that list into multiple string events,
+        # that we then transform into json.
+        #
         json {
-             source => "[message]"
-             target => "message"
+            source => "[message]"
+            target => "message"
         }
+        ruby {
+            code => "
+            for ev in event.get('message', [])
+                ev.set('@metadata', event.get('@metadata'))
+            end
+            "
+        }
+       
         split {
-              field => "message"
-                 add_field => {
-                       "type" => "%{type}"
-                       "topic" => "%{topic}"
-                 }
+            field => "message"
         }
         json {
-             source => "message"
+            source => "message"
+        }
+        mutate {
+            remove_field => [ "message" ]
         }
-        mutate { remove_field => [ "message" ] }
     }
-    
-    # express timestamps in milliseconds instead of microseconds
-    ruby {
+
+    #
+    # Some timestamps are expressed as milliseconds, some are in microseconds
+    #
+    if [closedLoopAlarmStart] {
+        ruby {
             code => "
-                     if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999
-                       event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000)
-                     else
-                       event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10))
-                     end
-                    "
-    }
-    date {
-        match => [ "closedLoopAlarmStart", UNIX_MS ]
-        target => "closedLoopAlarmStart"
+            if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999
+              event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000)
+            else
+              event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10))
+            end
+            "
+        }
+        date {
+            match => [ "closedLoopAlarmStart", UNIX_MS ]
+            target => "closedLoopAlarmStart"
+        }
     }
 
     if [closedLoopAlarmEnd] {
         ruby {
             code => "
-                    if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999  
-                      event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000)
-                    else
-                      event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10))
-                    end
-                    "
+            if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999
+              event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000)
+            else
+              event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10))
+            end
+            "
         }
         date {
             match => [ "closedLoopAlarmEnd", UNIX_MS ]
@@ -105,39 +130,122 @@ filter {
         }
 
     }
-    #"yyyy-MM-dd HH:mm:ss"
+
+
+    #
+    # Notification time are expressed under the form "yyyy-MM-dd HH:mm:ss", which
+    # is close to ISO8601, but lacks of T as spacer: "yyyy-MM-ddTHH:mm:ss"
+    #
     if [notificationTime] {
-       mutate {
-              gsub => [
-                   "notificationTime", " ", "T"
-              ]
-       }
-       date {
+        mutate {
+            gsub => [
+                "notificationTime", " ", "T"
+                ]
+        }
+        date {
             match => [ "notificationTime", ISO8601 ]
             target => "notificationTime"
-       }
+        }
+    }
+
+
+    #
+    # Renaming some fields for readability
+    #
+        if [AAI][generic-vnf.vnf-name] {
+            mutate {
+                add_field => { "vnfName" => "%{[AAI][generic-vnf.vnf-name]}" }
+            }
+        }
+        if [AAI][generic-vnf.vnf-type] {
+            mutate {
+                add_field => { "vnfType" => "%{[AAI][generic-vnf.vnf-type]}" }
+            }
+        }
+        if [AAI][vserver.vserver-name] {
+            mutate {
+                add_field => { "vmName" => "%{[AAI][vserver.vserver-name]}" }
+            }
+        }
+        if [AAI][complex.city] {
+            mutate {
+                add_field => { "locationCity" => "%{[AAI][complex.city]}" }
+            }
+        }
+        if [AAI][complex.state] {
+            mutate {
+                add_field => { "locationState" => "%{[AAI][complex.state]}" }
+            }
+        }
+
+
+    #
+    # Adding some flags to ease aggregation
+    #
+    if [closedLoopEventStatus] =~ /(?i)ABATED/ {
+        mutate {
+            add_field => { "flagAbated" => "1" }
+        }
+    }
+    if [notification] =~ /^.*?(?:\b|_)FINAL(?:\b|_).*?(?:\b|_)FAILURE(?:\b|_).*?$/ {
+        mutate {
+            add_field => { "flagFinalFailure" => "1" }
+        }
+    }
+
+
+    if "error" not in [tags] {
+        #
+        # Creating data for a secondary index
+        #
+        clone {
+            clones => [ "event-cl-aggs" ]
+            add_tag => [ "event-cl-aggs" ]
+        }
+        
+        if  "event-cl-aggs" in [tags] {
+            #
+            # we only need a few fields for aggregations; remove all fields from clone except :
+            #   vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure
+            #
+            prune {
+                whitelist_names => ["^@.*$","^topic$","^type$","^tags$","^flagFinalFailure$","^flagAbated$","^locationState$","^locationCity$","^vmName$","^vnfName$","^vnfType$","^requestID$","^closedLoopAlarmStart$","^closedLoopControlName$","^closedLoopAlarmEnd$","^target$","^target_type$","^triggerSourceName$","^policyScope$","^policyName$","^policyVersion$"]
+            }
+        
+        }
     }
 }
+
+
 output {
     stdout {
         codec => rubydebug
     }
 
-    if [http_request_failure] {
+    if "error" in [tags] {
         elasticsearch {
             codec => "json"
             hosts => ["${elasticsearch_base_url}"]
             index => "errors-%{+YYYY.MM.DD}"
             doc_as_upsert => true
         }
-    } else {
+
+    } else if "event-cl-aggs" in [tags] {
         elasticsearch {
             codec => "json"
             hosts => ["${elasticsearch_base_url}"]
-            index => "logstash-%{+YYYY.MM.DD}" # creates daily indexes
+            document_id => "%{requestID}"
+            index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop
             doc_as_upsert => true
+            action => "update"
+        }
 
+    } else {
+        elasticsearch {
+            codec => "json"
+            hosts => ["${elasticsearch_base_url}"]
+            index => "events-%{+YYYY.MM.DD}" # creates daily indexes
+            doc_as_upsert => true
         }
     }
-
 }
index 9186cd9..350a0e0 100644 (file)
@@ -25,3 +25,13 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-aaf-keys
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
index 433e7ab..aff9a0d 100644 (file)
@@ -48,7 +48,7 @@ spec:
         name: {{ include "common.name" . }}-readiness
       containers:
         - name: {{ include "common.name" . }}
-          image: "{{ .Values.global.loggingRepository| default .Values.loggingRepository }}/{{ .Values.image }}"
+          image: "{{ .Values.global.imageRepository| default .Values.imageRepository }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           env:
           - name: dmaap_consumer_group
@@ -92,6 +92,8 @@ spec:
           - mountPath: /usr/share/logstash/pipeline/logstash.conf
             name: {{ include "common.fullname" . }}
             subPath: pipeline.conf
+          - name: {{ include "common.fullname" . }}-aaf-certs
+            mountPath: /certs.d/
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -114,5 +116,9 @@ spec:
               path: logstash.yml
             - key: pipeline.conf
               path: pipeline.conf
+        - name: {{ include "common.fullname" . }}-aaf-certs
+          secret:
+            secretName: {{ include "common.fullname" . }}-aaf-keys
+
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
index 9be859c..52b66c6 100644 (file)
@@ -28,8 +28,8 @@ global:
 #################################################################
 
 # application image
-loggingRepository: docker.elastic.co
-image: logstash/logstash:5.6.9
+imageRepository: nexus3.onap.org:10001 
+image: onap/clamp-dashboard-logstash:3.0-STAGING-latest
 pullPolicy: Always
 
 # flag to enable debugging - application support required
@@ -39,7 +39,7 @@ debugEnabled: false
 config:
   elasticsearchServiceName: cdash-es
   elasticsearchPort: 9200
-  dmaapHost: message-router.{{ include "common.namespace" . }}
+  dmaapHost: message-router
   dmaapScheme: https
   dmaapPort: 3905
   dmaapConsumerGroup: "clampdashboard"
diff --git a/kubernetes/common/pgpool/templates/configmap.yaml b/kubernetes/common/pgpool/templates/configmap.yaml
deleted file mode 100755 (executable)
index cc20b42..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Release.Name }}-pgpool-configmap
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/pgpool/templates/service.yaml b/kubernetes/common/pgpool/templates/service.yaml
deleted file mode 100644 (file)
index 0811fda..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-kind: "Service"
-apiVersion: "v1"
-metadata:
-  name: "pgpool"
-  labels:
-    name: "pgpool"
-spec: 
-  ports:
-    - protocol: "TCP"
-      port: 5432
-      targetPort: 5432
-  selector:
-    name: "pgpool"
-  type: ClusterIP
@@ -52,12 +52,12 @@ pcp_socket_dir = '/tmp'
 
 # - Backend Connection Settings -
 
-backend_hostname0 = '{{.Values.container.primary}}'
+backend_hostname0 = '{{.Values.container.name.primary}}'
 backend_port0 = 5432
 backend_weight0= 1
 backend_flag0= 'DISALLOW_TO_FAILOVER'
 
-backend_hostname1 = '{{.Values.container.replica}}'
+backend_hostname1 = '{{.Values.container.name.replica}}'
 backend_port1 = 5432
 backend_weight1= 1
 backend_flag1= 'DISALLOW_TO_FAILOVER'
@@ -259,7 +259,7 @@ failover_if_affected_tuples_mismatch = off
 # LOAD BALANCING MODE
 #------------------------------------------------------------------------------
 
-load_balance_mode = off
+load_balance_mode = on
                                    # Activate load balancing mode
                                    # (change requires restart)
 ignore_leading_white_space = on
@@ -358,7 +358,7 @@ health_check_period = 20
 health_check_timeout = 10
                                    # Health check timeout
                                    # 0 means no timeout
-health_check_user = '{{.Values.credentials.pguser}}'
+health_check_user = '{{.Values.credentials.pgusername}}'
                                    # Health check user
 health_check_password = '{{.Values.credentials.pgpassword}}'
                                    # Password for health check user
@@ -419,7 +419,7 @@ search_primary_node_timeout = 10
 # ONLINE RECOVERY
 #------------------------------------------------------------------------------
 
-recovery_user = '{{.Values.credentials.pguser}}'
+recovery_user = '{{.Values.credentials.pgusername}}'
                                    # Online recovery user
 recovery_password = '{{.Values.credentials.pgpassword}}'
                                    # Online recovery password
old mode 100644 (file)
new mode 100755 (executable)
similarity index 67%
rename from kubernetes/aaf/templates/secrets.yaml
rename to kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml
index fe876e1..e2c77ff
@@ -13,9 +13,9 @@
 # limitations under the License.
 
 apiVersion: v1
-kind: Secret
+kind: ConfigMap
 metadata:
-  name: {{ .Release.Name}}-aaf-local-secret
+  name: {{ include "common.fullname" . }}-pgpool-configmap
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -23,8 +23,4 @@ metadata:
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
 data:
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }}
-type: Opaque
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
@@ -15,7 +15,7 @@
 */}}
 kind: Deployment
 apiVersion: extensions/v1beta1
-metadata: 
+metadata:
   name: {{ include "common.fullname" . }}
   namespace: {{ include "common.namespace" . }}
   labels:
@@ -23,7 +23,7 @@ metadata:
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
-spec: 
+spec:
   replicas: 2
   template:
     metadata:
@@ -32,8 +32,9 @@ spec:
         release: {{ .Release.Name }}
     spec:
       containers:
-      - name: pgpool
-        image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}"
+      - image: "{{.Values.repository}}/{{.Values.image}}"
+        imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+        name: {{ include "common.name" . }}
         env:
         - name: PG_PRIMARY_SERVICE_NAME
           value: {{.Values.container.name.primary}}
@@ -52,8 +53,8 @@ spec:
             port: 5432
           initialDelaySeconds: 20
           periodSeconds: 10
-        livenessProbe: 
-          tcpSocket: 
+        livenessProbe:
+          tcpSocket:
             port: 5432
         initialDelaySeconds: 15
         periodSeconds: 20
@@ -64,4 +65,4 @@ spec:
       volumes:
       - name: pgpool-pgconf
         configMap:
-          name: {{ .Release.Name }}-pgpool-configmap
+          name: {{ include "common.fullname" . }}-pgpool-configmap
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
new file mode 100644 (file)
index 0000000..86442a2
--- /dev/null
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.service.name }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
similarity index 53%
rename from kubernetes/common/pgpool/values.yaml
rename to kubernetes/common/postgres/charts/pgpool/values.yaml
index 8e74742..cb732b7 100644 (file)
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-name: pgpool
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  persistence: {}
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: crunchydata
+image: crunchy-pgpool:centos7-10.4-2.0.0
+pullPolicy: Always
+
 container:
   port: 5432
   name:
@@ -21,8 +37,8 @@ container:
 credentials:
   pgusername: testuser
   pgpassword: password
-serviceType: ClusterIP
-image:
-  repository: crunchydata
-  container: crunchy-pgpool
-  tag: centos7-10.4-2.0.0
+service:
+  name: pgpool 
+  type: ClusterIP
+  externalPort: 5432
+  internalPort: 5432
index 8e19b31..51f2acc 100644 (file)
         "interval": "15s",
         "timeout": "1s"
       },
+      {
+        "id": "multicloud-pike",
+        "name": "Multicloud Pike Health Check",
+        "http": "http://multicloud-pike:9007/api/multicloud-pike/v0/swagger.json",
+        "method": "HEAD",
+        "header": {
+          "Cache-Control": ["no-cache"],
+          "Content-Type": ["application/json"],
+          "Accept": ["application/json"]
+        },
+        "tls_skip_verify": true,
+        "interval": "15s",
+        "timeout": "1s"
+      },
       {
         "id": "multicloud-vio",
         "name": "Multicloud Vio Health Check",
index 10ac897..832ec35 100644 (file)
@@ -60,6 +60,16 @@ postgres:
   persistence:
     mountSubPath: dcae/data
     mountInitPath: dcae
+  pgpool:
+    nameOverride: dcae-pgpool
+    service:
+      name: dcae-pgpool
+    credentials:
+      pgpassword: onapdemodb
+    container:
+      name:
+        primary: dcae-pgpool-primary
+        replica: dcae-pgpool-replica
 
 # application image
 repository: nexus3.onap.org:10001
@@ -69,8 +79,8 @@ image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.3
 # Use to override default setting in blueprints
 componentImages:
   config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
-  datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.0
-  deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.2
+  datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.2
+  deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.3
   holmes_rules: onap/holmes/rule-management:1.2.0-STAGING-latest
   holmes_engine: onap/holmes/engine-management:1.2.0-STAGING-latest
   inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
index a14b1b7..e79a693 100644 (file)
@@ -92,6 +92,17 @@ postgres:
   persistence:
     mountSubPath: dbc/data
     mountInitPath: dbc
+  pgpool:
+    nameOverride: dbc-pgpool
+    service:
+      name: dbc-pgpool
+    credentials:
+      pgusername: dmaap_admin
+      pgpassword: onapdemodb
+    container:
+      name:
+        primary: dbc-pgpool-primary
+        replica: dbc-pgpool-replica
 
 ingress:
   enabled: false
index 9a48dbe..f8600b5 100644 (file)
@@ -26,7 +26,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:latest
+image: onap/dmaap/datarouter-node:1.0.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required
index 855a64f..dfdd38b 100644 (file)
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:latest
+image: onap/dmaap/datarouter-prov:1.0.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required
diff --git a/kubernetes/multicloud/charts/multicloud-azure/.helmignore b/kubernetes/multicloud/charts/multicloud-azure/.helmignore
new file mode 100644 (file)
index 0000000..f0c1319
--- /dev/null
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
@@ -1,4 +1,5 @@
 # Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-
-##
-## org.osaaf.locator 
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.hello:2.1.0.0
-port=8130
-cadi_registration_hostname={{.Values.config.helloServiceName}}
+apiVersion: v1
+description: ONAP multicloud Azure plugin
+name: multicloud-azure
+version: 3.0.0
diff --git a/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml
new file mode 100644 (file)
index 0000000..5e29829
--- /dev/null
@@ -0,0 +1,37 @@
+# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+    vio:
+      handlers: [azure_handler]
+      level: "DEBUG"
+      propagate: False
+handlers:
+    vio_handler:
+        level: "DEBUG"
+        class: "logging.handlers.RotatingFileHandler"
+        filename: "/var/log/onap/multicloud/azure/azure.log"
+        formatter: "mdcFormat"
+        maxBytes: 52428800
+        backupCount: 10
+formatters:
+    standard:
+        format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+    mdcFormat:
+        format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+        mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+        datefmt: "%Y-%m-%d %H:%M:%S"
+        (): onaplogging.mdcformatter.MDCFormatter
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt
new file mode 100644 (file)
index 0000000..befedf4
--- /dev/null
@@ -0,0 +1,34 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml
new file mode 100644 (file)
index 0000000..5d69f74
--- /dev/null
@@ -0,0 +1,29 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# #       http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml
new file mode 100644 (file)
index 0000000..d850eba
--- /dev/null
@@ -0,0 +1,110 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: multicloud-azure
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+      name: {{ include "common.name" . }}
+      annotations:
+        sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+    spec:
+     containers:
+     - env:
+       - name: MSB_ADDR
+         value: "{{ .Values.config.msbgateway }}"
+       - name: MSB_PORT
+         value: "{{ .Values.config.msbPort }}.{{ include "common.namespace" . }}"
+       - name: AAI_ADDR
+         value: aai.{{ include "common.namespace" . }}
+       - name: AAI_PORT
+         value: "{{ .Values.config.aai.port }}"
+       - name: AAI_SCHEMA_VERSION
+         value: "{{ .Values.config.aai.schemaVersion }}"
+       - name: AAI_USERNAME
+         value: "{{ .Values.config.aai.username }}"
+       - name: AAI_PASSWORD
+         value: "{{ .Values.config.aai.password }}"
+       name: {{ include "common.name" . }}
+       volumeMounts:
+       - mountPath: /var/log/onap
+         name: azure-log
+       - mountPath: /opt/multicloud_azure/multicloud_azure/pub/config/log.yml
+         name: azure-logconfig
+         subPath: log.yml
+       resources:
+{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }}
+       image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+       imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+       ports:
+       - containerPort: {{ .Values.service.internalPort }}
+       # disable liveness probe when breakpoints set in debugger
+       # so K8s doesn't restart unresponsive container
+       {{- if eq .Values.liveness.enabled true }}
+       livenessProbe:
+         httpGet:
+           path: /api/multicloud-azure/v0/swagger.json
+           port: {{ .Values.service.internalPort }}
+           scheme: HTTP
+         initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+         periodSeconds: {{ .Values.liveness.periodSeconds }}
+         timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+         successThreshold: {{ .Values.liveness.successThreshold }}
+         failureThreshold: {{ .Values.liveness.failureThreshold }}
+       {{ end -}}
+       # side car containers
+     - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+       imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+       name: filebeat-onap
+       volumeMounts:
+       - mountPath: /usr/share/filebeat/filebeat.yml
+         name: filebeat-conf
+         subPath: filebeat.yml
+       - mountPath: /var/log/onap
+         name: azure-log
+       - mountPath: /usr/share/filebeat/data
+         name: azure-data-filebeat
+     volumes:
+     - name: azure-log
+       emptyDir: {}
+     - name: azure-data-filebeat
+       emptyDir: {}
+     - name: filebeat-conf
+       configMap:
+         name: multicloud-filebeat-configmap
+     - name: azure-logconfig
+       configMap:
+         name: {{ include "common.fullname" . }}-log-configmap
+     imagePullSecrets:
+     - name: "{{ include "common.namespace" . }}-docker-registry-key"
+     restartPolicy: Always
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml
new file mode 100644 (file)
index 0000000..b48aa6d
--- /dev/null
@@ -0,0 +1,53 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# #       http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    msb.onap.org/service-info: '[
+    {
+      "serviceName": "multicloud-azure",
+      "version": "v0",
+      "url": "/api/multicloud-azure/v0",
+      "protocol": "REST",
+      "port": "{{ .Values.service.externalPort }}",
+      "visualRange": "1"
+    }
+    ]'
+spec:
+  ports:
+  {{if eq .Values.service.type "NodePort" -}}
+  - name: {{ .Values.service.portName }}
+    port: {{ .Values.service.externalPort }}
+    nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+  {{- else -}}
+  - port: {{ .Values.service.externalPort }}
+    targetPort: {{ .Values.service.internalPort }}
+    name: {{ .Values.service.portName }}
+  {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  type: {{ .Values.service.type }}
diff --git a/kubernetes/multicloud/charts/multicloud-azure/values.yaml b/kubernetes/multicloud/charts/multicloud-azure/values.yaml
new file mode 100644 (file)
index 0000000..7b9d9c7
--- /dev/null
@@ -0,0 +1,86 @@
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/multicloud/azure:1.2.0-SNAPSHOT
+pullPolicy: Always
+
+#Istio sidecar injection policy
+istioSidecar: true
+
+# application configuration
+config:
+  msbgateway: msb-iag
+  msbPort: 80
+  aai:
+    port: 8443
+    schemaVersion: v13
+    username: AAI
+    password: AAI
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 30
+  periodSeconds: 10
+  timeoutSeconds: 10
+  successThreshold: 1
+  failureThreshold: 5
+  enabled: true
+
+service:
+  type: NodePort
+  portName: multicloud-azure
+  externalPort: 9008
+  internalPort: 9008
+  nodePort: 61
+
+ingress:
+  enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+  small:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 10m
+      memory: 1Gi
+  large:
+    limits:
+      cpu: 2
+      memory: 8Gi
+    requests:
+      cpu: 20m
+      memory: 2Gi
index cbe426e..fda5ece 100644 (file)
@@ -18,7 +18,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.name }}
+  name: {{ include "common.servicename" . }}
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -34,18 +34,26 @@ metadata:
       "protocol": "REST",
       "port": "{{ .Values.service.externalPort }}",
       "visualRange": "1"
+    },
+    {
+      "serviceName": "multicloud-ocata",
+      "version": "v1",
+      "url": "/api/multicloud-ocata/v1",
+      "protocol": "REST",
+      "port": "{{ .Values.service.externalPort }}",
+      "visualRange": "1"
     }
     ]'
 spec:
   ports:
   {{if eq .Values.service.type "NodePort" -}}
-  - name: http-{{ .Values.service.name }}
-    port: {{ .Values.service.externalPort }}
+  - port: {{ .Values.service.externalPort }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+    name: {{ .Values.service.portName }}
   {{- else -}}
   - port: {{ .Values.service.externalPort }}
     targetPort: {{ .Values.service.internalPort }}
-    name: http-{{ .Values.service.name }}
+    name: {{ .Values.service.portName }}
   {{- end}}
   selector:
     app: {{ include "common.name" . }}
index 699b908..dcb7df4 100644 (file)
@@ -59,6 +59,7 @@ liveness:
 service:
   type: NodePort
   name: multicloud-ocata
+  portName: multicloud-ocata
   externalPort: 9006
   internalPort: 9006
   nodePort: 93
@@ -84,4 +85,4 @@ resources:
     requests:
       cpu: 20m
       memory: 2Gi
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/.helmignore b/kubernetes/multicloud/charts/multicloud-pike/.helmignore
new file mode 100644 (file)
index 0000000..f0c1319
--- /dev/null
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright (c) 2018 Intel Corporation.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # limitations under the License.
 
 apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }}
+description: ONAP multicloud OpenStack Pike Plugin
+name: multicloud-pike
+version: 3.0.0
diff --git a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml
new file mode 100644 (file)
index 0000000..935d9ca
--- /dev/null
@@ -0,0 +1,47 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+    pike:
+      handlers: [pike_handler]
+      level: "DEBUG"
+      propagate: False
+    newton_base:
+      handlers: [pike_handler]
+      level: "DEBUG"
+      propagate: False
+    common:
+      handlers: [pike_handler]
+      level: "DEBUG"
+      propagate: False
+
+handlers:
+    pike_handler:
+        level: "DEBUG"
+        class: "logging.handlers.RotatingFileHandler"
+        filename: "/var/log/onap/multicloud/openstack/pike/pike.log"
+        formatter: "mdcFormat"
+        maxBytes: 1024*1024*50
+        backupCount: 10
+
+formatters:
+    standard:
+        format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+    mdcFormat:
+        format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+        mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+        datefmt: "%Y-%m-%d %H:%M:%S"
+        (): onaplogging.mdcformatter.MDCFormatter
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt
new file mode 100644 (file)
index 0000000..7adeb62
--- /dev/null
@@ -0,0 +1,34 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml
new file mode 100644 (file)
index 0000000..db636e7
--- /dev/null
@@ -0,0 +1,28 @@
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# #       http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml
new file mode 100644 (file)
index 0000000..a7c5444
--- /dev/null
@@ -0,0 +1,110 @@
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+      name: {{ include "common.name" . }}
+      annotations:
+        sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+    spec:
+     containers:
+     - env:
+       - name: MSB_ADDR
+         value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
+       - name: MSB_PORT
+         value: "{{ .Values.config.msbPort }}"
+       - name: AAI_ADDR
+         value: aai.{{ include "common.namespace" . }}
+       - name: AAI_PORT
+         value: "{{ .Values.config.aai.port }}"
+       - name: AAI_SCHEMA_VERSION
+         value: "{{ .Values.config.aai.schemaVersion }}"
+       - name: AAI_USERNAME
+         value: "{{ .Values.config.aai.username }}"
+       - name: AAI_PASSWORD
+         value: "{{ .Values.config.aai.password }}"
+       name: {{ include "common.name" . }}
+       volumeMounts:
+       - mountPath: /var/log/onap
+         name: pike-log
+       - mountPath: /opt/pike/pike/pub/config/log.yml
+         name: pike-logconfig
+         subPath: log.yml
+       resources:
+{{ include "common.resources" . | indent 12 }}
+       image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+       imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+       ports:
+       - containerPort: {{ .Values.service.internalPort }}
+       # disable liveness probe when breakpoints set in debugger
+       # so K8s doesn't restart unresponsive container
+       {{ if .Values.liveness.enabled }}
+       livenessProbe:
+         httpGet:
+           path: /api/multicloud-pike/v0/swagger.json
+           port: {{ .Values.service.internalPort }}
+           scheme: HTTP
+         initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+         periodSeconds: {{ .Values.liveness.periodSeconds }}
+         timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+         successThreshold: {{ .Values.liveness.successThreshold }}
+         failureThreshold: {{ .Values.liveness.failureThreshold }}
+       {{ end }}
+     # side car containers
+     - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+       imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+       name: filebeat-onap
+       volumeMounts:
+       - mountPath: /usr/share/filebeat/filebeat.yml
+         name: filebeat-conf
+         subPath: filebeat.yml
+       - mountPath: /var/log/onap
+         name: pike-log
+       - mountPath: /usr/share/filebeat/data
+         name: pike-data-filebeat
+
+     volumes:
+     - name: pike-log
+       emptyDir: {}
+     - name: pike-data-filebeat
+       emptyDir: {}
+     - name: filebeat-conf
+       configMap:
+         name: multicloud-filebeat-configmap
+     - name: pike-logconfig
+       configMap:
+         name: {{ include "common.fullname" . }}-log-configmap
+     imagePullSecrets:
+     - name: "{{ include "common.namespace" . }}-docker-registry-key"
+     restartPolicy: Always
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml
new file mode 100644 (file)
index 0000000..7953b0d
--- /dev/null
@@ -0,0 +1,61 @@
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# #       http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    msb.onap.org/service-info: '[
+    {
+      "serviceName": "multicloud-pike",
+      "version": "v0",
+      "url": "/api/multicloud-pike/v0",
+      "protocol": "REST",
+      "port": "{{ .Values.service.externalPort }}",
+      "visualRange": "1"
+    },
+    {
+      "serviceName": "multicloud-pike",
+      "version": "v1",
+      "url": "/api/multicloud-pike/v1",
+      "protocol": "REST",
+      "port": "{{ .Values.service.externalPort }}",
+      "visualRange": "1"
+    }
+    ]'
+
+spec:
+  ports:
+  {{if eq .Values.service.type "NodePort" -}}
+  - port: {{ .Values.service.externalPort }}
+    nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+    name: {{ .Values.service.portName }}
+  {{- else -}}
+  - port: {{ .Values.service.externalPort }}
+    targetPort: {{ .Values.service.internalPort }}
+    name: {{ .Values.service.portName }}
+  {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  type: {{ .Values.service.type }}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml
new file mode 100644 (file)
index 0000000..ee937ae
--- /dev/null
@@ -0,0 +1,87 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/multicloud/openstack-pike:1.2.0-STAGING
+pullPolicy: Always
+
+#Istio sidecar injection policy
+istioSidecar: true
+
+# application configuration
+config:
+  msbgateway: msb-iag
+  msbPort: 80
+  aai:
+    port: 8443
+    schemaVersion: v13
+    username: AAI
+    password: AAI
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 30
+  periodSeconds: 10
+  timeoutSeconds: 10
+  successThreshold: 1
+  failureThreshold: 5
+  enabled: true
+
+service:
+  type: NodePort
+  name: multicloud-pike
+  portName: multicloud-pike
+  externalPort: 9007
+  internalPort: 9007
+  nodePort: 96
+
+ingress:
+  enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+  small:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 10m
+      memory: 1Gi
+  large:
+    limits:
+      cpu: 2
+      memory: 8Gi
+    requests:
+      cpu: 20m
+      memory: 2Gi
+  unlimited: {}
index b53aef4..b34cbec 100644 (file)
@@ -18,7 +18,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.name }}
+  name: {{ include "common.servicename" . }}
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -34,18 +34,26 @@ metadata:
       "protocol": "REST",
       "port": "{{ .Values.service.externalPort }}",
       "visualRange": "1"
+    },
+    {
+      "serviceName": "multicloud-vio",
+      "version": "v1",
+      "url": "/api/multicloud-vio/v1",
+      "protocol": "REST",
+      "port": "{{ .Values.service.externalPort }}",
+      "visualRange": "1"
     }
     ]'
 spec:
   ports:
   {{if eq .Values.service.type "NodePort" -}}
-  - name: http-{{ .Values.service.name }}
-    port: {{ .Values.service.externalPort }}
+  - port: {{ .Values.service.externalPort }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+    name: {{ .Values.service.portName }}
   {{- else -}}
   - port: {{ .Values.service.externalPort }}
     targetPort: {{ .Values.service.internalPort }}
-    name: http-{{ .Values.service.name }}
+    name: {{ .Values.service.portName }}
   {{- end}}
   selector:
     app: {{ include "common.name" . }}
index 810646d..b23b014 100644 (file)
@@ -59,6 +59,7 @@ liveness:
 service:
   type: NodePort
   name: multicloud-vio
+  portName: multicloud-vio
   externalPort: 9004
   internalPort: 9004
   nodePort: 92
@@ -84,4 +85,4 @@ resources:
     requests:
       cpu: 20m
       memory: 2Gi
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
index f876bb9..c1128bb 100644 (file)
@@ -18,7 +18,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.name }}
+  name: {{ include "common.servicename" . }}
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -32,7 +32,7 @@ metadata:
       "version": "v0",
       "url": "/api/multicloud-titanium_cloud/v0",
       "protocol": "REST",
-      "port": "{{ .Values.service.internalPort }}",
+      "port": "{{ .Values.service.externalPort }}",
       "visualRange": "1"
     },
     {
@@ -40,7 +40,7 @@ metadata:
       "version": "v0",
       "url": "/api/multicloud-titaniumcloud/v0",
       "protocol": "REST",
-      "port": "{{ .Values.service.internalPort }}",
+      "port": "{{ .Values.service.externalPort }}",
       "visualRange": "1"
     },
     {
@@ -48,7 +48,7 @@ metadata:
       "version": "v1",
       "url": "/api/multicloud-titaniumcloud/v1",
       "protocol": "REST",
-      "port": "{{ .Values.service.internalPort }}",
+      "port": "{{ .Values.service.externalPort }}",
       "visualRange": "1"
     }
     ]'
@@ -56,13 +56,13 @@ metadata:
 spec:
   ports:
   {{ if eq .Values.service.type "NodePort" }}
-  - name: http-{{ .Values.service.name }}
-    port: {{ .Values.service.externalPort }}
+  - port: {{ .Values.service.externalPort }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+    name: {{ .Values.service.portName }}
   {{ else }}
   - port: {{ .Values.service.externalPort }}
     targetPort: {{ .Values.service.internalPort }}
-    name: http-{{ .Values.service.name }}
+    name: {{ .Values.service.portName }}
   {{ end }}
   selector:
     app: {{ include "common.name" . }}
index 4ebf843..913f682 100644 (file)
@@ -43,6 +43,7 @@ config:
 service:
   type: NodePort
   name: multicloud-titaniumcloud
+  portName: multicloud-titaniumcloud
   externalPort: 9005
   internalPort: 9005
   nodePort: 94
@@ -84,4 +85,4 @@ resources:
     requests:
       cpu: 20m
       memory: 2Gi
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
index 2f799e5..2bc9894 100644 (file)
@@ -7,6 +7,11 @@
                 "extra_info_hint": "",
                 "provider_plugin": "multicloud-titaniumcloud"
             },
+            "pike": {
+                "version": "pike",
+                "extra_info_hint": "",
+                "provider_plugin": "multicloud-pike"
+            },
             "ocata": {
                 "version": "ocata",
                 "extra_info_hint": "",
             }
         },
         "provider_plugin": "multicloud-vio"
+    },
+    "azure": {
+        "vim_type": "azure",
+        "versions": {
+            "1.0": {
+                "version": "1.0",
+                "extra_info_hint": "",
+                "provider_plugin": "multicloud-azure"
+            }
+        },
+        "provider_plugin": "multicloud-azure"
     }
 }
index 1ad3e51..e34bdf4 100644 (file)
@@ -18,7 +18,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.name }}
+  name: {{ .Values.service.portName }}
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -34,18 +34,26 @@ metadata:
       "protocol": "REST",
       "port": "{{ .Values.service.externalPort }}",
       "visualRange": "1"
+    },
+    {
+      "serviceName": "multicloud",
+      "version": "v1",
+      "url": "/api/multicloud/v1",
+      "protocol": "REST",
+      "port": "{{ .Values.service.externalPort }}",
+      "visualRange": "1"
     }
     ]'
 spec:
   ports:
   {{if eq .Values.service.type "NodePort" -}}
-  - name: {{ .Values.service.name }}
-    port: {{ .Values.service.externalPort }}
+  - port: {{ .Values.service.externalPort }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+    name: {{ .Values.service.portName }}
   {{- else -}}
   - port: {{ .Values.service.externalPort }}
     targetPort: {{ .Values.service.internalPort }}
-    name: {{ .Values.service.name }}
+    name: {{ .Values.service.portName }}
   {{- end}}
   selector:
     app: {{ include "common.name" . }}
index 3f1da7e..5756d9f 100644 (file)
@@ -63,6 +63,7 @@ liveness:
 service:
   type: NodePort
   name: multicloud
+  portName: multicloud-framework
   externalPort: 9001
   internalPort: 9001
   nodePort: 91
@@ -88,4 +89,4 @@ resources:
     requests:
       cpu: 20m
       memory: 2Gi
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
index f904b4c..ac5d326 100644 (file)
@@ -28,7 +28,7 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:3.0.0-latest
+image: onap/externalapi/nbi:3.0.1
 pullPolicy: Always
 sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
 aai_authorization: Basic QUFJOkFBSQ==
@@ -87,8 +87,8 @@ liveness:
   httpGet:
     path: /nbi/api/v3/status
     port: 8080
-  initialDelaySeconds: 120
-  periodSeconds: 20
+  initialDelaySeconds: 180
+  periodSeconds: 30
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
@@ -97,8 +97,8 @@ readiness:
   httpGet:
     path: /nbi/api/v3/status
     port: 8080
-  initialDelaySeconds: 125
-  periodSeconds: 20
+  initialDelaySeconds: 185
+  periodSeconds: 30
 
 service:
   type: NodePort
diff --git a/kubernetes/oof/resources/config/aaf_root_ca.cer b/kubernetes/oof/resources/config/aaf_root_ca.cer
new file mode 100755 (executable)
index 0000000..e9a50d7
--- /dev/null
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
index f286be4..d39a832 100755 (executable)
@@ -1,18 +1,29 @@
-osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }}
-osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }}
+placementVersioningEnabled: {{ .Values.config.placementVersioningEnabled }}
 
-osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
-osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
+# Placement API latest version numbers to be set in HTTP header
+placementMajorVersion: {{ .Values.config.placementMajorVersion }}
+placementMinorVersion: {{ .Values.config.placementMinorVersion }}
+placementPatchVersion: {{ .Values.config.placementPatchVersion }}
+
+# Placement API default version numbers to be set in HTTP header
+placementDefaultMajorVersion: {{ .Values.config.placementDefaultMajorVersion }}
+placementDefaultMinorVersion: {{ .Values.config.placementDefaultMinorVersion }}
+placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }}
 
+# Credentials for SO
 soUsername: {{ .Values.config.soUsername }}
 soPassword: {{ .Values.config.soPassword }}
 
+# Credentials for Conductor
 conductorUrl: {{ .Values.config.conductorUrl }}
 conductorUsername: {{ .Values.config.conductorUsername }}
 conductorPassword: {{ .Values.config.conductorPassword }}
 conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }}
 conductorMaxRetries: {{ .Values.config.conductorMaxRetries }}
+# versions to be set in HTTP header
+conductorMinorVersion: {{ .Values.config.conductorMinorVersion }}
 
+# Policy Platform -- requires ClientAuth, Authorization, and Environment
 policyPlatformUrl: {{ .Values.config.policyPlatformUrl }}
 policyPlatformEnv: {{ .Values.config.policyPlatformEnv }}
 policyPlatformUsername: {{ .Values.config.policyPlatformUsername }}
@@ -20,15 +31,59 @@ policyPlatformPassword: {{ .Values.config.policyPlatformPassword }}
 policyClientUsername: {{ .Values.config.policyClientUsername }}
 policyClientPassword: {{ .Values.config.policyClientPassword }}
 
+# Credentials for DMaaP
 messageReaderHosts: {{ .Values.config.messageReaderHosts }}
 messageReaderTopic: {{ .Values.config.messageReaderTopic }}
 messageReaderAafUserId: {{ .Values.config.messageReaderAafUserId }}
 messageReaderAafPassword: {{ .Values.config.messageReaderAafPassword }}
 
+# Credentials for SDC
 sdcUrl: {{ .Values.config.sdcUrl }}
 sdcUsername: {{ .Values.config.sdcUsername }}
 sdcPassword: {{ .Values.config.sdcPassword }}
 sdcONAPInstanceID: {{ .Values.config.sdcONAPInstanceID }}
 
+# Credentials for the OOF placement service - Generic
 osdfPlacementUsername: {{ .Values.config.osdfPlacementUsername }}
 osdfPlacementPassword: {{ .Values.config.osdfPlacementPassword }}
+
+# Credentials for the OOF placement service - SO
+osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }}
+osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }}
+
+# Credentials for the OOF placement service - VFC
+osdfPlacementVFCUsername: {{ .Values.config.osdfPlacementVFCUsername }}
+osdfPlacementVFCPassword: {{ .Values.config.osdfPlacementVFCPassword }}
+
+# Credentials for the OOF CM scheduling service - Generic
+osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
+osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
+
+is_aaf_enabled: {{ .Values.config.is_aaf_enabled }}
+aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }}
+aaf_url: {{ .Values.config.aaf_url }}
+aaf_user_roles:
+  {{- range .Values.config.aaf_user_roles }}
+  - {{ . }}
+  {{- end }}
+
+# Secret Management Service from AAF
+aaf_sms_url: {{ .Values.config.aaf_sms_url }}
+aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }}
+secret_domain: {{ .Values.config.secret_domain }}
+aaf_ca_certs: {{ .Values.config.aaf_ca_certs }}
+
+# config db api
+configDbUrl: {{ .Values.config.configDbUrl }}
+configDbUserName: {{ .Values.config.configDbUserName }}
+configDbPassword: {{ .Values.config.configDbPassword }}
+configDbGetCellListUrl: {{ .Values.config.configDbGetCellListUrl }}
+configDbGetNbrListUrl: {{ .Values.config.configDbGetNbrListUrl }}
+
+# Credentials for PCIHandler
+pciHMSUsername: {{ .Values.config.pciHMSUsername }}
+pciHMSPassword: {{ .Values.config.pciHMSPassword }}
+
+# Credentials for the OOF PCI Opt service
+osdfPCIOptUsername: {{ .Values.config.osdfPCIOptUsername }}
+osdfPCIOptPassword: {{ .Values.config.osdfPCIOptPassword }}
index ed64166..07f1ff4 100644 (file)
@@ -38,6 +38,10 @@ spec:
         - --container-name
         - pdp
         - --container-name
+        - aaf-service
+        - --container-name
+        - aaf-sms
+        - --container-name
         - oof-has-api
         env:
         - name: NAMESPACE
@@ -76,6 +80,9 @@ spec:
           - mountPath: /opt/app/config/osdf_config.yaml
             name: {{ include "common.fullname" . }}-config
             subPath: osdf_config.yaml
+          - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
+            name: {{ include "common.fullname" . }}-config
+            subPath: aaf_root_ca.cer
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -97,5 +104,7 @@ spec:
             items:
             - key: osdf_config.yaml
               path: osdf_config.yaml
+            - key: aaf_root_ca.cer
+              path: aaf_root_ca.cer
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
index c249f26..da69c42 100644 (file)
@@ -36,12 +36,15 @@ debugEnabled: false
 config:
   msbgateway: msb-iag
   msbPort: 80
-  # Credentials for the OOF placement service – SO.
-  osdfPlacementSOUsername: so_test
-  osdfPlacementSOPassword: so_testpwd
-  # Credentials for the OOF CM scheduling service – Generic.
-  osdfCMSchedulerUsername: test1
-  osdfCMSchedulerPassword: testpwd1
+  placementVersioningEnabled: False
+  # Placement API latest version numbers to be set in HTTP header
+  placementMajorVersion: "1"
+  placementMinorVersion: "0"
+  placementPatchVersion: "0"
+  # Placement API default version numbers to be set in HTTP header
+  placementDefaultMajorVersion: "1"
+  placementDefaultMinorVersion: "0"
+  placementDefaultPatchVersion: "0"
   # Credentials of the callback url for SO.
   soUsername: ""   # SO username for call back.
   soPassword: ""   # SO password for call back.
@@ -51,6 +54,8 @@ config:
   conductorPassword: plan.15
   conductorPingWaitTime: 60
   conductorMaxRetries: 30
+  # versions to be set in HTTP header
+  conductorMinorVersion: 0
   # Url and credentials for the Policy Platform
   policyPlatformUrl: http://pdp:8081/pdp/api/getConfig # Policy Dev platform URL
   policyPlatformEnv: TEST # Environment for policy platform
@@ -71,6 +76,38 @@ config:
   # Credentials for the placement service – Generic.
   osdfPlacementUsername: "test"
   osdfPlacementPassword: "testpwd"
+  # Credentials for the OOF placement service – SO.
+  osdfPlacementSOUsername: so_test
+  osdfPlacementSOPassword: so_testpwd
+  # Credentials for the OOF placement service - VFC
+  osdfPlacementVFCUsername: vfc_test
+  osdfPlacementVFCPassword: vfc_testpwd
+  # Credentials for the OOF CM scheduling service – Generic.
+  osdfCMSchedulerUsername: test1
+  osdfCMSchedulerPassword: testpwd1
+  #AAF Authentication
+  is_aaf_enabled: False
+  aaf_cache_expiry_hrs: 3
+  aaf_url: https://aaf-service:8100
+  aaf_user_roles:
+      - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL'
+  # Secret Management Service from AAF
+  aaf_sms_url: https://aaf-sms:10443
+  aaf_sms_timeout: 30
+  secret_domain: osdf
+  aaf_ca_certs: /opt/app/ssl_cert/aaf_root_ca.cer
+  # config db api
+  configDbUrl: http://config.db.url:8080
+  configDbUserName: osdf
+  configDbPassword: passwd
+  configDbGetCellListUrl: 'SDNCConfigDBAPI/getCellList'
+  configDbGetNbrListUrl: 'SDNCConfigDBAPI/getNbrList'
+  # Credentials for PCIHandler
+  pciHMSUsername: ""   # pcihandler username for call back.
+  pciHMSPassword: ""   # pcihandler password for call back.
+  # Credentials for the OOF PCI Opt service
+  osdfPCIOptUsername: pci_test
+  osdfPCIOptPassword: pci_testpwd
 # default number of instances
 replicaCount: 1
 nodeSelector: {}
index 9cf8a29..deb213e 100644 (file)
@@ -135,8 +135,8 @@ onap_application_name=
 
 #-----------------------ONAP-PORTAL-Properties----------------------
 
-ONAP_REDIRECT_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
-ONAP_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
+ONAP_REDIRECT_URL=https://portal-app.{{.Release.Namespace}}:30225/ONAPPORTAL/login.htm
+ONAP_REST_URL=https://portal-app:8443/ONAPPORTAL/auxapi
 ONAP_UEB_URL_LIST=
 ONAP_PORTAL_INBOX_NAME=
 ONAP_UEB_APP_KEY=
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore
deleted file mode 100644 (file)
index ff0f0d7..0000000
Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore and /dev/null differ
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks
new file mode 100644 (file)
index 0000000..4b7e115
Binary files /dev/null and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks differ
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12
new file mode 100644 (file)
index 0000000..df2f4f6
Binary files /dev/null and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 differ
index 09c2f84..c87e6c3 100644 (file)
@@ -89,7 +89,7 @@
        
         <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
                maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
-               keystoreFile="keystoreONAP.keystore" keystorePass="{{ .Values.global.keypass }}"
+               keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}" 
                clientAuth="false" sslProtocol="TLS" />
 
     <!-- Define an AJP 1.3 Connector on port 8009 -->
index d4ef698..28de588 100644 (file)
@@ -25,4 +25,3 @@ metadata:
 data:
 {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }}
index 3fc2741..fb9f35b 100644 (file)
@@ -59,11 +59,11 @@ spec:
           - name: javax.net.ssl.keyStore
             value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} 
           - name: javax.net.ssl.keyStorePassword
-            value: {{ .Values.global.keypass }}
+            value: {{ .Values.global.trustpass }}
           - name: javax.net.ssl.trustStore
             value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
           - name: javax.net.ssl.trustStorePassword
-            value: {{ .Values.global.keypass }}
+            value: {{ .Values.global.trustpass }}
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         - containerPort: {{ .Values.service.internalPort2 }}
@@ -106,10 +106,10 @@ spec:
         - name: properties-onapportal
           mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
           subPath: server.xml
-        - name: properties-onapportal
+        - name: authz-onapportal
           mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}"
           subPath: {{ .Values.global.keystoreFile}}
-        - name: properties-onapportal
+        - name: authz-onapportal
           mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}"
           subPath: {{ .Values.global.truststoreFile}}          
         - name: var-log-onap
@@ -143,6 +143,9 @@ spec:
           configMap:
             name: {{ include "common.fullname" . }}-onapportal
             defaultMode: 0755
+        - name: authz-onapportal
+          secret:
+            secretName: {{ include "common.fullname" . }}-authz-onapportal
         - name: filebeat-conf
           configMap:
             name: portal-filebeat
diff --git a/kubernetes/portal/charts/portal-app/templates/secret.yaml b/kubernetes/portal/charts/portal-app/templates/secret.yaml
new file mode 100644 (file)
index 0000000..18f85c1
--- /dev/null
@@ -0,0 +1,27 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-authz-onapportal
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
index 1dcf0d8..6b9e8a9 100644 (file)
@@ -1,41 +1,41 @@
-/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*/
-
-USE portal;
-/*
-Any updates required by OOM to the portaldb are made here.
-1. split up SDC-FE and SDC-BE.  Originally both FE and BE point to the same IP
-while the OOM K8s version has these service split up.
-*/
--- app_url is the FE, app_rest_endpoint is the BE
---portal-sdk => TODO: doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';
---dmaap-bc => the dmaap-bc doesn't open a node port..
-update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
---sdc-be => 8443:30204, 8080:30205
---sdc-fe => 8181:30206, 9443:30207
-update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';
---pap => 8443:30219
-update fn_app set app_url = 'http://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'http://pap:8443/onap/api/v2' where app_name = 'Policy';
---vid => 8080:30200
-update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';
---sparky => TODO: sparky doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
---cli => 8080:30260
-update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
---msb-discovery => 10081:30281  this is clearly incorrect
-update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';
+/*\r
+# Copyright © 2018 Amdocs, Bell Canada, AT&T\r
+#\r
+# Licensed under the Apache License, Version 2.0 (the "License");\r
+# you may not use this file except in compliance with the License.\r
+# You may obtain a copy of the License at\r
+#\r
+#       http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing, software\r
+# distributed under the License is distributed on an "AS IS" BASIS,\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+# See the License for the specific language governing permissions and\r
+# limitations under the License.\r
+\r
+*/\r
+\r
+USE portal;\r
+/*\r
+Any updates required by OOM to the portaldb are made here.\r
+1. split up SDC-FE and SDC-BE.  Originally both FE and BE point to the same IP\r
+while the OOM K8s version has these service split up.\r
+*/\r
+-- app_url is the FE, app_rest_endpoint is the BE\r
+--portal-sdk => TODO: doesn't open a node port yet\r
+update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';\r
+--dmaap-bc => the dmaap-bc doesn't open a node port..\r
+update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';\r
+--sdc-be => 8443:30204, 8080:30205\r
+--sdc-fe => 8181:30206, 9443:30207\r
+update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';\r
+--pap => 8443:30219\r
+update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v2' where app_name = 'Policy';\r
+--vid => 8080:30200\r
+update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';\r
+--sparky => TODO: sparky doesn't open a node port yet\r
+update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';\r
+--cli => 8080:30260\r
+update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';\r
+--msb-discovery => 10081:30281  this is clearly incorrect\r
+update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';\r
index ecb7d5e..14d3509 100644 (file)
@@ -20,9 +20,10 @@ global:
   portalPort: "8989"
   # application's front end hostname.  Must be resolvable on the client side environment
   portalHostName: "portal.api.simpledemo.onap.org"
-  keystoreFile: "keystoreONAP.keystore"
-  truststoreFile: "keystoreONAPall.jks"
-  keypass: "changeit"
+  keystoreFile: "keystoreONAPPortal.p12"
+  truststoreFile: "truststoreONAPall.jks"
+  keypass: ",@{9!OOv%HO@#c+0Z}axu!xV"
+  trustpass: "changeit"
 
 config:
   logstashServiceName: log-ls
index ad09e44..f459e9d 100644 (file)
@@ -37,8 +37,8 @@ GLOBAL_ASDC_BE_ONBOARD_PORT = "8081"
 GLOBAL_ASDC_BE_USERNAME = "beep"
 GLOBAL_ASDC_BE_PASSWORD = "boop"
 # clamp info - everything is from the private oam network (also called onap private network)
-GLOBAL_CLAMP_SERVER_PROTOCOL = "http"
-GLOBAL_CLAMP_SERVER_PORT = "8080"
+GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
+GLOBAL_CLAMP_SERVER_PORT = "8443"
 # nbi info - everything is from the private oam network (also called onap private network)
 GLOBAL_NBI_SERVER_PROTOCOL = "http"
 GLOBAL_NBI_SERVER_PORT = "8080"
@@ -147,4 +147,3 @@ GLOBAL_PROXY_WARNING_CONTINUE_XPATH=""
 GLOBAL_DNS_TRAFFIC_DURATION = "600"
 # location where heat templates are loaded from
 GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat"
-
index fb92057..7fb9885 100755 (executable)
@@ -112,14 +112,14 @@ resources:
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 180
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 10
+  initialDelaySeconds: 180
   periodSeconds: 10
 
 service:
index eb17d09..3a6b5a0 100644 (file)
 # Configuration file for SDNC Controller Module
 #
 
-org.onap.ccsdk.features.rest.adaptors.envtype=solo
+org.onap.ccsdk.features.blueprints.adaptors.envtype=solo
 
 # Config Generator Microservices
-org.onap.ccsdk.features.rest.adaptors.modelservice.type=generic
-org.onap.ccsdk.features.rest.adaptors.modelservice.enable=true
-org.onap.ccsdk.features.rest.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
-org.onap.ccsdk.features.rest.adaptors.modelservice.user=ccsdkapps
-org.onap.ccsdk.features.rest.adaptors.modelservice.passwd=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.type=generic
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.enable=true
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=ccsdkapps
 
 # Generic RESTCONF Adaptor
-org.onap.ccsdk.features.rest.adaptors.restconf.type=generic
-org.onap.ccsdk.features.rest.adaptors.restconf.enable=true
-org.onap.ccsdk.features.rest.adaptors.restconf.user=admin
-org.onap.ccsdk.features.rest.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
-org.onap.ccsdk.features.rest.adaptors.restconf.url=http://sdnc:8282/restconf/
+org.onap.ccsdk.features.blueprints.adaptors.restconf.type=generic
+org.onap.ccsdk.features.blueprints.adaptors.restconf.enable=true
+org.onap.ccsdk.features.blueprints.adaptors.restconf.user=admin
+org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
+org.onap.ccsdk.features.blueprints.adaptors.restconf.url=http://sdnc:8282/restconf/
index 1e74daa..19c6028 100755 (executable)
@@ -59,21 +59,21 @@ mso:
       auth: 33293332AEC4930F655D8E2E8BB08937
       password: B8EBDE0311F0AF355CF3F2FD505A8CAD
     sdnc:
-      endpoint: http://mso-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter
+      endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter
       rest:
-        endpoint: http://mso-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc
+        endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc
       timeout: PT60S
     tenant:
       endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/TenantAdapter
     vnf:
       endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAdapter
       rest:
-        endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/vnfs/v1/vnfs
+        endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/vnfs
     volume-groups:
       rest:
         endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}g:8087/services/rest/v1/volume-groups
     vnf-async:
-      endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsyncAdapter
+      endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsync
   bpmn:
     process:
       historyTimeToLive: '30'
@@ -212,13 +212,13 @@ mso:
       callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
     vnfadapter:
       create:
-        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
       delete:
-        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
       query:
-        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
       rollback:
-        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+        callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
   global:
     dmaap:
       username: testuser
index 601cd49..bdf82b6 100755 (executable)
@@ -26,26 +26,6 @@ mso:
   db:
     auth: Basic YnBlbDpwYXNzd29yZDEk
 spring:
-  datasource:
-    url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
-    username: ${DB_USERNAME}
-    password: ${DB_PASSWORD}
-    driver-class-name: org.mariadb.jdbc.Driver
-    initialize: false
-    initialization-mode: never
-    dbcp2:
-      initial-size: 5
-      max-total: 20
-      validation-query: select 1
-      test-on-borrow: true
-  jpa:
-    generate-ddl: false
-    show-sql: false
-    hibernate:
-      ddl-auto: validate
-      naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
-      enable-lazy-load-no-trans: true
-    database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
   security:
     usercredentials:
     -
@@ -59,8 +39,3 @@ spring:
 #Actuator
 management:
   context-path: /manage
-flyway:
-  baseline-on-migrate: true
-  url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
-  username: ${DB_USERNAME}
-  password: ${DB_PASSWORD}
diff --git a/kubernetes/so/charts/so-monitoring/Chart.yaml b/kubernetes/so/charts/so-monitoring/Chart.yaml
new file mode 100644 (file)
index 0000000..f46d9f7
--- /dev/null
@@ -0,0 +1,22 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+#  @author: gareth.roper@ericsson.com
+apiVersion: v1
+description: A Helm chart for ONAP Service Orchestration Monitoring
+name: so-monitoring
+version: 3.0.0
\ No newline at end of file
diff --git a/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml
new file mode 100644 (file)
index 0000000..c7e958c
--- /dev/null
@@ -0,0 +1,17 @@
+server:
+  port: 8088
+  tomcat:
+    max-threads: 50
+ssl-enable: false
+camunda:
+  rest:
+    api:
+      url: http://bpmn-infra.{{ include "common.namespace" . }}:8081/engine-rest/engine/
+      engine: default
+      auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
+mso:
+  database:
+    rest:
+      api:
+        url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/
+        auth: Basic YnBlbDpwYXNzd29yZDEk
diff --git a/kubernetes/so/charts/so-monitoring/templates/configmap.yaml b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml
new file mode 100644 (file)
index 0000000..489d5f4
--- /dev/null
@@ -0,0 +1,44 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+#  @author: gareth.roper@ericsson.com
+apiVersion: v1
+data:
+  LOG_PATH: {{ index .Values.logPath }}
+  APP: {{ index .Values.app }}
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-configmap
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-app-configmap
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/charts/so-monitoring/templates/deployment.yaml b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml
new file mode 100644 (file)
index 0000000..e11e404
--- /dev/null
@@ -0,0 +1,123 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+#  @author: gareth.roper@ericsson.com
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.fullname" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+spec:
+  replicas: {{ index .Values.replicaCount }}
+  minReadySeconds: {{ index .Values.minReadySeconds }}
+  strategy:
+    type: {{ index .Values.updateStrategy.type }}
+    rollingUpdate:
+      maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+      maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - name: so-chown
+        image: alpine:3.6
+        volumeMounts:
+        - name: logs
+          mountPath: /app/logs
+        imagePullPolicy: {{ index .Values.pullPolicy }}
+        command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"]
+      restartPolicy: Always
+      containers:
+      - name: {{ include "common.name" . }}
+        image: {{ include "common.repository" . }}/{{ .Values.image }}
+        resources:
+{{ include "common.resources" . | indent 12 }}
+        env:
+        - name: DB_HOST
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-db-secrets
+              key: mariadb.readwrite.host
+        - name: DB_PORT
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-db-secrets
+              key: mariadb.readwrite.port
+        - name: DB_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-db-secrets
+              key: mariadb.readwrite.rolename
+        - name: DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-db-secrets
+              key: mariadb.readwrite.password
+        - name: DB_ADMIN_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-db-secrets
+              key: mariadb.admin.rolename
+        - name: DB_ADMIN_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-db-secrets
+              key: mariadb.admin.password
+        envFrom:
+        - configMapRef:
+            name: {{ include "common.fullname" . }}-configmap
+        imagePullPolicy:  {{ index .Values "global" "pullPolicy" }}
+        volumeMounts:
+        - name: logs
+          mountPath: /app/logs
+        - name: config
+          mountPath: /app/config
+          readOnly: true
+        readinessProbe:
+          tcpSocket:
+            port: {{ index .Values.readinessProbe.port }}
+          initialDelaySeconds: {{ index .Values.readinessProbe.initialDelaySeconds}}
+          periodSeconds: {{ index .Values.readinessProbe.periodSeconds}}
+        livenessProbe:
+          tcpSocket:
+            port: {{ index .Values.livenessProbe.port }}
+          initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
+          periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
+          successThreshold: {{ index .Values.livenessProbe.successThreshold}}
+          failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
+
+        ports:
+        - containerPort: {{ index .Values.containerPort }}
+          name: {{ .Values.service.portName }}
+          protocol: TCP
+      volumes:
+      - name: logs
+        emptyDir: {}
+      - name: config
+        configMap:
+            name: {{ include "common.fullname" . }}-app-configmap
+      imagePullSecrets:
+        - name: "{{ include "common.namespace" . }}-docker-registry-key"
+
+
diff --git a/kubernetes/so/charts/so-monitoring/templates/service.yaml b/kubernetes/so/charts/so-monitoring/templates/service.yaml
new file mode 100644 (file)
index 0000000..053af9b
--- /dev/null
@@ -0,0 +1,45 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+#  @author: gareth.roper@ericsson.com
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.internalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.portName }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.portName }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+
+
diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml
new file mode 100644 (file)
index 0000000..79170eb
--- /dev/null
@@ -0,0 +1,70 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+#  @author: gareth.roper@ericsson.com
+image: onap/so/so-monitoring:latest
+pullPolicy: IfNotPresent
+replicaCount: 1
+minReadySeconds: 10
+containerPort: 9091
+logPath: app/logs/
+app: so-monitoring
+service:
+    type: ClusterIP
+    internalPort: 9091
+    externalPort: 9091
+    portName: so-monitor-port
+updateStrategy:
+    type: RollingUpdate
+    maxUnavailable: 1
+    maxSurge: 1
+# Resource Limit flavor -By Default using small
+flavor: small
+#Segregation for different environment (Small or large)
+resources:
+    small:
+        requests:
+            memory: 1Gi
+            cpu: 10m
+        limits:
+            memory: 4Gi
+            cpu: 1
+    large:
+        requests:
+            memory: 2Gi
+            cpu: 20m
+        limits:
+            memory: 8Gi
+            cpu: 2
+readinessProbe:
+    port: 9091
+    initialDelaySeconds: 20
+    periodSeconds: 10
+    timeoutSeconds: 10
+livenessProbe:
+    port: 9091
+    initialDelaySeconds: 40
+    periodSeconds: 10
+    timeoutSeconds: 10
+    successThreshold: 1
+    failureThreshold: 3
+ingress:
+  enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}
+
index c0f7851..f7e9e47 100755 (executable)
@@ -16,8 +16,8 @@ server:
 spring:
   datasource:
     url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
-    username: ${DB_USERNAME}
-    password: ${DB_PASSWORD}
+    username: ${DB_ADMIN_USERNAME}
+    password: ${DB_ADMIN_PASSWORD}
     driver-class-name: org.mariadb.jdbc.Driver
     dbcp2:
       initial-size: 5
@@ -112,11 +112,20 @@ cloud_config:
       identity_url: "https://identity.api.rackspacecloud.com/v2.0"
       mso_id: "RACKSPACE_ACCOUNT_ID"
       mso_pass: "RACKSPACE_ACCOUNT_APIKEY"
-      admin_tenant: "service"
+      admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
       member_role: "admin"
       tenant_metadata: true
       identity_server_type: "KEYSTONE"
       identity_authentication_type: "RACKSPACE_APIKEY"
+    DEFAULT_KEYSTONE:
+      identity_url: "{{ .Values.config.openStackKeyStoneUrl }}"
+      mso_id: "{{ .Values.config.openStackUserName }}"
+      mso_pass: "{{ .Values.config.openStackEncryptedPasswordHere }}"
+      admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
+      member_role: "admin"
+      tenant_metadata: true
+      identity_server_type: "KEYSTONE"
+      identity_authentication_type: "USERNAME_PASSWORD"
   cloud_sites:
     Dallas:
       region_id: "DFW"
@@ -133,8 +142,13 @@ cloud_config:
       clli: "ORD"
       aic_version: "2.5"
       identity_service_id: "RAX_KEYSTONE"
+    RegionOne:
+      region_id: "RegionOne"
+      clli: "RegionOne"
+      aic_version: "2.5"
+      identity_service_id: "DEFAULT_KEYSTONE"
     DEFAULT:
-      region_id: "DFW"
-      clli: "DFW"
+      region_id: "{{ .Values.config.openStackRegion }}"
+      clli: "{{ .Values.config.openStackRegion }}"
       aic_version: "2.5"
-      identity_service_id: "RAX_KEYSTONE"
+      identity_service_id: "DEFAULT_KEYSTONE"
index 867e599..f30de27 100755 (executable)
@@ -57,6 +57,13 @@ livenessProbe:
     failureThreshold: 3
 ingress:
   enabled: false
+config:
+  openStackUserName: "vnf_user"
+  openStackRegion: "RegionOne"
+  openStackKeyStoneUrl: "http://1.2.3.4:5000/v2.0"
+  openStackServiceTenantName: "service"
+  openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
+  openStackTenantId: "d570c718cbc545029f40e50b75eb13df"
 nodeSelector: {}
 tolerations: []
 affinity: {}
index 9ea0237..6159880 100755 (executable)
@@ -118,15 +118,15 @@ org:
                     myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify
                     rest:
                         bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
-                    sdncauth: 406B2AE613211B6FB52466DE6E1769AC
+                    sdncauth: 263f7d5f944d4d0c76db74b4148bec67d0bc796a874bc0d2a2a12aae89a866aa69133f700f391f784719a37f6a68d29bf5a2fbae1dab0402db7788c800c5ba73
                     sdncconnecttime: 5000
-                    sdncurl10: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
-                    sdncurl11: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
-                    sdncurl12: http://sdnc.{{ include "common.namespace" . }}:8282/
-                    sdncurl5: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config
-                    sdncurl6: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
-                    sdncurl8: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
-                    sdncurl9: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation
+                    sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
+                    sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
+                    sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
+                    sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
+                    sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
+                    sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
+                    sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
                     service:
                         infra:
                             service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1
index b9b9016..067b3c5 100644 (file)
@@ -53,6 +53,17 @@ postgres:
     pgPrimaryPassword: postgres
     pgUserPassword: postgres
     pgRootPassword: postgres
+  pgpool:
+    nameOverride: vnfsdk-pgpool
+    service:
+      name: vnfsdk-pgpool
+    credentials:
+      pgusername: postgres
+      pgpassword: postgres
+    container:
+      name:
+        primary: pgpool-primary
+        replica: pgpool-replica
 
 # flag to enable debugging - application support required
 debugEnabled: false