From: James MacNider Date: Wed, 10 Apr 2019 13:00:00 +0000 (+0000) Subject: Merge "expose ansible container on nfs mount" X-Git-Tag: 4.0.0-ONAP~248 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=0a963269106eeee84f48bcb2bb7c64449a43d3c6;hp=0fc907668d782e8726ac55e6f666cfe7035e0ad8;p=oom.git Merge "expose ansible container on nfs mount" --- diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 8e7ea29300..28b46c24e1 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -67,11 +67,11 @@ readiness: periodSeconds: 30 service: - type: NodePort + type: ClusterIP name: aaf-sms portName: aaf-sms internalPort: 10443 - nodePort: 43 + externalPort: 10443 persistence: enabled: true diff --git a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json index c67b3e2f97..a6fe82fb70 100644 --- a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json +++ b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json @@ -8,92 +8,128 @@ { "type": "SERVICE", "name": "service-instance", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "46b92144-923a-4d20-b85a-3cbd847668a9", + "modelInvariantId": "82194af1-3c2c-485a-8f44-420e22a9eaa4" }, { "type": "VF", "name": "generic-vnf", - "deleteFlag": false + "deleteFlag": true, + "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9", + "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c" }, { "type": "VFC", "name": "vnfc", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "5761e0a7-c6df-4d8a-9ebd-b8f445054dec", + "modelInvariantId": "96129eb9-f0de-4e05-8af2-73146473f766" }, { "type": "VSERVER", "name": "vserver", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "8ecb2c5d-7176-4317-a255-26274edfdd53", + "modelInvariantId": "ff69d4e0-a8e8-4108-bdb0-dd63217e63c7" }, { "type": "VOLUME", "name": "volume", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "0fbe2e8f-4d91-4415-a772-88387049b38d", + "modelInvariantId": "ddd739b4-2b25-46c4-affc-41a32af5cc42" }, { "type": "FLAVOR", "name": "flavor", - "deleteFlag": false + "deleteFlag": false, + "modelVersionId": "36200fb5-f251-4f5d-a520-7c5ad5c2cd4b", + "modelInvariantId": "bace8d1c-a261-4041-9e37-823117415d0f" }, { "type": "TENANT", "name": "tenant", - "deleteFlag": false + "deleteFlag": false, + "modelVersionId": "abcc54bc-bb74-49dc-9043-7f7171707545", + "modelInvariantId": "97c26c99-6870-44c1-8a07-1d900d3f4ce6" }, { "type": "VOLUME_GROUP", "name": "volume-group", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "99d44c90-1f61-4418-b9a6-56586bf38c79", + "modelInvariantId": "fcec1b02-b2d0-4834-aef8-d71be04717dd" }, { "type": "LINT", "name": "l-interface", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "a32613fd-18b9-459e-aab8-fffb3912966a", + "modelInvariantId": "cea0a982-8d55-4093-921e-418fbccf7060" }, { "type": "L3_NET", "name": "l3-network", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "9111f20f-e680-4001-b83f-19a2fc23bfc1", + "modelInvariantId": "3d560d81-57d0-438b-a2a1-5334dba0651a" }, { "type": "VFMODULE", "name": "vf-module", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "c00563ae-812b-4e62-8330-7c4d0f47088a", + "modelInvariantId": "ef86f9c5-2165-44f3-8fc3-96018b609ea5" }, { "type": "IMAGE", "name": "image", - "deleteFlag": false + "deleteFlag": false, + "modelVersionId": "f6a038c2-820c-42ba-8c2b-375e24e8f932", + "modelInvariantId": "3f4c7204-739b-4bbb-87a7-8a6856439c90" }, { "type": "OAM_NETWORK", "name": "oam-network", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79", + "modelInvariantId": "2851cf01-9c40-4064-87d4-6184a6fcff35" }, { "type": "ALLOTTED_RESOURCE", "name": "allotted-resource", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "7ad0915f-25c0-4a70-b9bc-185a75f87564", + "modelInvariantId": "f6d6a23d-a1a9-48ff-8419-b6530da2d381" }, { "type": "TUNNEL_XCONNECT", "name": "tunnel-xconnect", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5", + "modelInvariantId": "50b9e2fa-005c-4bbe-b651-3251dece4cd8" }, { "type": "CONFIGURATION", "name": "configuration", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "5a175add-57e4-4a5d-8b02-c36f1d69c52b", + "modelInvariantId": "166c050d-f69d-4305-943e-0bc58c3a26cf" }, { "type": "CR", "name": "cr", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "3f908abc-3a15-40d0-b674-2a639e52884d", + "modelInvariantId": "8bac3599-9a1c-4b7f-80e5-c1838f744c23" }, { "type": "INSTANCE_GROUP", "name": "instance-group", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "8e6ee9dc-9017-444a-83b3-219edb018128", + "modelInvariantId": "3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd" } ], "widgetMappings": [ diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml index b35171ecd6..331786cf18 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/aai/charts/aai-champ/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image -image: onap/champ:1.3.0 +image: onap/champ:1.4-STAGING-latest flavor: small diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml index 3fefe1690d..9172b71e8d 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -37,19 +37,19 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) NOT FREE FOR COMMERCIAL +# kerberos (challenging) # clientcert (not challenging, needs https) -# jwt (not challenging) NOT FREE FOR COMMERCIAL +# jwt (not challenging) # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # Authz -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # noop searchguard: @@ -59,7 +59,7 @@ searchguard: # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn #kibana: - # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE + # Kibana multitenancy # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki #multitenancy_enabled: true @@ -85,7 +85,7 @@ searchguard: transport_enabled: false order: 6 http_authenticator: - type: kerberos # NOT FREE FOR COMMERCIAL USE + type: kerberos challenge: true config: # If true a lot of kerberos/security related debugging output will be logged to standard out @@ -150,7 +150,7 @@ searchguard: challenge: false authentication_backend: # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -176,7 +176,7 @@ searchguard: transport_enabled: false authorization_backend: # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -217,5 +217,5 @@ searchguard: roles_from_another_ldap: enabled: false authorization_backend: - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap #config goes here ... diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 index 023e2eaac6..5737e48796 100644 Binary files a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 and b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props index 78e4e71dc6..59593a501a 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc: +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml index 0a46c48717..9fe4c17cc9 100644 --- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml @@ -81,6 +81,28 @@ spec: "visualRange": "1", "path": "/aai/v14/cloud-infrastructure" }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/cloud-infrastructure" + }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/cloud-infrastructure" + }, { "serviceName": "_aai-business", "version": "v11", @@ -125,6 +147,28 @@ spec: "visualRange": "1", "path": "/aai/v14/business" }, + { + "serviceName": "_aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/business" + }, + { + "serviceName": "_aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/business" + }, { "serviceName": "_aai-actions", "version": "v11", @@ -169,6 +213,28 @@ spec: "visualRange": "1", "path": "/aai/v14/actions" }, + { + "serviceName": "_aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/actions" + }, + { + "serviceName": "_aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/actions" + }, { "serviceName": "_aai-service-design-and-creation", "version": "v11", @@ -212,6 +278,28 @@ spec: "lb_policy":"ip_hash", "visualRange": "1", "path": "/aai/v14/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/service-design-and-creation" }, { "serviceName": "_aai-network", @@ -257,6 +345,28 @@ spec: "visualRange": "1", "path": "/aai/v14/network" }, + { + "serviceName": "_aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/network" + }, + { + "serviceName": "_aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/network" + }, { "serviceName": "_aai-externalSystem", "version": "v11", @@ -301,6 +411,28 @@ spec: "visualRange": "1", "path": "/aai/v14/external-system" }, + { + "serviceName": "_aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/external-system" + }, + { + "serviceName": "_aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/external-system" + }, { "serviceName": "aai-cloudInfrastructure", "version": "v11", @@ -341,6 +473,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-business", "version": "v11", @@ -381,6 +533,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-actions", "version": "v11", @@ -421,6 +593,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-service-design-and-creation", "version": "v11", @@ -461,6 +653,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-network", "version": "v11", @@ -501,6 +713,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-externalSystem", "version": "v11", @@ -540,6 +772,26 @@ spec: "enable_ssl": true, "lb_policy":"ip_hash", "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" } ]' spec: diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 index 023e2eaac6..5737e48796 100644 Binary files a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 and b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props index 7cb0d492ce..0f27dbdd76 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc: +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml index 4f97f4a2c3..be4b863195 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml @@ -81,6 +81,28 @@ spec: "visualRange": "1", "path": "/aai/v14/search/generic-query" }, + { + "serviceName": "_aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/generic-query" + }, + { + "serviceName": "_aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/generic-query" + }, { "serviceName": "_aai-nodes-query", "version": "v11", @@ -125,6 +147,28 @@ spec: "visualRange": "1", "path": "/aai/v14/search/nodes-query" }, + { + "serviceName": "_aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/nodes-query" + }, + { + "serviceName": "_aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/nodes-query" + }, { "serviceName": "_aai-query", "version": "v11", @@ -169,6 +213,28 @@ spec: "visualRange": "1", "path": "/aai/v14/query" }, + { + "serviceName": "_aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/query" + }, + { + "serviceName": "_aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/query" + }, { "serviceName": "_aai-named-query", "url": "/aai/search", @@ -219,6 +285,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-nodes-query", "version": "v11", @@ -259,6 +345,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-query", "version": "v11", @@ -299,6 +405,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-named-query", "url": "/aai/search", diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore index 83cae95273..d50b33ed93 100644 Binary files a/kubernetes/aai/resources/config/aai/aai_keystore and b/kubernetes/aai/resources/config/aai/aai_keystore differ diff --git a/kubernetes/aai/resources/config/haproxy/aai.pem b/kubernetes/aai/resources/config/haproxy/aai.pem new file mode 100644 index 0000000000..e6dfd6a63d --- /dev/null +++ b/kubernetes/aai/resources/config/haproxy/aai.pem @@ -0,0 +1,82 @@ +-----BEGIN CERTIFICATE----- +MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow +azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ +YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx +CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj +PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr +qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ +XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY +yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM +r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl +ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E +BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN +MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN +MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS +Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh +cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs +YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2 +ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h +cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh +aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y +ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh +UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO +N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s +fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy +3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt +ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI +tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ +V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o +gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2 +J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6 +DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp +N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ +b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N +4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs +eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM +86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j +MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E +TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl +gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB +A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP +DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g +b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif +w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L +QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi +XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI +gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9 +71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J +lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9 +7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk +vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk= +-----END RSA PRIVATE KEY----- diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 17680a0b96..8c107303ac 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -70,6 +70,9 @@ spec: subPath: haproxy.cfg {{ end }} name: haproxy-cfg + - mountPath: /etc/ssl/private/aai.pem + name: aai-pem + subPath: aai.pem ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -121,5 +124,8 @@ spec: - name: haproxy-cfg configMap: name: aai-deployment-configmap + - name: aai-pem + secret: + secretName: aai-haproxy-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cds/charts/blueprints-processor/requirements.yaml b/kubernetes/cds/charts/blueprints-processor/requirements.yaml index 1d06a389a8..9f92507a99 100755 --- a/kubernetes/cds/charts/blueprints-processor/requirements.yaml +++ b/kubernetes/cds/charts/blueprints-processor/requirements.yaml @@ -13,9 +13,6 @@ # limitations under the License. dependencies: - - name: mariadb-galera - version: ~4.x-0 - repository: file://../mariadb-galera/ - name: common version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties index 9d1c957b8f..c25176f971 100755 --- a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties @@ -11,18 +11,23 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -#logging.level.web=DEBUG -appName={{.Values.config.applicationName}} -ms_name={{.Values.config.msName}} -appVersion={{.Values.config.bundleVersion}} -blueprintsprocessor.grpcEnable={{.Values.config.grpcEnabled}} -blueprintsprocessor.httpPort={{.Values.service.http.internalPort}} -blueprintsprocessor.grpcPort={{.Values.service.grpc.internalPort}} -#Blueprint Processor File Execution and Handling Properties + +# Functionality config +blueprintsprocessor.grpcEnable=true +blueprintsprocessor.restconfEnabled=true +blueprintsprocessor.httpPort=8080 +blueprintsprocessor.grpcPort=9111 + +# Basic Authentication +security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu +security.user.name: ccsdkapps + +# Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive -#Primary Database Configuration -blueprintsprocessor.db.primary.url=jdbc:mysql://blueprints-processor-db:3306/sdnctl + +# Primary Database Configuration +blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl blueprintsprocessor.db.primary.username=sdnctl blueprintsprocessor.db.primary.password=sdnctl blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver @@ -30,5 +35,13 @@ blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update blueprintsprocessor.db.primary.hibernateDDLAuto=update blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect -# Web server config -server.port=8080 \ No newline at end of file + +# Python executor +blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints +blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf + +# SDN-C's ODL Restconf Connection Details +blueprintsprocessor.restclient.sdncodl.type=basic-auth +blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/ +blueprintsprocessor.restclient.sdncodl.username=admin +blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U \ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml index 5629913826..876f24937d 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: - /root/ready.py args: - --container-name - - {{ index .Values "mariadb-galera" "nameOverride" }} + - cds-db env: - name: NAMESPACE valueFrom: @@ -64,6 +64,9 @@ spec: httpGet: path: /api/v1/execution-service/ping port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} @@ -71,6 +74,9 @@ spec: httpGet: path: /api/v1/execution-service/ping port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} volumeMounts: diff --git a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml b/kubernetes/cds/charts/blueprints-processor/templates/service.yaml index 4c1c32c1ed..5c8bc8cc0d 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/charts/blueprints-processor/templates/service.yaml @@ -31,15 +31,13 @@ spec: {{- if eq .Values.service.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} - name: {{ .Values.service.portName | default "http" }} - {{- if .Values.config.grpcEnabled}} + name: {{ .Values.service.http.portName | default "http" }} - port: {{ .Values.service.grpc.externalPort }} targetPort: {{ .Values.service.grpc.internalPort }} {{- if eq .Values.service.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} - name: {{ .Values.service.portName | default "http" }} - {{- end}} + name: {{ .Values.service.grpc.portName | default "grpc" }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/values.yaml b/kubernetes/cds/charts/blueprints-processor/values.yaml index 2edcc8a4ec..10169d5dc7 100755 --- a/kubernetes/cds/charts/blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/blueprints-processor/values.yaml @@ -40,7 +40,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-blueprintsprocessor:0.4.1 +image: onap/ccsdk-blueprintsprocessor:0.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -48,28 +48,7 @@ debugEnabled: false # application configuration config: - applicationName: BlueprintsProcessor - msName: "org.onap.ccsdk.apps.blueprintsprocessor" - bundleVersion: "1.0.0" appConfigDir: /opt/app/onap/config - grpcEnabled: false - stickySelectorKey: - envContext: DEV - -mariadb-galera: - config: - userName: sdnctl - userPassword: sdnctl - mariadbRootPassword: sdnctl - mysqlDatabase: sdnctl - nameOverride: blueprints-processor-db - service: - name: blueprints-processor-db - portName: bp-db - replicaCount: 1 - persistence: - enabled: true - mountSubPath: blueprints-processor/data # default number of instances replicaCount: 1 @@ -92,11 +71,12 @@ readiness: service: type: ClusterIP - portName: blueprints-processor http: + portName: blueprints-processor-http internalPort: 8080 externalPort: 8080 grpc: + portName: blueprints-processor-grpc internalPort: 9111 externalPort: 9111 diff --git a/kubernetes/cds/charts/controller-blueprints/requirements.yaml b/kubernetes/cds/charts/controller-blueprints/requirements.yaml index cefe3d3bdf..857a963ada 100644 --- a/kubernetes/cds/charts/controller-blueprints/requirements.yaml +++ b/kubernetes/cds/charts/controller-blueprints/requirements.yaml @@ -13,9 +13,6 @@ # limitations under the License. dependencies: - - name: mariadb-galera - version: ~4.x-0 - repository: file://../mariadb-galera/ - name: common version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties b/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties index 7eec7f9115..80fdaf542e 100755 --- a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties +++ b/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties @@ -13,10 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# -appName=ControllerBluePrints -ms_name=org.onap.ccsdk.apps.controllerblueprints -appVersion=1.0.0 # Basic Authentication basic-auth.user-name=ccsdkapps @@ -26,20 +22,19 @@ logging.level.org.springframework.web=INFO logging.level.org.hibernate.SQL=warn logging.level.org.hibernate.type.descriptor.sql=debug -#To Remove Null in JSON API Response +# To Remove Null in JSON API Response spring.jackson.default-property-inclusion=non_null -#Swagger Configuration +# Swagger Configuration swagger.contact.name=CCSDK team swagger.contact.url=www.onap.org swagger.contact.email=onap-discuss@lists.onap.org +# DB information spring.jpa.properties.hibernate.show_sql=true spring.jpa.properties.hibernate.use_sql_comments=true spring.jpa.properties.hibernate.format_sql=true - -# spring.datasource.url, spring.datasource.username,spring.datasource.password may be overridden by ENV variables -spring.datasource.url=jdbc:mysql://controller-blueprints-db:3306/sdnctl +spring.datasource.url=jdbc:mysql://cds-db:3306/sdnctl spring.datasource.username=sdnctl spring.datasource.password=sdnctl spring.datasource.driver-class-name=org.mariadb.jdbc.Driver diff --git a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml b/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml index ef8b38fc10..4cd2e18090 100755 --- a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml +++ b/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - {{ index .Values "mariadb-galera" "nameOverride" }} + - cds-db env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/cds/charts/controller-blueprints/values.yaml b/kubernetes/cds/charts/controller-blueprints/values.yaml index 02b5685fa4..246aae482b 100755 --- a/kubernetes/cds/charts/controller-blueprints/values.yaml +++ b/kubernetes/cds/charts/controller-blueprints/values.yaml @@ -48,23 +48,6 @@ debugEnabled: false config: appConfigDir: /opt/app/onap/config initDataLoad: true - restUser: ccsdkapps - restPassword: ccsdkapps - -mariadb-galera: - config: - userName: sdnctl - userPassword: sdnctl - mariadbRootPassword: sdnctl - mysqlDatabase: sdnctl - nameOverride: controller-blueprints-db - service: - name: controller-blueprints-db - portName: cb-db - replicaCount: 1 - persistence: - enabled: true - mountSubPath: controller-blueprints/data # default number of instances replicaCount: 1 diff --git a/kubernetes/cds/requirements.yaml b/kubernetes/cds/requirements.yaml index d7b38dc0b1..51a4e3f9a1 100644 --- a/kubernetes/cds/requirements.yaml +++ b/kubernetes/cds/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~4.x-0 repository: '@local' + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index 3815d9af21..06b7cd1211 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -34,6 +34,20 @@ pullPolicy: Always # application configuration config: +mariadb-galera: + config: + userName: sdnctl + userPassword: sdnctl + mariadbRootPassword: sdnctl + mysqlDatabase: sdnctl + nameOverride: cds-db + service: + name: cds-db + portName: cds-db + replicaCount: 1 + persistence: + enabled: true + mountSubPath: cds/data # default number of instances replicaCount: 1 diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index 43920b3d65..f25e40bf2a 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,7 +32,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch-oss:6.1.3 +image: elasticsearch/elasticsearch-oss:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf index 317b428c77..b4b5071ba5 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -57,13 +57,13 @@ filter { drop { } } - if [http_request_failure] or [@metadata][code] != "200" { + if [http_request_failure] or [@metadata][code] != 200 { mutate { add_tag => [ "error" ] } } - if "dmaap_source" in [tags] { + if "dmaap_source" in [@metadata][request][tags] { # # Dmaap provides a json list, whose items are Strings containing the event # provided to Dmaap, which itself is an escaped json. @@ -76,14 +76,7 @@ filter { source => "[message]" target => "message" } - ruby { - code => " - for ev in event.get('message', []) - ev.set('@metadata', event.get('@metadata')) - end - " - } - + split { field => "message" } @@ -194,7 +187,7 @@ filter { } - if "error" not in [tags] { + if "error" not in [@metadata][request][tags]{ # # Creating data for a secondary index # @@ -203,7 +196,7 @@ filter { add_tag => [ "event-cl-aggs" ] } - if "event-cl-aggs" in [tags] { + if "event-cl-aggs" in [@metadata][request][tags]{ # # we only need a few fields for aggregations; remove all fields from clone except : # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure diff --git a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml index 0c1f3bccb2..dab2e44f5e 100644 --- a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml @@ -16,15 +16,14 @@ filebeat.prospectors: - input_type: log #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. paths: - - /var/log/ONAP/*/*/*/*.log - - /var/log/ONAP/*/*/*.log - - /var/log/ONAP/*/*.log + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive ignore_older: 48h # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit clean_inactive: 96h - # Name of the registry file. If a relative path is used, it is considered relative to the # data path. Else full qualified file name. #filebeat.registry_file: ${path.data}/registry diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json index 51f2acc8f5..7bc9ff090f 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json +++ b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json @@ -44,6 +44,20 @@ "interval": "15s", "timeout": "1s" }, + { + "id": "multicloud-starlingx", + "name": "Multicloud Starlingx Health Check", + "http": "http://multicloud-starlingx:9009/api/multicloud-starlingx/v0/swagger.json", + "method": "HEAD", + "header": { + "Cache-Control": ["no-cache"], + "Content-Type": ["application/json"], + "Accept": ["application/json"] + }, + "tls_skip_verify": true, + "interval": "15s", + "timeout": "1s" + }, { "id": "multicloud-vio", "name": "Multicloud Vio Health Check", diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh new file mode 100755 index 0000000000..cc71522f12 --- /dev/null +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -0,0 +1,355 @@ +#!/bin/bash +############################################################################# +# Copyright © 2019 Bell. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +############################################################################# +# +# This installation is for an RKE install of kubernetes +# after this run the standard oom install +# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host +# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment +# source from https://jira.onap.org/browse/OOM-1598 +# +# master/dublin +# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 +# single node install, HA pending + +usage() { +cat < cluster.yml <> /etc/hosts + echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" + curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh + sudo usermod -aG docker $USERNAME + + echo "Install RKE" + sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 + mv rke_linux-amd64 rke + sudo chmod +x rke + sudo mv ./rke /usr/local/bin/rke + + echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" + # ubuntu specific + sudo apt-get install make -y + + sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl + sudo chmod +x ./kubectl + sudo mv ./kubectl /usr/local/bin/kubectl + sudo mkdir ~/.kube + wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo mv linux-amd64/helm /usr/local/bin/helm + + echo "Bringing RKE up - using supplied cluster.yml" + sudo rke up + echo "wait 2 extra min for the cluster" + sleep 60 + echo "1 more min" + sleep 60 + echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" + sudo cp kube_config_cluster.yml ~/.kube/config + # avoid using sudo for kubectl + sudo chmod 777 ~/.kube/config + echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" + echo "kubectl get pods --all-namespaces" + kubectl get pods --all-namespaces + echo "install tiller/helm" + kubectl -n kube-system create serviceaccount tiller + kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + helm init --service-account tiller + kubectl -n kube-system rollout status deploy/tiller-deploy + echo "upgrade server side of helm in kubernetes" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "sleep 30" + sleep 30 + if [ "$USERNAME" == "root" ]; then + helm init --upgrade + else + sudo helm init --upgrade + fi + echo "sleep 30" + sleep 30 + echo "verify both versions are the same below" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "start helm server" + if [ "$USERNAME" == "root" ]; then + helm serve & + else + sudo helm serve & + fi + echo "sleep 30" + sleep 30 + echo "add local helm repo" + if [ "$USERNAME" == "root" ]; then + helm repo add local http://127.0.0.1:8879 + helm repo list + else + sudo helm repo add local http://127.0.0.1:8879 + sudo helm repo list + fi + echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" + echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" + echo "to get the nodeport for a specific VM running grafana" + echo "kubectl get services --all-namespaces | grep graf" + sudo docker version + helm version + kubectl version + kubectl get services --all-namespaces + kubectl get pods --all-namespaces + echo "finished!" +} + +BRANCH= +SERVER= +ENVIRON= +VALIDATE=false +USERNAME=ubuntu +SSHPATH_PREFIX=~/.ssh + +while getopts ":b:s:e:u:l:k:v" PARAM; do + case $PARAM in + u) + usage + exit 1 + ;; + b) + BRANCH=${OPTARG} + ;; + e) + ENVIRON=${OPTARG} + ;; + s) + SERVER=${OPTARG} + ;; + l) + USERNAME=${OPTARG} + ;; + k) + SSHKEY=${OPTARG} + ;; + v) + VALIDATE=${OPTARG} + ;; + ?) + usage + exit + ;; + esac +done + +if [[ -z $BRANCH ]]; then + usage + exit 1 +fi + +install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 3f2168b6af..51d31a355b 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -19,6 +19,7 @@ { "namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", "consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", + "default_k8s_location" : "{{ .Values.default_k8s_location }}", "image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"], "filebeat": { diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml new file mode 100644 index 0000000000..ff2c39261b --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml @@ -0,0 +1,32 @@ +#============LICENSE_START======================================================== +#================================================================================= +# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +{{ if .Values.componentImages.dashboard }} +dashboard_docker_image: {{ include "common.repository" . }}/{{ .Values.componentImages.dashboard }} +{{ end }} +external_port: {{ .Values.config.address.dashboard.port }} +external_tls_port: {{ .Values.config.address.dashboard.portSecure }} +database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }} +database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }} +database_name: "dashboard_pg" +cloudify_ip: {{ .Values.config.address.cm }} +cloudify_user: "admin" +cloudify_password: "admin" +consul_url: {{ .Values.config.address.consul.host }} +postgres_port: "5432" +replicas: 1 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml index e1ae791af8..aa2b9a3f18 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml @@ -19,3 +19,4 @@ {{ if .Values.componentImages.snmptrap }} tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.snmptrap }} {{ end }} +external_port: {{ .Values.config.address.snmptrap.port }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index 078af0cb75..69e7cb76de 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml @@ -20,6 +20,7 @@ tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} {{ end }} external_port : {{ .Values.config.address.ves.port }} +external_tls_port : {{ .Values.config.address.ves.portSecure }} ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 347e4a9620..2da7875137 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -21,6 +21,7 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -37,6 +38,9 @@ config: host: consul-server port: 8500 cm: dcae-cloudify-manager + dashboard: + port: 30418 + portSecure: 30419 datafile_collector: port: 30223 portSecure: 30262 @@ -46,8 +50,11 @@ config: msb_iag: msb-iag policy_pdp: pdp sdc: sdc-be + snmptrap: + port: 30470 ves: port: 30235 + portSecure: 30417 # redisCaching is a string not a boolean! redisCaching: "false" @@ -58,6 +65,7 @@ postgres: name: dcae-postgres name2: dcae-pg-primary name3: dcae-pg-replica + suffix: svc.cluster.local container: name: primary: dcae-pg-primary @@ -81,12 +89,13 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.9 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.10-STAGING-latest +default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1 + dashboard: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0-SNAPSHOT-latest holmes_rules: onap/holmes/rule-management:1.2.3 holmes_engine: onap/holmes/engine-management:1.2.2 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 5b541fb19d..3995bc6cba 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.1 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.2-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml index 088d381d50..794b896eef 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml @@ -30,7 +30,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.name }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml index f6da1ef06c..31d6a8b2fb 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -20,6 +20,7 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -60,10 +61,11 @@ readiness: path: /healthcheck service: - type: ClusterIP + type: NodePort name: config-binding-service externalPort: 10000 internalPort: 10000 + nodePort: 15 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml index fbd3d9973e..6a00d36f2c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 913cb714d6..97cd7d2482 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4-STAGING-latest # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml index 604f4ea6fa..c14614278c 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker @@ -46,7 +46,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0 +image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index faa19c6f4d..f15b9a12d1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: false +UseAAF: true # csit: stubs out some southbound APIs for csit csit: No @@ -198,10 +198,9 @@ KeyStoreType: jks KeyStoreFile: etc/keystore # password for the https keystore -KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ - +KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # password for the private key in the https keystore -KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ +KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # type of truststore for https TrustStoreType: jks @@ -210,8 +209,9 @@ TrustStoreType: jks TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks # password for the https truststore -TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; +TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* # path to the file used to trigger an orderly shutdown QuiesceFile: etc/SHUTDOWN +inHttpsPort: 0 diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml index 02ad199e45..ee24cfb548 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml @@ -26,9 +26,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "0" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 2d791df6c6..a7fc3d88db 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -30,7 +30,7 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-bc:1.1.1 +image: onap/dmaap/dmaap-bc:1.1.2 # application configuration diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties new file mode 100644 index 0000000000..90c413738c --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 2046dbfbf0..f2896ccafa 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -108,4 +108,22 @@ QuiesceFile=etc/SHUTDOWN # The key used to generate passwords for node to node transfers # NodeAuthKey=Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF URL to connect to AAF server +AafUrl = https://aaf-onap-test.osaaf.org:8095 +# +# AAF CADI enabled flag +CadiEnabled = false diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml index cae0d71672..a3882bcb38 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-node-props-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/node.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml index 79c47a10d8..096b51c094 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-2" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "60" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 3e0e69ecc2..ec31f3f750 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -73,14 +73,17 @@ spec: name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/dedicatedFeed.json + name: {{ include "common.fullname" . }}-create-feed-config subPath: dedicatedFeed.json - name: create-feed - mountPath: /opt/app/datartr/etc/createFeed.sh + name: {{ include "common.fullname" . }}-create-feed-config subPath: createFeed.sh - name: create-feed - mountPath: /opt/app/datartr/etc/node.properties + name: {{ include "common.fullname" . }}-config subPath: node.properties - name: node-props + - mountPath: /opt/app/datartr/etc/drNodeCadi.properties + name: {{ include "common.fullname" . }}-config + subPath: drNodeCadi.properties lifecycle: postStart: exec: @@ -114,13 +117,23 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: create-feed + - name: {{ include "common.fullname" . }}-create-feed-config configMap: name: {{ include "common.fullname" . }}-create-feed-configmap defaultMode: 0755 - - name: node-props + items: + - key: createFeed.sh + path: createFeed.sh + - key: dedicatedFeed.json + path: dedicatedFeed.json + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-node-props-configmap + name: {{ include "common.fullname" . }}-configmap + items: + - key: node.properties + path: node.properties + - key: drNodeCadi.properties + path: drNodeCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index f223026357..c6087e8852 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:2.0.1 +image: onap/dmaap/datarouter-node:2.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties new file mode 100644 index 0000000000..6a875146bd --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5 +cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5 +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%] + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index bb24d99dea..2b78b8eb2c 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -47,3 +47,20 @@ org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe + +# AAF URL to connect to AAF server +org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095 + diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json index 411d7f41e1..994f9c9845 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json @@ -1,5 +1,5 @@ { - "feedName": "Default PM Feed", + "feedName": "bulk_pm_feed", "feedVersion": "m1.1", "feedDescription": "Default feed provisioned for PM File collector", "asprClassification" : "unclassified", @@ -11,6 +11,21 @@ "userpwd": "dradmin" } - ] -} - + ], + "subs": [ + { + "dcaeLocationName": "san-francisco", + "deliveryURL": "https://dcae-pm-mapper:8443/delivery", + "feedId": "1", + "owner": "dcae-pm-mapper", + "status": "VALID", + "subId": "1", + "suspended": false, + "use100": true, + "username": "pmmapper", + "userpwd": "pmmapper", + "decompressData": true, + "privilegedSubscriber": true + } + ] +} \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml index bd5886ba9c..fe93cb0dcd 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-prov-props-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/provserver.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 573e90c35a..afd34d92bc 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -69,10 +69,13 @@ spec: name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties + name: {{ include "common.fullname" . }}-config subPath: provserver.properties - name: prov-props - - name: {{ include "common.fullname" . }}-logs - mountPath: {{ .Values.global.loggingDirectory }} + - mountPath: /opt/app/datartr/etc/drProvCadi.properties + name: {{ include "common.fullname" . }}-config + subPath: drProvCadi.properties + - mountPath: {{ .Values.global.loggingDirectory }} + name: {{ include "common.fullname" . }}-logs resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -99,9 +102,14 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: prov-props + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-prov-props-configmap + name: {{ include "common.fullname" . }}-configmap + items: + - key: provserver.properties + path: provserver.properties + - key: drProvCadi.properties + path: drProvCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index ceb9a04ce2..8a2cf692b8 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-3" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 9f08ad2958..3d65e911cf 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:2.0.1 +image: onap/dmaap/datarouter-prov:2.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml new file mode 100644 index 0000000000..0dabe55e10 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + clusterIP: None + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml index 88de96b2d5..8200eda6b1 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,24 +12,28 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} + name: {{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} + spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None + type: {{ $root.Values.service.type }} + externalTrafficPolicy: Local selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - + statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + ports: + - port: {{ $root.Values.service.externalPort }} + targetPort: {{ $root.Values.service.externalPort }} + nodePort: {{ $root.Values.service.baseNodePort | add $i }} + name: {{ $root.Values.service.name }}-{{ $i }} +{{ end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index f4583a16ea..cc8fd5a93c 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -34,7 +34,11 @@ spec: release: {{ .Release.Name }} spec: podAntiAffinity: + {{if eq .Values.podAntiAffinityType "hard" -}} + requiredDuringSchedulingIgnoredDuringExecution: + {{- else -}} preferredDuringSchedulingIgnoredDuringExecution: + {{- end}} - weight: 1 podAffinityTerm: labelSelector: @@ -70,10 +74,19 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ + export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + exec start-kafka.sh resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.externalPort }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -87,30 +100,31 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: HOST_NAME + - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 - fieldPath: metadata.name - - name: HOST_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + fieldPath: status.hostIP - name: KAFKA_ZOOKEEPER_CONNECT value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}" - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT" - - name: KAFKA_ADVERTISED_LISTENERS - value: "INTERNAL_PLAINTEXT://$(HOST_NAME).{{ .Values.service.name }}.$(HOST_NAMESPACE).svc.cluster.local:{{ .Values.service.internalPort}}" + value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT" - name: KAFKA_LISTENERS - value: "INTERNAL_PLAINTEXT://0.0.0.0:{{.Values.service.internalPort}}" + value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}" - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "INTERNAL_PLAINTEXT" + value: "INTERNAL_SASL_PLAINTEXT" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "PLAIN" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "PLAIN" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafkaCustomAuthorizer }}" + - name: KAFKA_DELETE_TOPIC_ENABLE + value: "{{ .Values.deleteTopicEnable }}" + - name: aaf_locate_url + value: "https://aaf-locate:8095" - name: KAFKA_LOG_DIRS value: "kafka/logs" - - name: BROKER_ID_COMMAND - value: "hostname | awk -F '-' '{print $NF}'" - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR value: "{{ .Values.replicaCount }}" - name: KAFKA_DEFAULT_REPLICATION_FACTOR diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index e719cb1ad4..5b83bb0a55 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/kafka01101:0.0.1 +image: onap/dmaap/kafka111:0.0.5 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -44,6 +44,13 @@ debugEnabled: false # default number of instances replicaCount: 3 +#Kafka custom authorizer class name +kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer +deleteTopicEnable: true + +# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count +podAntiAffinityType: soft + # defult partitions defaultpartitions: 3 @@ -55,6 +62,8 @@ affinity: {} tolerations: {} + + # probe configuration parameters liveness: initialDelaySeconds: 60 @@ -91,11 +100,14 @@ persistence: mountSubPath: message-router/data-kafka service: - type: ClusterIP + type: NodePort name: message-router-kafka portName: message-router-kafka internalPort: 9092 - externalPort: 9092 + externalPort: 9093 + baseNodePort: 30490 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml new file mode 100644 index 0000000000..1d0b7bea22 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Message Router Kafka Service +name: message-router-mirrormaker +version: 4.0.0 + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt new file mode 100644 index 0000000000..a44d0f76ee --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml new file mode 100644 index 0000000000..51c4149094 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ .Values.service.name }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-initcontainer + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.messagerouter.container }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + exec start-mirrormaker.sh + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/lprobe.txt" + - "rm /tmp/lprobe.txt" + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/rprobe.txt" + - "rm /tmp/rprobe.txt" + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: KAFKA_HEAP_OPTS + value: "{{ .Values.kafkaHeapOptions }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /var/run/docker.sock + name: docker-socket + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-socket + hostPath: + path: /var/run/docker.sock + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml new file mode 100644 index 0000000000..2fbd884ab8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -0,0 +1,98 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + ubuntuInitRepository: registry.hub.docker.com + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dmaap/kafka111:0.0.5 +pullPolicy: Always +ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + +zookeeper: + name: message-router-zookeeper + port: 2181 + +messagerouter: + container: message-router + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 +kafkaHeapOptions: -Xmx4G -Xms2G + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 20 + + +service: + type: NodePort + name: message-router-mirrormaker + portName: message-router-mirrormaker + internalPort: 9092 + + + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: large +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl new file mode 100644 index 0000000000..9af910eb89 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- /* + Calculate the maximum number of zk server down in order to guarantee ZK quorum. + For guaranteeing ZK quorum we need half of the server + 1 up. + + div in go template cast return an int64 + so we need to know if it is an even number or an odd. + For this we are doing (n/2)*2=n? + if true it is even else it is even +*/ -}} +{{- define "zk.maxUnavailable" -}} +{{- $halfReplica := div .Values.replicaCount 2 -}} + {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}} + {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }} + {{- toYaml (sub $halfReplica 1) -}} + {{else}} + {{- toYaml $halfReplica -}} + {{end}} +{{- end -}} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml index 2d251e90b0..5a370cdc4a 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml @@ -25,4 +25,4 @@ spec: selector: matchLabels: app: {{ include "common.name" . }} - maxUnavailable: {{ div (sub .Values.replicaCount 1) 2 }} + maxUnavailable: {{ include "zk.maxUnavailable" . }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index c0a7450d5e..37a1babe17 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/zookeeper:2.0.0 +image: onap/dmaap/zookeeper:3.0.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -130,4 +130,4 @@ resources: requests: cpu: 1000m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index d40d2a1468..8e446610d4 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -149,17 +149,18 @@ maxcontentlength=10000 #AAF Properties msgRtr.namespace.aaf=org.onap.dmaap.mr.topic msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -enforced.topic.name.AAF=org.onap +enforced.topic.name.AAF=org.onap.dmaap.mr forceAAF=false transidUEBtopicreqd=false defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent -msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic: + +msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin +msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user +msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent +msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent msgRtr.mirrormaker.consumergroup=mmagentserver msgRtr.mirrormaker.consumerid=1 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index a79bb8d40a..948577aaa7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -1,4 +1,4 @@ -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_locate_url=https://aaf-locate:8095 aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm @@ -17,4 +17,4 @@ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147 \ No newline at end of file +cadi_longitude=-122.26147 diff --git a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json new file mode 100644 index 0000000000..9e732d2af8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json @@ -0,0 +1,6 @@ +{ + "dcaeLocationName": "san-francisco", + "fqdn": "message-router", + "topicProtocol": "http", + "topicPort": "3904" +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json b/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json deleted file mode 100644 index 2612e0d64c..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "topicName": "MirrorMakerProvisioning", - "topicDescription": "the topic used to provision the MM agent whitelist", - "replicationCase": "REPLICATION_NONE", - "owner": "dmaap", - "txenabled": false, - "partitionCount": "1", - "clients": [ - { - "dcaeLocationName": "san-francisco", - "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", - "action": [ - "pub", - "view" - ] - - } - ] -} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json new file mode 100644 index 0000000000..d2910b8398 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json @@ -0,0 +1,14 @@ +{ + "topicName": "PM_MAPPER", + "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic", + "owner": "pm-mapper", + "txenabled": false, + "clients": [{ + "dcaeLocationName": "san-francisco", + "clientIdentity": "dcae@dcae.onap.org", + "action": [ + "pub", + "view" + ] + }] +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json new file mode 100644 index 0000000000..7ae77cd8a8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json @@ -0,0 +1,42 @@ +{ + "topicName": "mirrormakeragent", + "topicDescription": "the topic used to provision the MM agent whitelist", + "replicationCase": "REPLICATION_NONE", + "owner": "dmaap", + "txenabled": false, + "partitionCount": "1", + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "demo@people.osaaf.org", + "action": [ + "pub", + "sub", + "view" + ] + + } + + ] +} + diff --git a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml index 5637812437..6d246de87f 100644 --- a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-4" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: "Always" env: - name: DELAY - value: "60" + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index bdd134ac64..7bf88f5f8e 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -68,7 +68,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: enableCadi - value: "false" + value: "true" volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 5d01e55077..10ce59c0ac 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.9 +image: onap/dmaap/dmaap-mr:1.1.11 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index cda78cf04f..3507bd87cd 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -24,7 +24,7 @@ dependencies: - name: dmaap-bc version: ~4.x-0 repository: 'file://components/dmaap-bc' - condition: dmaap-bus-controller.enabled + condition: dmaap-bc.enabled - name: dmaap-dr-node version: ~4.x-0 repository: 'file://components/dmaap-dr-node' diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 02f0ac5399..e7b39af1ad 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -22,7 +22,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - clientImage: onap/dmaap/dbc-client:1.0.3 + clientImage: onap/dmaap/dbc-client:1.0.5 # application configuration config: logstashServiceName: log-ls diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore b/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml new file mode 100644 index 0000000000..1305d419bb --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP multicloud OpenStack Starlingx Plugin +name: multicloud-starlingx +version: 3.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml new file mode 100644 index 0000000000..30445572d9 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml @@ -0,0 +1,47 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +version: 1 +disable_existing_loggers: False + +loggers: + starlingx: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + newton_base: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + common: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + +handlers: + starlingx_handler: + level: "DEBUG" + class: "logging.handlers.RotatingFileHandler" + filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log" + formatter: "mdcFormat" + maxBytes: 1024*1024*50 + backupCount: 10 + +formatters: + standard: + format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" + mdcFormat: + format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" + mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" + datefmt: "%Y-%m-%d %H:%M:%S" + (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt new file mode 100644 index 0000000000..746215b541 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml new file mode 100644 index 0000000000..3e8a3fcae1 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml new file mode 100644 index 0000000000..0ccc3f9f95 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml @@ -0,0 +1,110 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + spec: + containers: + - env: + - name: MSB_ADDR + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" + - name: MSB_PORT + value: "{{ .Values.config.msbPort }}" + - name: AAI_ADDR + value: aai.{{ include "common.namespace" . }} + - name: AAI_PORT + value: "{{ .Values.config.aai.port }}" + - name: AAI_SCHEMA_VERSION + value: "{{ .Values.config.aai.schemaVersion }}" + - name: AAI_USERNAME + value: "{{ .Values.config.aai.username }}" + - name: AAI_PASSWORD + value: "{{ .Values.config.aai.password }}" + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /var/log/onap + name: starlingx-log + - mountPath: /opt/starlingx/starlingx/pub/config/log.yml + name: starlingx-logconfig + subPath: log.yml + resources: +{{ include "common.resources" . | indent 12 }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/multicloud-starlingx/v0/swagger.json + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + {{ end }} + # side car containers + - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: starlingx-log + - mountPath: /usr/share/filebeat/data + name: starlingx-data-filebeat + + volumes: + - name: starlingx-log + emptyDir: {} + - name: starlingx-data-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: multicloud-filebeat-configmap + - name: starlingx-logconfig + configMap: + name: {{ include "common.fullname" . }}-log-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml new file mode 100644 index 0000000000..f6925d9961 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml @@ -0,0 +1,60 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-starlingx", + "version": "v0", + "url": "/api/multicloud-starlingx/v0", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + }, + { + "serviceName": "multicloud-starlingx", + "version": "v1", + "url": "/api/multicloud-starlingx/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml new file mode 100644 index 0000000000..2ca696c704 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml @@ -0,0 +1,87 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/openstack-starlingx:1.3.0-SNAPSHOT +pullPolicy: Always + +#Istio sidecar injection policy +istioSidecar: false + +# application configuration +config: + msbgateway: msb-iag + msbPort: 80 + aai: + port: 8443 + schemaVersion: v13 + username: AAI + password: AAI + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 5 + enabled: true + +service: + type: NodePort + name: multicloud-starlingx + portName: multicloud-starlingx + externalPort: 9009 + internalPort: 9009 + nodePort: 85 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} diff --git a/kubernetes/multicloud/resources/config/provider-plugin.json b/kubernetes/multicloud/resources/config/provider-plugin.json index 2bc98943a5..65ed86c110 100644 --- a/kubernetes/multicloud/resources/config/provider-plugin.json +++ b/kubernetes/multicloud/resources/config/provider-plugin.json @@ -12,6 +12,11 @@ "extra_info_hint": "", "provider_plugin": "multicloud-pike" }, + "starlingx": { + "version": "starlingx", + "extra_info_hint": "", + "provider_plugin": "multicloud-starlingx" + }, "ocata": { "version": "ocata", "extra_info_hint": "", diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index ecc01fafa4..9f50620ab6 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -85,7 +85,7 @@ affinity: {} # probe configuration parameters liveness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 180 periodSeconds: 30 @@ -95,7 +95,7 @@ liveness: readiness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 185 periodSeconds: 30 diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index fa263282ef..fa8619ed93 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -59,6 +59,9 @@ aai: replicaCount: 1 appc: enabled: false +cassandra: + enabled: false + replicaCount: 1 clamp: enabled: false cli: diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index b772f1f94b..989174c1c4 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -51,6 +51,9 @@ aaf: enabled: false appc: enabled: false +cassandra: + enabled: false + replicaCount: 1 clamp: enabled: false cli: diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index a667e174ec..d751534bd9 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -50,6 +50,11 @@ aai: initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 +cassandra: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 clamp: liveness: initialDelaySeconds: 60 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml new file mode 100644 index 0000000000..78fedfdef2 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Optimizer +name: oof-cmso-optimizer +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties new file mode 100644 index 0000000000..32d77bb663 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties @@ -0,0 +1,43 @@ +### +# Copyright (c) 2019 AT&T Intellectual Property. +# Modifications Copyright (c) 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +### +spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + + +changeLogFile=optimizer-liquibase-changeLog.xml diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties new file mode 100644 index 0000000000..83ed89a844 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties @@ -0,0 +1,54 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} +cmso.database.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + +spring.jpa.show-sql=false +spring.jpa.hibernate.ddl-auto=none +spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy +spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect +spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl +spring.jpa.hibernate.id.new_generator_mappings=false +hibernate.id.new_generator_mappings=false + +logging.level.org.hibernate.SQL=WARN +logging.level.org.hibernate=WARN +#------------------------------------------------------------------------------- + + +cmso.topology.create.request.url=http://${TOPOLOGY_HOST}:${TOPOLOGY_PORT}/topology/v1/current +cmso.ticket.create.request.url=http://${TICKETMGT_HOST}:${TICKETMGT_PORT}/ticketmgt/v1/activetickets +cmso.local.policy.folder=data/policies + +cmso.minizinc.command.exe=/mz-dist/bin/minizinc +cmso.minizinc.command.solver=OSICBC +cmso.minizinc.command.timelimit=60000 +cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn + +mechid.user=oof@oof.onap.org +mechid.pass=changeit diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/cds/charts/blueprints-processor/templates/secrets.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml old mode 100755 new mode 100644 similarity index 79% rename from kubernetes/cds/charts/blueprints-processor/templates/secrets.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml index f21363d087..c4397359dc --- a/kubernetes/cds/charts/blueprints-processor/templates/secrets.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2019 IBM, Bell Canada +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,15 +13,14 @@ # limitations under the License. apiVersion: v1 -kind: Secret +kind: ConfigMap metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.fullname" . }} + app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml new file mode 100644 index 0000000000..4e418bf756 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml @@ -0,0 +1,146 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: db-init + image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + terminationMessagePolicy: File + volumeMounts: + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: TOPOLOGY_HOST + value: {{ .Values.config.topology_host }}.{{.Release.Namespace}} + - name: TOPOLOGY_PORT + value: {{ .Values.config.topology_port | quote}} + - name: TICKETMGT_HOST + value: {{ .Values.config.ticketmgt_host }}.{{.Release.Namespace}} + - name: TICKETMGT_PORT + value: {{ .Values.config.ticketmgt_port | quote}} + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: optimizer.properties + path: optimizer.properties + - key: liquibase.properties + path: liquibase.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml new file mode 100644 index 0000000000..be32774bc1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml @@ -0,0 +1,115 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-optimizer:latest +pullPolicy: Always + +#init container image +dbinit: + image: onap/optf-cmso-dbinit:latest + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-optimizer + portName: cmso + internalPort: 7997 + externalPort: 7997 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + db_root: root + db_user: cmso-admin + mysqlDatabase: optimizer + db_host: oof-cmso-dbhost + db_port: 3306 + topology_host: oof-cmso-topology + topology_port: 7998 + ticketmgt_host: oof-cmso-ticketmgt + ticketmgt_port: 7999 + +mariadb: + nameOverride: cmso-db + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties index cf1d35e105..ce94f573f6 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -1,7 +1,7 @@ #------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. +# Copyright (c) 2017-2018 AT&T Intellectual Property. +# Modifications Copyright (c) 2018 IBM. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ # # # Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at # @@ -29,9 +29,8 @@ # See the License for the specific language governing permissions and # limitations under the License. #------------------------------------------------------------------------------- -### -### MySQL DB. +#------------------------------------------------------------------------------- spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} spring.datasource.driver-class-name=org.mariadb.jdbc.Driver spring.datasource.username=${DB_USERNAME} @@ -44,7 +43,7 @@ spring.datasource.tomcat.initialSize=5 spring.datasource.tomcat.max-active=25 spring.datasource.tomcat.test-on-borrow=true -spring.jpa.show-sql=true +spring.jpa.show-sql=false spring.jpa.hibernate.ddl-auto=none spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect @@ -52,9 +51,9 @@ spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.Ph spring.jpa.hibernate.id.new_generator_mappings=false hibernate.id.new_generator_mappings=false -logging.level.org.hibernate.SQL=TRACE - -logging.level.org.hibernate=TRACE +logging.level.org.hibernate.SQL=WARN +logging.level.org.hibernate=WARN +#------------------------------------------------------------------------------- # cmso.aaf.enabled=false @@ -95,10 +94,10 @@ so.polling.interval.ms=10000 ## loopback settings so.url=http://localhost:8080/cmso/v1/loopbacktest/onap/so/infra/orchestrationRequests/v7 -so.user=cmso@onap.org -so.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== +so.user=oof@oof.onap.org +so.pass=changeit -mechid.user=cmso@onap.org -mechid.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== +mechid.user=oof@oof.onap.org +mechid.pass=changeit cmso.dispatch.url=http://localhost:8089 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties index b222d7bf59..498a1e5870 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties @@ -1,6 +1,6 @@ #------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. +# Copyright (c) 2017-2018 AT&T Intellectual Property. +# Modifications Copyright ? 2018 IBM. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ # # # Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at # @@ -29,6 +29,6 @@ # limitations under the License. #------------------------------------------------------------------------------- -cmso.optimizer.url=http://localhost:8080/cmso/v1/loopbacktest/optimizer -cmso.optimizer.callbackurl=http://localhost:8080/cmso/v1/optimizerCallback - +cmso.optimizer.request.url=$http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule +cmso.optimizer.status.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule +cmso.optimizer.health.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/health?checkInterfaces=true \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml index dd080be98e..350708f078 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright (c) 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -86,6 +86,10 @@ spec: secretKeyRef: name: {{ .Release.Name}}-cmso-db key: user-password + - name: OPTIMIZER_HOST + value: {{ .Values.config.optimizer_host }}.{{.Release.Namespace}} + - name: OPTIMIZER_PORT + value: {{ .Values.config.optimizer_port | quote}} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -128,6 +132,8 @@ spec: path: logback.xml - key: cmso.properties path: cmso.properties + - key: cadi.properties + path: cadi.properties - key: optimizer.properties path: optimizer.properties - key: ticketmgt.properties diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index 98c6b4a050..6df3049b1b 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,12 +25,12 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-service:1.0.1 +image: onap/optf-cmso-service:latest pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:1.0.1 + image: onap/optf-cmso-dbinit:latest # flag to enable debugging - application support required debugEnabled: false @@ -75,6 +75,8 @@ config: mysqlDatabase: cmso db_host: oof-cmso-dbhost db_port: 3306 + optimizer_host: oof-cmso-optimizer + optimizer_port: 7997 mariadb: nameOverride: cmso-db diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml new file mode 100644 index 0000000000..e99b3bea31 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Ticket Management +name: oof-cmso-ticketmgt +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties new file mode 100644 index 0000000000..5ca252f9bc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties @@ -0,0 +1,30 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2019 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/cds/charts/controller-blueprints/templates/secrets.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml similarity index 70% rename from kubernetes/cds/charts/controller-blueprints/templates/secrets.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml index b4ab161809..c4397359dc 100644 --- a/kubernetes/cds/charts/controller-blueprints/templates/secrets.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018 Amdocs, Bell Canada +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,17 +13,14 @@ # limitations under the License. apiVersion: v1 -kind: Secret +kind: ConfigMap metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.fullname" . }} + app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} - restUser: {{ .Values.config.restUser | b64enc | quote }} - restPassword: {{ .Values.config.restPassword | b64enc | quote }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml new file mode 100644 index 0000000000..e01034e8d2 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: ticketmgt.properties + path: ticketmgt.properties + - key: cadi.properties + path: cadi.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml new file mode 100644 index 0000000000..f19b8e2b1b --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -0,0 +1,101 @@ +# Copyright (c) 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-ticketmgt:latest +pullPolicy: Always + + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-ticketmgt + portName: cmso-ticketmgt + internalPort: 7999 + externalPort: 7999 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml new file mode 100644 index 0000000000..258d9ee317 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Service +name: oof-cmso-topology +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties new file mode 100644 index 0000000000..5ca252f9bc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties @@ -0,0 +1,30 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2019 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml new file mode 100644 index 0000000000..02f398301f --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: topology.properties + path: topology.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml new file mode 100644 index 0000000000..0d50827dcb --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-topology:latest +pullPolicy: Always + + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-topology + portName: cmso-topology + internalPort: 7998 + externalPort: 7998 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml index e22b8d26e7..d01c1548c2 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml @@ -38,7 +38,6 @@ pnda: osUser: centos nameserver: 8.8.8.8 ntp: pool.ntp.org - mirrorNodePort: 88 apps: fsType: local networkCidr: 10.0.0.0/16 diff --git a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml deleted file mode 100755 index 2057e94f24..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml +++ /dev/null @@ -1,95 +0,0 @@ - - - - - - - - - policy-profile - - true - - - - - policy-nexus-snapshots - http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/ - - false - always - - - true - always - - - - - policy-nexus-releases - http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/ - - true - always - - - false - always - - - - - - - - - policy-profile - - - - - policy-nexus-snapshots - admin - admin123 - - - policy-nexus-releases - admin - admin123 - - - - diff --git a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml deleted file mode 100644 index 4b058f1e4b..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml +++ /dev/null @@ -1,103 +0,0 @@ - - - - - - - - - - - - - - - - ${logDir}/${errorLog}.log - - ${logDir}/${errorLog}.%i.log.zip - 1 - 5 - - - WARN - - - 15MB - - - ${errorPattern} - - - - - - - - - ${logDir}/${debugLog}.log - - ${logDir}/${debugLog}.%i.log.zip - 1 - 9 - - - 20MB - - - ${debugPattern} - - - - - - - - - ${logDir}/${networkLog}.log - - ${logDir}/${networkLog}.%i.log.zip - 1 - 9 - - - 15MB - - - ${networkPattern} - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh deleted file mode 100644 index 9fa52123e9..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh +++ /dev/null @@ -1,125 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# ################################# -# Usage -# ################################# - -function usage { - echo - echo "Usage: $(basename $0) " - echo "Example: $(basename $0) controlloop 1.2.0 /opt/policy/config/drools" - echo -} - -# ################################# -# snapshot url computation -# ################################# - -function url_snapshot { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} --" - set -x - fi - - APP_URL="${APP_URL}/snapshots/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}" - - local APP_METADATA_URL="${APP_URL}/maven-metadata.xml" - local APP_SNAPSHOT_VERSION=$(curl --silent "${APP_METADATA_URL}" | grep -Po "(?<=).*(?=)" | sort -V | tail -1) - - if [[ -z ${APP_SNAPSHOT_VERSION} ]]; then - echo "ERROR: cannot compute SNAPSHOT version" - usage - exit 1 - fi - - APP_URL="${APP_URL}/apps-${APP_NAME}-${APP_SNAPSHOT_VERSION}.zip" -} - -# ################################# -# release url computation -# ################################# - -function url_release { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} --" - set -x - fi - - APP_URL="${APP_URL}/releases/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}/apps-${APP_NAME}-${APP_VERSION}.zip" -} - -# ################################# -# Main -# ################################# - -if [[ $DEBUG == y ]]; then - set -x -fi - -APP_NAME=$1 -if [[ -z ${APP_NAME} ]]; then - echo "ERROR: no APPLICATION NAME provided (ie. controlloop)" - usage - exit 1 -fi - -APP_VERSION=$2 -if [[ -z ${APP_VERSION} ]]; then - echo "ERROR: no APPLICATION VERSION provided" - usage - exit 1 -fi - -DOWNLOAD_DIR=$3 -if [[ -z ${DOWNLOAD_DIR} ]]; then - echo "ERROR: no DOWNLOAD DIRECTORY provided" - usage - exit 1 -fi - -if [[ ! -d ${DOWNLOAD_DIR} ]]; then - echo "ERROR: ${DOWNLOAD_DIR} is not a directory" - usage - exit 1 -fi - -APP_GROUP_ID="org.onap.policy.drools-applications.${APP_NAME}.packages" -APP_ARTIFACT_ID="apps-${APP_NAME}" -APP_BASE_URL="https://nexus.onap.org/content/repositories" - -APP_URL="${APP_BASE_URL}" - -if [[ ${APP_VERSION} =~ \-SNAPSHOT$ ]]; then - url_snapshot -else - url_release -fi - -wget "${APP_URL}" -O "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip -if [[ $? != 0 ]]; then - echo "ERROR: cannot download ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" - exit 1 -fi - -echo "APP ${APP_NAME} stored at ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" -ls -l "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh deleted file mode 100644 index a8de4fc2c1..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# ################################# -# Usage -# ################################# - -function usage { - echo - echo "Usage: $(basename $0)" - echo -} - -if [[ ${DEBUG} == y ]]; then - set -x -fi - -if [[ -z ${BUILD_VERSION} ]]; then - echo "no BUILD_VERSION available as environment variable"" - usage - exit 1 -fi - -if [[ -z ${POLICY_INSTALL} ]]; then - echo "no POLICY_INSTALL available as environment variable"" - usage - exit 2 -fi - -CONFIG_DIR=$(dirname "$0") -echo "invoking ${CONFIG_DIR}/apps-install.sh for controlloop ${BUILD_VERSION} at ${POLICY_INSTALL}" -export DEBUG=y -bash ${CONFIG_DIR}/apps-install.sh controlloop ${BUILD_VERSION} ${POLICY_INSTALL} -unzip -o ${POLICY_INSTALL}/app*.zip -d ${POLICY_INSTALL} diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh deleted file mode 100644 index 5f504e2c65..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh +++ /dev/null @@ -1,71 +0,0 @@ -#! /bin/bash -xv - -# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -"${POLICY_HOME}"/bin/features enable healthcheck -"${POLICY_HOME}"/bin/features enable distributed-locking - -"${POLICY_HOME}"/bin/db-migrator -s pooling -o upgrade - -# make sure the PDPD-CONFIGURATION anonymous topic is created -# so not to lose any configuration updates - -echo -echo "testing publish to PDPD-CONFIGURATION topic" -echo - -curl --silent --connect-timeout 15 -X POST --header "Content-Type: application/json" -d "{}" http://message-router:3904/events/PDPD-CONFIGURATION - -echo -echo "testing subscribe to PDPD-CONFIGURATION topic " -echo - -curl --silent --connect-timeout 15 -X GET http://message-router:3904/events/PDPD-CONFIGURATION/1/1?timeout=5000 - -# for resiliency/scalability scenarios, check to see -# if there's an amsterdam artifact already deployed -# by brmsgw. If so, update the amsterdam controller -# coordinates. In the future, a more sophisticated -# solution will be put in place, that will required -# coordination among policy components. - -echo -echo "checking if there are amsterdam policies already deployed .." -echo - -AMSTERDAM_VERSION=$(curl --silent --connect-timeout 20 -X GET "http://nexus:8081/nexus/service/local/artifact/maven/resolve?r=releases&g=org.onap.policy-engine.drools.amsterdam&a=policy-amsterdam-rules&v=RELEASE" | grep -Po "(?<=).*(?=)") - -if [[ -z ${AMSTERDAM_VERSION} ]]; then - echo "no amsterdam policies have been found .." - exit 0 -fi - -echo -echo "The latest deployed amsterdam artifact in nexus has version ${AMSTERDAM_VERSION}" -echo - -sed -i.INSTALL -e "s/^rules.artifactId=.*/rules.artifactId=policy-amsterdam-rules/g" \ - -e "s/^rules.groupId=.*/rules.groupId=org.onap.policy-engine.drools.amsterdam/g" \ - -e "s/^rules.version=.*/rules.version=${AMSTERDAM_VERSION}/g" "${POLICY_HOME}"/config/amsterdam-controller.properties - -echo -echo "amsterdam controller will be started brained with maven coordinates:" -echo - -grep "^rules" "${POLICY_HOME}"/config/amsterdam-controller.properties - -echo -echo diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 16053d39e7..1f9503130c 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,14 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-settings-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }} ---- apiVersion: v1 kind: ConfigMap metadata: @@ -28,12 +20,3 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }} - diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index 4a7f8e2b1d..beacbabd06 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -59,10 +59,6 @@ spec: ports: - containerPort: {{ .Values.service.externalPort }} - containerPort: {{ .Values.service.externalPort2 }} - command: - - /bin/bash - - -c - - ./do-start.sh {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -91,30 +87,8 @@ spec: - mountPath: /tmp/policy-install/config/base.conf name: drools-config subPath: base.conf - - mountPath: /tmp/policy-install/config/policy-management.conf - name: drools-config - subPath: policy-management.conf - - mountPath: /tmp/policy-install/config/drools-tweaks.sh - name: drools-config - subPath: drools-tweaks.sh - - mountPath: /tmp/policy-install/config/apps-install.sh - name: drools-config - subPath: apps-install.sh - - mountPath: /tmp/policy-install/config/drools-preinstall.sh - name: drools-config - subPath: drools-preinstall.sh - - mountPath: /usr/share/maven/conf/settings.xml - name: drools-settingsxml - subPath: settings.xml - mountPath: /var/log/onap name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -147,12 +121,6 @@ spec: emptyDir: {} - name: policy-data-filebeat emptyDir: {} - - name: policy-logback - configMap: - name: {{ include "common.fullname" . }}-log-configmap - - name: drools-settingsxml - configMap: - name: {{ include "common.fullname" . }}-settings-configmap - name: drools-config configMap: name: {{ include "common.fullname" . }}-configmap @@ -163,18 +131,6 @@ spec: - key: feature-pooling-dmaap.conf path: feature-pooling-dmaap.conf mode: 0755 - - key: policy-management.conf - path: policy-management.conf - mode: 0755 - - key: drools-tweaks.sh - path: drools-tweaks.sh - mode: 0755 - - key: apps-install.sh - path: apps-install.sh - mode: 0755 - - key: drools-preinstall.sh - path: drools-preinstall.sh - mode: 0755 - name: drools-secret secret: secretName: {{ include "common.fullname" . }}-secret diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 1400e6c97e..fdb73e1485 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-drools:1.4-SNAPSHOT-latest +image: onap/policy-pdpd-cl:1.4-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml new file mode 100644 index 0000000000..be4325e6b2 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Policy XACML PDP +name: policy-xacml-pdp +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml new file mode 100644 index 0000000000..768bdb372d --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json new file mode 100644 index 0000000000..7fb864bb31 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +{ + "name":"XacmlPdpGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":6969, + "userName":"healthcheck", + "password":"zb!XztG34" + } +} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml new file mode 100644 index 0000000000..d90b0c93dc --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml new file mode 100644 index 0000000000..20b2afbf50 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"] + args: ["/opt/app/policy/pdpx/etc/mounted/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/pdpx/etc/mounted + name: pdpxconfig + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: pdpxconfig + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml new file mode 100644 index 0000000000..c02dbfd0af --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml @@ -0,0 +1,37 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml new file mode 100644 index 0000000000..fcfbab2471 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml @@ -0,0 +1,67 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-xacml-pdp:2.0.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + +service: + type: ClusterIP + name: policy-xacml-pdp + portName: policy-xacml-pdp + externalPort: 6969 + internalPort: 6969 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties index 9a27a6c8c8..77789f49bd 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -24,4 +24,4 @@ key.manager.factory.algorithm=SunX509 security.protocol=TLS connection.timeout.ms=60000 read.timeout.ms=60000 -base.uri=/sdccontextbuilder/service/context +base.uri=/sdccontextbuilder/v2/service/context diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml new file mode 100644 index 0000000000..defd063d2f --- /dev/null +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index 32544219f3..40d40b3611 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -75,8 +75,8 @@ service: #Services may use any combination of ports depending on the 'type' of #service being defined. - #type: ClusterIP - #externalPort: 9529 + type: ClusterIP + externalPort: 9529 internalPort: 9529 #nodePort: # optional port name override - default can be defined in service.yaml diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index f3d2aaa311..00eb921779 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -29,7 +29,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:6.3.1 +image: elasticsearch/elasticsearch:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json b/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json deleted file mode 100644 index ae01e9679f..0000000000 --- a/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json +++ /dev/null @@ -1,192 +0,0 @@ -{ - "service-validations": { - "mappings": { - "default": { - "properties": { - "modelInvariantId": { - "type": "text" - }, - "modelName": { - "type": "text" - }, - "modelVersionId": { - "type": "text" - }, - "result": { - "type": "text" - }, - "serviceInstanceId": { - "type": "text" - }, - "validationId": { - "type": "text" - }, - "validationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violations": { - "type": "nested", - "properties": { - "category": { - "type": "text" - }, - "errorMessage": { - "type": "text" - }, - "modelName": { - "type": "text" - }, - "severity": { - "type": "text" - }, - "validationRule": { - "type": "text" - }, - "violationDetails": { - "properties": { - "context-list-aai-vf-list[*]": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "nf-naming-code": { - "type": "text" - }, - "type": { - "type": "text" - }, - "uuid": { - "type": "text" - }, - "vf-module-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "max-instances": { - "type": "long" - }, - "min-instances": { - "type": "long" - }, - "uuid": { - "type": "text" - } - } - }, - "vnfc-list": { - "properties": { - "name": { - "type": "text" - }, - "nfc-naming-code": { - "type": "text" - } - } - } - } - }, - "context-list-aai-vf-list[*]-name": { - "type": "text" - }, - "context-list-aai-vf-list[*]-type": { - "type": "text" - }, - "context-list-aai-vf[*]-name": { - "type": "text" - }, - "context-list-aai-vf[*]-type": { - "type": "text" - }, - "context-list-sdc-service-name": { - "type": "text" - }, - "context-list-sdc-vf-list[*]": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "type": { - "type": "text" - }, - "uuid": { - "type": "text" - }, - "vf-module-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "max-instances": { - "type": "long" - }, - "min-instances": { - "type": "long" - }, - "uuid": { - "type": "text" - } - } - }, - "vnfc-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "nfc-naming-code": { - "type": "text" - }, - "uuid": { - "type": "text" - } - } - } - } - }, - "context-list-sdnc-vf-list[*]-name": { - "type": "text" - }, - "context-list-sdnc-vf-list[*]-type": { - "type": "text" - }, - "context-list-sdnc-vf[*]-name": { - "type": "text" - }, - "context-list-sdnc-vf[*]-type": { - "type": "text" - } - } - }, - "violationId": { - "type": "text" - }, - "violationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationType": { - "type": "text" - } - } - }, - "client": { - "type": "text" - }, - "requestId": { - "type": "text" - } - } - } - } - } -} diff --git a/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json b/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json deleted file mode 100644 index 790f8c7f7d..0000000000 --- a/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "service-violations": { - "mappings": { - "default": { - "properties": { - "category": { - "type": "text" - }, - "message": { - "type": "text" - }, - "modelInvariantId": { - "type": "text" - }, - "modelVersionId": { - "type": "text" - }, - "serviceInstanceId": { - "type": "text" - }, - "severity": { - "type": "text" - }, - "validationId": { - "type": "text" - }, - "validationRule": { - "type": "text" - }, - "validationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationId": { - "type": "text" - }, - "violationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationType": { - "type": "text" - } - } - } - } - } -} \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml index 2bc9e796c9..58a0a90acf 100644 --- a/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml @@ -79,40 +79,6 @@ spec: - mountPath: /config/default.json name: {{ include "common.fullname" . }} subPath: default.json - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-validations - - --input=/config/validationsDump.json - - --type=mapping - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config-validation - volumeMounts: - - mountPath: /config/validationsDump.json - name: {{ include "common.fullname" . }} - subPath: validationsDump.json - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-violations - - --input=/config/violationsDump.json - - --type=mapping - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config-violation - volumeMounts: - - mountPath: /config/violationsDump.json - name: {{ include "common.fullname" . }} - subPath: violationsDump.json containers: - name: {{ include "common.name" . }} image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}" @@ -175,10 +141,6 @@ spec: path: kibana.yml - key: default.json path: default.json - - key: validationsDump.json - path: validationsDump.json - - key: violationsDump.json - path: violationsDump.json - key: default-mapping.json path: default-mapping.json - name: {{ include "common.fullname" . }}-auth diff --git a/kubernetes/pomba/charts/pomba-kibana/values.yaml b/kubernetes/pomba/charts/pomba-kibana/values.yaml index fe50e47fda..53725b7798 100644 --- a/kubernetes/pomba/charts/pomba-kibana/values.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: kibana/kibana:6.3.1 +image: kibana/kibana:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties index 455198223c..24b443c57f 100644 --- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties @@ -17,7 +17,7 @@ spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,bea camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route service.xml.beans = config/dynamic/conf/*.xml -server.contextPath=/sdnccontextbuilder/v1 +server.contextPath=/sdnccontextbuilder spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration #This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json index de8bacf4cb..58ed8f6428 100644 --- a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json @@ -1,19 +1,16 @@ { - "attr-translations": [{ - "from": "\"type\":\"string\",\"index\":\"analyzed\"", - "to": "\"type\":\"text\",\"index\":\"true\"" - }, + "attr-translations": [ { - "from": "\"type\":\"string\",\"index\":\"not_analyzed\"", - "to": "\"type\":\"keyword\",\"index\":\"true\"" + "query": "$..[?(@.type=='string' && @.index=='analyzed')]", + "update": {"type": "text", "index": true, "fielddata": true} }, { - "from": "\"type\":\"string\"", - "to": "\"type\":\"text\"" + "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", + "update": {"type": "keyword", "index": true} }, { - "from": "searchable", - "to": "index" + "query": "$..[?(@.type=='string' && !@.index)]", + "update": {"type": "text", "fielddata": true} } ] } \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml index 4d8d496223..b1065c14a8 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs +# Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks deleted file mode 100644 index 4b7e115d8c..0000000000 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks and /dev/null differ diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 index df2f4f6cd3..c53a7ae9b3 100644 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 differ diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index c23accd82f..5e6288e5e7 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -65,10 +65,19 @@ GLOBAL_LOG_ELASTICSEARCH_PORT = "9200" GLOBAL_LOG_LOGSTASH_PORT = "9600" GLOBAL_LOG_KIBANA_PORT = "5601" # pomba info - NOTE: no pomba is run in HEAT; only on OOM -GLOBAL_POMBA_SERVER_PROTOCOL = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https" GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530" +GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = "9532" +GLOBAL_POMBA_SDNCCXTBUILDER_PORT = "9530" +GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531" +GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529" +GLOBAL_POMBA_KIBANA_PORT = "5601" +GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200" +GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529" + # microservice bus info - everything is from the private oam network (also called onap private network) GLOBAL_MSB_SERVER_PROTOCOL = "http" GLOBAL_MSB_SERVER_PORT = "80" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 0c8edd0b2a..6684bcab05 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -35,6 +35,13 @@ GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = "pomba-servicedecomposition.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = "pomba-sdncctxbuilder.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = "pomba-networkdiscovery.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = "pomba-validation-service.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = "pomba-kibana.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = "pomba-es.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = "pomba-contextaggregator.{{include "common.namespace" .}}" GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}" GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}" GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}" @@ -109,6 +116,9 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : "pomba-servicedecomposition.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : "pomba-sdncctxbuilder.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : "pomba-contextaggregator.{{include "common.namespace" .}}", "GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}", diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl new file mode 100644 index 0000000000..c69fb7c81c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -0,0 +1,29 @@ +{{- define "sdc-wfd-be.volumes" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + hostPath: + path: /etc/cassandra-client-truststore/truststore + type: File + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + hostPath: + path: /config/server-https-keystore/keystore + type: File + {{- end }} +{{- end }} + +{{- define "sdc-wfd-be.volumeMounts" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + mountPath: /etc/cassandra-client-truststore/truststore + subPath: truststore + readOnly: true + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + mountPath: /etc/server-https-keystore/keystore + subPath: keystore + readOnly: true + {{- end }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 26ad05555a..bb96d342f7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -101,34 +101,14 @@ spec: - name: SERVER_SSL_ENABLED value: "{{ .Values.config.serverSSLEnabled }}" - name: SERVER_SSL_KEYSTORE_TYPE - value: "{{ .Values.config.ser }}" + value: "{{ .Values.config.serverSSLKeyStoreType }}" - name: SERVER_SSL_KEYSTORE_PATH value: "{{ .Values.config.serverSSLKeyStorePath }}" - name: SERVER_SSL_KEY_PASSWORD value: "{{ .Values.config.serverSSLKeyPassword }}" volumeMounts: - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - mountPath: /config/cassandra-client-truststore - subPath: truststore - readOnly: true - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - mountPath: /config/server-https-keystore - subPath: keystore - readOnly: true - {{- end }} + {{- template "sdc-wfd-be.volumeMounts" . }} volumes: - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - hostPath: - path: /config/cassandra-client-truststore - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - hostPath: - path: /config/server-https-keystore - {{- end }} + {{- template "sdc-wfd-be.volumes" . }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index ed8833a9e5..63554369ed 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -50,10 +50,10 @@ config: sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U serverSSLEnabled: false serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /config/server-https-keystore/keystore + serverSSLKeyStorePath: /etc/server-https-keystore/keystore serverSSLKeyPassword: password cassandraSSLEnabled: false - cassandraTrustStorePath: /config/cassandra-client-truststore/truststore + cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore cassandraTrustStorePassword: password # default number of instances diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index bb5df2bf90..be9db4cd52 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -80,6 +80,7 @@ }, "cassandra": { + "cassandra_port": 9042, "concurrent_reads": "32", "num_tokens": "256", "data_dir": "/var/lib/cassandra/data", diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index d1b0c995d5..2513fc9dd4 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -20,17 +20,52 @@ # ============LICENSE_END========================================================= ### +# Append features to karaf boot feature configuration +# $1 additional feature to be added +# $2 repositories to be added (optional) +function addToFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + if [ -n "$2" ] ; then + echo "Add repository: $2" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresRepositories|s|$|,$2|" > $CFG + fi + echo "Add boot feature: $1" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresBoot *=|s|$|,$1|" > $CFG +} + +# Append features to karaf boot feature configuration +# $1 search pattern +# $2 replacement +function replaceFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + echo "Replace boot feature $1 with: $2" + sed -i "/featuresBoot/ s/$1/$2/g" $CFG +} + +function install_sdnrwt_features() { + addToFeatureBoot "$SDNRWT_BOOTFEATURES" $SDNRWT_REPOSITORY +} + function enable_odl_cluster(){ if [ -z $SDNC_REPLICAS ]; then echo "SDNC_REPLICAS is not configured in Env field" exit fi + #Be sure to remove feature odl-netconf-connector-all from list + replaceFeatureBoot "odl-netconf-connector-all," + echo "Installing Opendaylight cluster features" - mv $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig - cat $ODL_HOME/etc/org.apache.karaf.features.cfg.orig | sed -e "\|featuresBoot=config|s|$|,odl-mdsal-clustering,odl-jolokia|" > $ODL_HOME/etc/org.apache.karaf.features.cfg + replaceFeatureBoot odl-netconf-topology odl-netconf-clustered-topology + replaceFeatureBoot odl-mdsal-all odl-mdsal-all,odl-mdsal-clustering + addToFeatureBoot odl-jolokia #${ODL_HOME}/bin/client feature:install odl-mdsal-clustering #${ODL_HOME}/bin/client feature:install odl-jolokia + echo "Update cluster information statically" hm=$(hostname) @@ -80,6 +115,7 @@ function enable_odl_cluster(){ ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc} +SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}} @@ -87,6 +123,13 @@ MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.V ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} +SDNRWT=${SDNRWT:-false} +SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} + +echo "Settings:" +echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" +echo " SDNC_REPLICAS=$SDNC_REPLICAS" +echo " SDNRWT=$SDNRWT" # # Wait for database to init properly @@ -128,8 +171,15 @@ then if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi + if $SDNRWT ; then install_sdnrwt_features ; fi + echo "Installed at `date`" > ${SDNC_HOME}/.installed fi +cp /opt/opendaylight/current/certs/* /tmp + +nohup python ${SDNC_BIN}/installCerts.py & + + exec ${ODL_HOME}/bin/karaf server diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index 807bfaba0a..92c5c78b5f 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -345,3 +345,8 @@ spring: username: mso_admin password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR +so: + vnfm: + adapter: + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + auth: Basic dm5mbTpwYXNzd29yZDEk diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 592c390084..4b06a87695 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -11,6 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 server: port: {{ index .Values.containerPort }} spring: @@ -87,6 +89,8 @@ ecomp: mso: auth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E logPath: ./logs/openstack + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 workflow: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine msoKey: 07a7159d3bf51a0e53be7a8f89699be7 @@ -97,6 +101,8 @@ mso: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 + aai: + endpoint: https://aai.{{ include "common.namespace" . }}:8443 db: auth: Basic YnBlbDpwYXNzd29yZDEk site-name: localDevEnv diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml index 924042d4c2..0b52949103 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -11,6 +11,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 + version: v15 + endpoint: https://aai.{{ include "common.namespace" . }}:8443 spring: security: usercredentials: @@ -23,6 +27,7 @@ spring: server: port: {{ index .Values.containerPort }} mso: + key: 07a7159d3bf51a0e53be7a8f89699be7 site-name: localSite logPath: ./logs/vnfm-adapter msb-ip: msb-iag.{{ include "common.namespace" . }} diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 44efb4de48..b5b4f355b7 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -49,6 +49,8 @@ mso: aai: endpoint: https://aai.{{ include "common.namespace" . }}:8443 auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F + extApi: + endpoint: http://nbi.onap:8080/nbi/api/v3 so: operational-environment: dmaap: