From: Mike Elliott Date: Wed, 7 Nov 2018 18:56:55 +0000 (+0000) Subject: Merge "Add missing naming policy for vFW_NextGen" X-Git-Tag: 3.0.0-ONAP~62 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=0f282c08081ea538b1c49159a57eb2766f7372f2;hp=01885fab7034b092a25601a2ea51986a946f689e;p=oom.git Merge "Add missing naming policy for vFW_NextGen" --- diff --git a/.gitignore b/.gitignore index 37287615e0..a7fb5bfbe0 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,6 @@ requirements.lock # IntelliJ .idea/* *.iml + +# Mac OS +*DS_Store* diff --git a/INFO.yaml b/INFO.yaml index d6393366e9..da3cd81e8b 100644 --- a/INFO.yaml +++ b/INFO.yaml @@ -63,11 +63,11 @@ committers: company: 'ATT' id: 'jh245g' timezone: 'America/New York' - - name: 'Mike Elliott' - email: 'mike.elliott@amdocs.com' - company: 'Amdocs' - id: 'melliott' - timezone: 'Canada/Ontario' + - name: 'David Sauvageau' + email: 'david.sauvageau@bell.ca' + company: 'Bell' + id: 'david.sauvageau' + timezone: 'Canada/Montreal' - name: 'Mandeep Khinda' email: 'Mandeep.Khinda@amdocs.com' company: 'Amdocs' diff --git a/docs/oom_project_description.rst b/docs/oom_project_description.rst index 5cedf79eca..6486f4bab7 100644 --- a/docs/oom_project_description.rst +++ b/docs/oom_project_description.rst @@ -32,7 +32,7 @@ OOM supports a wide variety of Kubernetes private clouds - built with Rancher, Kubeadm or Cloudify - and public cloud infrastructures such as: Microsoft Azure, Amazon AWS, Google GCD, VMware VIO, and Openstack. -The OOM documentation is broken into four different areas each targeted at a differnet user: +The OOM documentation is broken into four different areas each targeted at a different user: - :ref:`quick-start-label` - deploy ONAP on an existing cloud - :ref:`user-guide-label` - a guide for operators of an ONAP instance diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index 8655054660..f78dfdc541 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/cm"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_cm","sleep","0","cd /opt/app/aaf;bin/cm"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index 6897898b40..117427a6ae 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.5 +image: onap/aaf/aaf_cm:2.1.6 aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cs/values.yaml index 61c0808102..a81bfed3ef 100644 --- a/kubernetes/aaf/charts/aaf-cs/values.yaml +++ b/kubernetes/aaf/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.5-SNAPSHOT +image: onap/aaf/aaf_cass:2.1.7-SNAPSHOT pullPolicy: Always # application configuration diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index cfafba7088..b93844849e 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/fs"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_fs","sleep","0","cd /opt/app/aaf;bin/fs"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index bfa95760e1..ad2e2d71d4 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.5 +image: onap/aaf/aaf_fs:2.1.6 aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index 03424125e4..9dd87948eb 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/gui"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_gui","sleep","0","cd /opt/app/aaf;bin/gui"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 50315db339..c0dbb5305f 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.5 +image: onap/aaf/aaf_gui:2.1.6 aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index d3049e0239..c57e57f017 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -34,7 +34,6 @@ spec: - name: {{ include "common.name" . }}-config-container image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - mountPath: "/opt/app/osaaf" name: {{ include "common.name" . }}-config-vol @@ -69,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/hello"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_hello","sleep","0","cd /opt/app/aaf;bin/hello"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index 35a697b6d3..a21db5ee12 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.5 +image: onap/aaf/aaf_hello:2.1.6 aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index ea4e3e8a47..a2f9f55c56 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -34,7 +34,6 @@ spec: - name: {{ include "common.name" . }}-config-container image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - mountPath: "/opt/app/osaaf" name: {{ include "common.name" . }}-config-vol @@ -69,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/locate"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_locate","sleep","0","cd /opt/app/aaf;bin/locate"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index 63843956a4..924eb4da76 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.5 +image: onap/aaf/aaf_locate:2.1.6 aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index aed0bbe785..f7a34f440c 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/oauth"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_oauth","sleep","0","cd /opt/app/aaf;bin/oauth"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index 874b50694d..dce02974ed 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.5 +image: onap/aaf/aaf_oauth:2.1.6 aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index 35b17ba5a5..92d23126f4 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/service"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_service","sleep","0","cd /opt/app/aaf;bin/service"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 5921ff676b..e898bb5497 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.5 +image: onap/aaf/aaf_service:2.1.6 aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 7a24eb7d47..7cd5938a62 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:3.0.0 +image: onap/aaf/smsquorumclient:3.0.1 pullPolicy: Always # flag to enable debugging - application support required @@ -72,4 +72,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json index 9d017f99ed..4f48771275 100644 --- a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json +++ b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json @@ -5,8 +5,8 @@ { "name": "aai", "values": { - "username": "OOF", - "password": "OOF" + "username": "oof@oof.onap.org", + "password": "demo123456!" } }, { @@ -30,6 +30,14 @@ "aafpass": "c0nduct0r", "aafns": "conductor" } + }, + { + "name": "aaf_api", + "values": { + "username": "aaf_admin@people.osaaf.org", + "password": "demo123456!", + "aaf_conductor_user": "oof@oof.onap.org" + } } ] } diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 5f27f055de..8e7ea29300 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:3.0.0 +image: onap/aaf/sms:3.0.1 pullPolicy: Always # flag to enable debugging - application support required @@ -100,4 +100,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index d53fe9db21..1c4bc5c901 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.5-SNAPSHOT + configImage: onap/aaf/aaf_config:2.1.6 persistence: enabled: true diff --git a/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml b/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml index 891526bc21..4a8ae39270 100644 --- a/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml +++ b/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml @@ -125,4 +125,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} + selector: + matchLabels: + release: "{{ .Release.Name }}" {{- end }} diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml index 0c125b126f..4e1866c8b9 100644 --- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml @@ -31,6 +31,21 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - aai-cassandra + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 index dbf4fcacec..7a4979a7a3 100644 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 and b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 differ diff --git a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml index ac34ed9248..a584800bb8 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml @@ -29,8 +29,9 @@ spec: ports: {{ if .Values.global.installSidecarSecurity }} {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.global.rproxy.port }} + - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + targetPort: {{ .Values.global.rproxy.port }} name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/aai/charts/aai-resources/values.yaml b/kubernetes/aai/charts/aai-resources/values.yaml index 770832b16a..5055fedb11 100644 --- a/kubernetes/aai/charts/aai-resources/values.yaml +++ b/kubernetes/aai/charts/aai-resources/values.yaml @@ -22,7 +22,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/aai-resources:1.3.0 +image: onap/aai-resources:1.3.1 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/charts/aai-traversal/values.yaml b/kubernetes/aai/charts/aai-traversal/values.yaml index 0cd2117fe3..cd496d01c2 100644 --- a/kubernetes/aai/charts/aai-traversal/values.yaml +++ b/kubernetes/aai/charts/aai-traversal/values.yaml @@ -23,7 +23,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/aai-traversal:1.3.0 +image: onap/aai-traversal:1.3.1 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index 3cbee8db5f..705f3effb5 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -50,15 +50,12 @@ function enable_odl_cluster(){ } ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} -ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-admin} SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} APPC_HOME=${APPC_HOME:-/opt/onap/appc} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.mariadbRootPassword}}} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} -ENABLE_AAF=${ENABLE_AAF:-false} -AAF_EXT_IP=${AAF_EXT_IP:-{{.Values.config.aafExtIP}}} -AAF_EXT_FQDN=${AAF_EXT_FQDN:-{{.Values.config.aafExtFQDN}}} +ENABLE_AAF=${ENABLE_AAF:-true} appcInstallStartTime=$(date +%s) @@ -149,7 +146,6 @@ then echo "Copying the aaa shiro configuration into opendaylight" if $ENABLE_AAF then - echo "${AAF_EXT_IP} ${AAF_EXT_FQDN}" >> /etc/hosts cp ${APPC_HOME}/data/properties/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml else cp ${APPC_HOME}/data/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml index 3dd78d3cdf..81834eaafc 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml @@ -80,37 +80,37 @@ /auth/** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /restconf/config/aaa-cert-mdsal** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /restconf/operational/aaa-cert-mdsal** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /restconf/operations/aaa-cert-rpc** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /restconf/config/aaa-authn-model** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /restconf/operational/aaa-authn-model** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /restconf/operations/cluster-admin** - authcBasic, roles[org.onap.appc.odl|odl-admin|*] + authcBasic, roles[org.onap.appc.odl|odl-api|*] /** diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties index afd1e9569a..70285069ff 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties @@ -26,12 +26,13 @@ # # Certificate keystore and truststore # -org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/ccsdk/data/stores/truststore.onap.client.jks -org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=adminadmin -org.onap.ccsdk.sli.adaptors.aai.host.certificate.ignore=true +org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/appc/data/stores/truststoreONAPall.jks +org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=changeit +org.onap.ccsdk.sli.adaptors.aai.ssl.key=/opt/onap/appc/data/stores/truststoreONAPall.jks +org.onap.ccsdk.sli.adaptors.aai.ssl.key.psswd=changeit -org.onap.ccsdk.sli.adaptors.aai.client.name=SDNC -org.onap.ccsdk.sli.adaptors.aai.client.psswd=SDNC +org.onap.ccsdk.sli.adaptors.aai.client.name=appc@appc.onap.org +org.onap.ccsdk.sli.adaptors.aai.client.psswd=demo123456! org.onap.ccsdk.sli.adaptors.aai.application=openECOMP connection.timeout=60000 diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties index 47c6788f9f..8553fcda02 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties @@ -31,10 +31,10 @@ appc.demo.threads.queuesize.min=1 appc.demo.threads.queuesize.max=1000 appc.demo.threads.poolsize.min=1 appc.demo.threads.poolsize.max=2 -appc.demo.provider.user=admin +appc.demo.provider.user={{.Values.config.odlUser}} appc.demo.provider.pass={{.Values.config.odlPassword}} appc.demo.provider.url=http://localhost:8181/restconf/operations/appc-provider -appc.provider.vfodl.url=http://admin:{{.Values.config.odlPassword}}@{{.Values.service.name}}:{{.Values.service.externalPort}}/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/sample-plugin:sample-plugin/pg-streams/ +appc.provider.vfodl.url=http://{{.Values.config.odlUser}}:{{.Values.config.odlPassword}}@{{.Values.service.name}}:{{.Values.service.externalPort}}/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/sample-plugin:sample-plugin/pg-streams/ # The properties right below are needed to properly call the Master DG to serve demo purposes appc.service.logic.module.name=APPC @@ -79,7 +79,7 @@ appc.LCM.poolMembers=message-router.{{.Release.Namespace}}:3904 appc.LCM.topic.read=APPC-LCM-READ appc.LCM.topic.write=APPC-LCM-WRITE appc.LCM.client.name=APPC-EVENT-LISTENER-TEST -appc.LCM.provider.user=admin +appc.LCM.provider.user={{.Values.config.odlUser}} appc.LCM.provider.pass={{.Values.config.odlPassword}} appc.LCM.provider.url=http://localhost:8181/restconf/operations/appc-provider-lcm appc.LCM.scopeOverlap.endpoint=http://localhost:8181/restconf/operations/interfaces-service:execute-service @@ -87,7 +87,7 @@ appc.LCM.scopeOverlap.endpoint=http://localhost:8181/restconf/operations/interfa # properties from appc-netconf-adapter-bundle, appc-dg-common, appc-dmaap-adapter-bundle poolMembers=message-router.{{.Release.Namespace}}:3904 event.pool.members=message-router.{{.Release.Namespace}}:3904 -restconf.user=admin +restconf.user={{.Values.config.odlUser}} restconf.pass={{.Values.config.odlPassword}} @@ -126,5 +126,5 @@ appc.OAM.service=ueb appc.OAM.topic.read=testOAM appc.OAM.topic.write=testOAM appc.OAM.client.name=testOAM -appc.OAM.provider.user=admin +appc.OAM.provider.user={{.Values.config.odlUser}} appc.OAM.provider.pass={{.Values.config.odlPassword}} diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties new file mode 100644 index 0000000000..7ce85c388e --- /dev/null +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties @@ -0,0 +1,57 @@ +### +# ============LICENSE_START======================================================= +# APPC +# ================================================================================ +# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### +#hostname=localhost + +cadi_loglevel=INFO + +############################################################ +# Properties Generated by AT&T Certificate Manager +# @copyright 2016, AT&T +############################################################ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile +cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12 +cadi_keystore_password=enc:4DVUTKvRCCtebQrKskDsuKFIHLzOf2M9XxNOhVIK4xb +#cadi_key_password=enc: +cadi_alias=appc@appc.onap.org +cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks +cadi_truststore_password=enc:O3Vtv5e77OQWJ_OiLC9Atj3ngyYfulRK519JYFmbKl7 + +## +## org.osaaf.location.props +## +## Localized Machine Information +## +# Almeda California ? +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +# AAF Environment Designation +aaf_env=DEV + +# OAuth2 Endpoints +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect diff --git a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg index 0bbdbb7dcd..e68057f87a 100644 --- a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg +++ b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg @@ -1,19 +1,22 @@ ################################################################################ # -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at +# ============LICENSE_START======================================================= +# ONAP : APPC +# ================================================================================ +# Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= # ################################################################################ diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index 8ecda882de..6b0373fbc8 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -98,6 +98,9 @@ spec: - mountPath: /opt/onap/appc/data/properties/aaiclient.properties name: onap-appc-data-properties subPath: aaiclient.properties + - mountPath: /opt/onap/appc/data/properties/cadi.properties + name: onap-appc-data-properties + subPath: cadi.properties - mountPath: /opt/onap/appc/data/properties/aaa-app-config.xml name: onap-appc-data-properties subPath: aaa-app-config.xml diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index d37f50b59e..d6719c1e37 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -39,8 +39,6 @@ debugEnabled: false # application configuration config: - aafExtIP: 127.0.0.1 - aafExtFQDN: aaf-onap-beijing-test.osaaf.org ansibleServiceName: appc-ansible-server ansiblePort: 8000 mariadbRootPassword: secretpassword @@ -49,13 +47,13 @@ config: mysqlDatabase: my-database mariadbGaleraSVCName: appc-dbhost mariadbGaleraContName: appc-db - enableAAF: false - enableClustering: true + enableAAF: true + enableClustering: false configDir: /opt/onap/appc/data/properties dmaapTopic: SUCCESS logstashServiceName: log-ls logstashPort: 5044 - odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + odlPassword: demo123456! openStackType: OpenStackProvider openStackName: OpenStack openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html @@ -63,6 +61,7 @@ config: openStackDomain: default openStackUserName: admin openStackEncryptedPassword: admin + odlUser: appc@appc.onap.org appc-ansible-server: service: diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 950029c7a6..fd73ae2ebb 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -33,7 +33,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:3.0.0 +image: onap/clamp-dashboard-kibana:3.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index 586132de15..cce1dec86d 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -29,7 +29,7 @@ global: # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:3.0.0 +image: onap/clamp-dashboard-logstash:3.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql index 308ec7da62..8bb0214f6e 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql @@ -129,6 +129,53 @@ CREATE TABLE clds_service_cache ( PRIMARY KEY (invariant_service_id) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; +CREATE TABLE IF NOT EXISTS tosca_model ( + tosca_model_id VARCHAR(36) NOT NULL, + tosca_model_name VARCHAR(80) NOT NULL, + policy_type VARCHAR(80) NULL, + user_id VARCHAR(80), + timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (tosca_model_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +CREATE TABLE IF NOT EXISTS tosca_model_revision ( + tosca_model_revision_id VARCHAR(36) NOT NULL, + tosca_model_id VARCHAR(36) NOT NULL, + version DOUBLE NOT NULL DEFAULT 1, + tosca_model_yaml MEDIUMTEXT NULL, + tosca_model_json MEDIUMTEXT NULL, + user_id VARCHAR(80), + createdTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + lastUpdatedTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (tosca_model_revision_id), + CONSTRAINT tosca_model_revision_ukey UNIQUE KEY (tosca_model_id, version), + CONSTRAINT tosca_model_revision_fkey01 FOREIGN KEY (tosca_model_id) REFERENCES tosca_model (tosca_model_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +CREATE TABLE IF NOT EXISTS dictionary ( + dictionary_id VARCHAR(36) NOT NULL, + dictionary_name VARCHAR(80) NOT NULL, + created_by VARCHAR(80), + modified_by VARCHAR(80), + timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (dictionary_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +CREATE TABLE IF NOT EXISTS dictionary_elements ( + dict_element_id VARCHAR(36) NOT NULL, + dictionary_id VARCHAR(36) NOT NULL, + dict_element_name VARCHAR(250) NOT NULL, + dict_element_short_name VARCHAR(80) NOT NULL, + dict_element_description VARCHAR(250), + dict_element_type VARCHAR(80) NOT NULL, + created_by VARCHAR(80), + modified_by VARCHAR(80), + timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (dict_element_id), + CONSTRAINT dictionary_elements_ukey UNIQUE KEY (dict_element_name, dict_element_short_name), + CONSTRAINT dictionary_elements_ukey_fkey01 FOREIGN KEY (dictionary_id) REFERENCES dictionary (dictionary_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + ALTER TABLE template ADD CONSTRAINT template_bpmn_id_fkey01 FOREIGN KEY (template_bpmn_id) diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql index fb131cc371..f35d9da573 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql @@ -29,6 +29,11 @@ DROP PROCEDURE IF EXISTS get_model; DROP PROCEDURE IF EXISTS get_model_template; DROP PROCEDURE IF EXISTS set_template; DROP PROCEDURE IF EXISTS get_template; +DROP PROCEDURE IF EXISTS del_model; +DROP PROCEDURE IF EXISTS set_new_tosca_model_version; +DROP PROCEDURE IF EXISTS set_tosca_model; +DROP PROCEDURE IF EXISTS set_dictionary; +DROP PROCEDURE IF EXISTS set_dictionary_elements; DELIMITER // CREATE PROCEDURE get_template (IN v_template_name VARCHAR(80), @@ -459,6 +464,77 @@ BEGIN UPDATE event SET process_instance_id = v_process_instance_id WHERE event_id = v_event_id; -END +END; +CREATE PROCEDURE del_model +(IN v_model_name VARCHAR(80)) +BEGIN + DECLARE v_model_id VARCHAR(36); + SELECT model_id INTO v_model_id from model where model_name = v_model_name; + UPDATE model set event_id = null, model_blueprint_id = null, model_prop_id = null where model_id = v_model_id; + DELETE from event where model_id = v_model_id; + DELETE from model_blueprint where model_id = v_model_id; + DELETE from model_properties where model_id = v_model_id; + DELETE from model where model_id = v_model_id; +END; + +CREATE PROCEDURE set_new_tosca_model_version + (IN v_tosca_model_id VARCHAR(36), + IN v_version DOUBLE, + IN v_tosca_model_yaml MEDIUMTEXT, + IN v_tosca_model_json MEDIUMTEXT, + IN v_user_id VARCHAR(80), + OUT v_revision_id VARCHAR(36)) +BEGIN + SET v_revision_id = UUID(); + INSERT INTO tosca_model_revision + (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id) + VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id); +END; + +CREATE PROCEDURE set_tosca_model + (IN v_tosca_model_name VARCHAR(80), + IN v_policy_type VARCHAR(80), + IN v_user_id VARCHAR(80), + IN v_tosca_model_yaml MEDIUMTEXT, + IN v_tosca_model_json MEDIUMTEXT, + IN v_version DOUBLE, + OUT v_tosca_model_id VARCHAR(36), + OUT v_revision_id VARCHAR(36)) +BEGIN + SET v_tosca_model_id = UUID(); + INSERT INTO tosca_model + (tosca_model_id, tosca_model_name, policy_type, user_id) + VALUES (v_tosca_model_id, v_tosca_model_name, v_policy_type, v_user_id); + SET v_revision_id = UUID(); + INSERT INTO tosca_model_revision + (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id) + VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id); +END; + +CREATE PROCEDURE set_dictionary + (IN v_dictionary_name VARCHAR(80), + IN v_user_id VARCHAR(80), + OUT v_dictionary_id VARCHAR(36)) +BEGIN + SET v_dictionary_id = UUID(); + INSERT INTO dictionary + (dictionary_id, dictionary_name, created_by, modified_by) + VALUES (v_dictionary_id, v_dictionary_name, v_user_id, v_user_id); +END; + +CREATE PROCEDURE set_dictionary_elements + (IN v_dictionary_id VARCHAR(36), + IN v_dict_element_name VARCHAR(250), + IN v_dict_element_short_name VARCHAR(80), + IN v_dict_element_description VARCHAR(250), + IN v_dict_element_type VARCHAR(80), + IN v_user_id VARCHAR(80), + OUT v_dict_element_id VARCHAR(36)) +BEGIN + SET v_dict_element_id = UUID(); + INSERT INTO dictionary_elements + (dict_element_id, dictionary_id, dict_element_name, dict_element_short_name, dict_element_description, dict_element_type, created_by, modified_by) + VALUES (v_dict_element_id, v_dictionary_id, v_dict_element_name, v_dict_element_short_name, v_dict_element_description, v_dict_element_type, v_user_id, v_user_id); +END; // DELIMITER ; diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql index eec9d52160..0412373d01 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql @@ -46,3 +46,9 @@ DROP TABLE template_doc; DROP TABLE template_image; DROP TABLE template_bpmn; DROP TABLE template; + +DROP TABLE dictionary_elements; +DROP TABLE dictionary; +DROP TABLE tosca_model_revision; +DROP TABLE tosca_model; + diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 3d638104f8..3609487edb 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -28,7 +28,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/clamp:3.0.0 +image: onap/clamp:3.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index b6bd8f6aa7..960d97ed52 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -143,4 +143,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} + selector: + matchLabels: + release: "{{ .Release.Name }}" {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index 54096cf5c0..4f99da1692 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -24,9 +24,9 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-externalConfig + name: {{ include "common.fullname" . }}-external-config namespace: {{ include "common.namespace" . }} data: - my_extra.cnf: |- -{{ toYaml .Values.externalConfig | indent 4 }} + my_extra.cnf: | +{{ .Values.externalConfig | indent 4 }} {{- end -}} \ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index d3bad4f5b6..7ca207f7e9 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -40,7 +40,7 @@ spec: {{- if .Values.externalConfig }} - name: config configMap: - name: {{ include "common.fullname" . }}-externalConfig + name: {{ include "common.fullname" . }}-external-config {{- end}} - name: localtime hostPath: @@ -126,4 +126,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} {{- end }} diff --git a/kubernetes/common/mongo/templates/pvc.yaml b/kubernetes/common/mongo/templates/pvc.yaml index d1558f131f..372c106800 100644 --- a/kubernetes/common/mongo/templates/pvc.yaml +++ b/kubernetes/common/mongo/templates/pvc.yaml @@ -25,6 +25,7 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} @@ -35,5 +36,8 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} storageClassName: "{{ include "common.fullname" . }}-data" {{- end -}} diff --git a/kubernetes/common/music/Chart.yaml b/kubernetes/common/music/Chart.yaml new file mode 100644 index 0000000000..680216389a --- /dev/null +++ b/kubernetes/common/music/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: MUSIC - Multi-site State Coordination Service +name: music +version: 3.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/.helmignore b/kubernetes/common/music/charts/music-cassandra-job/.helmignore similarity index 100% rename from kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/.helmignore rename to kubernetes/common/music/charts/music-cassandra-job/.helmignore diff --git a/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml b/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml new file mode 100644 index 0000000000..fd421764fa --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Cassandra Job - Run CQL Scripts after Cassandra Starts. +name: music-cassandra-job +version: 3.0.0 + diff --git a/kubernetes/common/music/charts/music-cassandra-job/resources/LICENSE.txt b/kubernetes/common/music/charts/music-cassandra-job/resources/LICENSE.txt new file mode 100644 index 0000000000..7f60913d26 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/resources/LICENSE.txt @@ -0,0 +1,13 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. \ No newline at end of file diff --git a/kubernetes/common/music/charts/music-cassandra-job/resources/cql/admin.cql b/kubernetes/common/music/charts/music-cassandra-job/resources/cql/admin.cql new file mode 100644 index 0000000000..a76d774bd3 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/resources/cql/admin.cql @@ -0,0 +1,19 @@ +CREATE KEYSPACE IF NOT EXISTS admin + WITH REPLICATION = { + 'class' : '{{.Values.cql.keyspace.replicationClass}}', + 'replication_factor': {{.Values.cql.keyspace.replicationFactor}} + } + AND DURABLE_WRITES = true; + +CREATE TABLE IF NOT EXISTS admin.keyspace_master ( + uuid uuid, + keyspace_name text, + application_name text, + is_api boolean, + password text, + username text, + is_aaf boolean, + PRIMARY KEY (uuid) +); + +describe keyspaces; diff --git a/kubernetes/common/music/charts/music-cassandra-job/resources/cql/admin_pw.cql b/kubernetes/common/music/charts/music-cassandra-job/resources/cql/admin_pw.cql new file mode 100644 index 0000000000..24f2ad77f7 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/resources/cql/admin_pw.cql @@ -0,0 +1,8 @@ +CREATE ROLE IF NOT EXISTS {{.Values.cql.adminUser.username}} +WITH PASSWORD = '{{.Values.cql.adminUser.password}}' +AND SUPERUSER = true +AND LOGIN = true; + +ALTER ROLE cassandra +WITH PASSWORD = '{{.Values.cql.adminUser.passwordReplace}}'; + diff --git a/kubernetes/common/music/charts/music-cassandra-job/resources/cql/extra/check.cql b/kubernetes/common/music/charts/music-cassandra-job/resources/cql/extra/check.cql new file mode 100644 index 0000000000..a516be857b --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/resources/cql/extra/check.cql @@ -0,0 +1,23 @@ +CREATE KEYSPACE testks + WITH REPLICATION = { + 'class' : '{{.Values.cql.keyspace.replicationClass}}', + 'replication_factor': {{.Values.cql.keyspace.replicationFactor}} + } + AND DURABLE_WRITES = true; + +CREATE TABLE testks.keyspace_master_table ( + uuid uuid, + keyspace_name text, + application_name text, + is_api boolean, + password text, + username text, + is_aaf boolean, + PRIMARY KEY (uuid) +); + +DESCRIBE KEYSPACES; +DESCRIBE keyspace testks; +SELECT * FROM system_auth.roles; +DROP keyspace testks; + diff --git a/kubernetes/common/music/charts/music-cassandra-job/templates/configmap.yaml b/kubernetes/common/music/charts/music-cassandra-job/templates/configmap.yaml new file mode 100755 index 0000000000..011dccda25 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/templates/configmap.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-cql + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/cql/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/common/music/charts/music-cassandra-job/templates/configmap_extra.yaml b/kubernetes/common/music/charts/music-cassandra-job/templates/configmap_extra.yaml new file mode 100755 index 0000000000..72733b3088 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/templates/configmap_extra.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-extra-cql + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/cql/extra/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml new file mode 100644 index 0000000000..6ec282e44e --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml @@ -0,0 +1,88 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - music-cassandra + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }}-update-job + image: "{{ .Values.global.repository }}/{{ .Values.job.cassandra.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: CASS_HOSTNAME + value: "{{ .Values.job.host }}" + - name: USERNAME + value: "{{ .Values.cql.adminUser.username }}" + - name: PORT + value: "{{ .Values.job.port }}" + - name: PASSWORD + value: "{{ .Values.cql.adminUser.password }}" + - name: TIMEOUT + value: "{{ .Values.job.timeout }}" + - name: DELAY + value: "{{ .Values.job.delay }}" + volumeMounts: + # Admin cql Files that setup Admin Keyspace and Change Admin user. + - name: {{ include "common.name" . }}-cql + mountPath: /cql/admin.cql + subPath: admin.cql + - name: {{ include "common.name" . }}-cql + mountPath: /cql/admin_pw.cql + subPath: admin_pw.cql + # This is where Apps or MISC will put any of their own startup cql scripts. + - name: {{ include "common.name" . }}-extra-cql + mountPath: /cql/extra + volumes: + - name: {{ include "common.name" . }}-cql + configMap: + name: {{ include "common.fullname" . }}-cql + - name: {{ include "common.name" . }}-extra-cql + configMap: + name: {{ include "common.fullname" . }}-extra-cql + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/common/music/charts/music-cassandra-job/values.yaml b/kubernetes/common/music/charts/music-cassandra-job/values.yaml new file mode 100644 index 0000000000..5d9b564abf --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra-job/values.yaml @@ -0,0 +1,70 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for cassandra. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: + pullPolicy: Always + repository: nexus3.onap.org:10001 + + # readiness check + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + + # logging agent + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + + replicaCount: 3 + +job: + host: music-cassandra + port: 9042 + busybox: + image: library/busybox:latest + cassandra: + image: onap/music/cassandra_job:3.0.23 + timeout: 30 + delay: 120 +cql: + keyspace: + replicationClass: "SimpleStrategy" + replicationFactor: 3 + adminUser: + username: nelson24 + password: nelson24 + passwordReplace: A2C4E6G8I0J2L4O6Q8S0U2W4Y6 + +podManagementPolicy: OrderedReady +updateStrategy: + type: OnDelete + +ingress: + enabled: false + +tolerations: [] + +affinity: {} + +persistence: + enabled: true + +resources: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi diff --git a/kubernetes/common/music/charts/music-cassandra/.helmignore b/kubernetes/common/music/charts/music-cassandra/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/common/music/charts/music-cassandra/Chart.yaml b/kubernetes/common/music/charts/music-cassandra/Chart.yaml new file mode 100644 index 0000000000..7aae51ac98 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP - Cassandra Database +name: music-cassandra +version: 3.0.0 + diff --git a/kubernetes/common/music/charts/music-cassandra/requirements.yaml b/kubernetes/common/music/charts/music-cassandra/requirements.yaml new file mode 100644 index 0000000000..a22007c38a --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/common/music/charts/music-cassandra/templates/service.yaml b/kubernetes/common/music/charts/music-cassandra/templates/service.yaml new file mode 100644 index 0000000000..818c70e8f3 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/templates/service.yaml @@ -0,0 +1,54 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" +spec: + type: {{ .Values.service.type }} + # Not working, open k8s bug: https://github.com/kubernetes/kubernetes/issues/58662 + publishNotReadyAddresses: true + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName3 }} + - port: {{ .Values.service.internalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName3 }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + - port: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml new file mode 100644 index 0000000000..009c40dbcc --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ .Chart.Name }} + topologyKey: kubernetes.io/hostname + serviceName: {{ include "common.servicename" . }} + replicas: {{ .Values.replicaCount }} + podManagementPolicy: {{ .Values.podManagementPolicy }} + updateStrategy: + type: {{ .Values.updateStrategy.type }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository }}/{{ .Values.image.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ .Values.service.internalPort3 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.liveness.periodSeconds }} + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"] + env: + {{- $seed_size := default 1 .Values.replicaCount | int -}} + {{- $global := . }} + - name: MAX_HEAP_SIZE + value: {{ .Values.config.heap.max }} + - name: HEAP_NEWSIZE + value: {{ .Values.config.heap.min }} + - name: CASSANDRA_SEEDS + value: "{{- range $i, $e := until $seed_size }}{{ template "common.fullname" $global }}-{{ $i }}.{{ include "common.servicename" $global }}{{- if (lt ( add 1 $i ) $seed_size ) }},{{- end }}{{- end }}" + - name: JVM_OPTS + value: {{ .Values.config.jvmOpts | quote }} + - name: CASSANDRA_CLUSTER_NAME + value: {{ .Values.config.clusterName | quote }} + - name: CASSANDRA_DC + value: {{ .Values.config.dataCenter | quote }} + - name: CASSANDRA_RACK + value: {{ .Values.config.rackName | quote }} + - name: CASSANDRA_AUTO_BOOTSTRAP + value: {{ .Values.config.autoBootstrap | quote }} + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: {{ template "common.name" . }}-data + mountPath: /var/lib/cassandra + resources: +{{ toYaml .Values.resources | indent 10 }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + {{- if not .Values.persistence.enabled }} + - name: {{ template "common.name" . }}-data + emptyDir: {} + {{- else }} + volumeClaimTemplates: + - metadata: + name: {{ template "common.name" . }}-data + labels: + app: {{ template "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} + spec: + storageClassName: {{ .Values.persistence.storageClass }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + selector: + matchLabels: + release: "{{ .Release.Name }}" + {{- end }} diff --git a/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml b/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml new file mode 100644 index 0000000000..83e7e189b5 --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml @@ -0,0 +1,52 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ if .Values.persistence.enabled }} +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} + labels: + type: {{ $root.Values.persistence.storageType }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} +spec: + capacity: + storage: {{ $root.Values.persistence.size }} + accessModes: + - {{ $root.Values.persistence.accessMode }} + hostPath: + path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}} + persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - "{{ $root.Chart.Name }}" + topologyKey: kubernetes.io/hostname +{{ end }} +{{ end }} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml similarity index 51% rename from kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/values.yaml rename to kubernetes/common/music/charts/music-cassandra/values.yaml index 38d2d18eb2..2c75c58fa1 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra/values.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,53 +12,62 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Default values for mariadb. # This is a YAML-formatted file. # Declare variables to be passed into your templates. -global: # global defaults +global: nodePortPrefix: 302 - persistence: {} + pullPolicy: Always + repository: nexus3.onap.org:10001 -# application image -repository: nexus3.onap.org:10001 -image: onap/music/cassandra_music:3.0.0 -pullPolicy: Always + # readiness check + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 -# application configuration -config: - cassandraUsername: root - cassandraPassword: Aa123456 + # logging agent + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 -# default number of instances -replicaCount: 1 +replicaCount: 3 -nodeSelector: {} +# Cassandra Image - This image is modified from the original on +# Docker Hub where the Security has been turned on. +# When logging into DB the default username and password are 'cassandra' +# kubectl exec -it -n cqlsh -u cassandra -p cassandra +image: + image: onap/music/cassandra_3_11:3.0.23 + pullPolicy: Always -affinity: {} +# Cassandra ENV configuration +config: + heap: + max: 512M + min: 100M + jvmOpts: -Dcassandra.consistent.rangemovement=false + clusterName: music-cluster + dataCenter: onap-1 + rackName: Rack1 + autoBootstrap: true + ports: + cql: 9042 + thrift: 9160 + # If a JVM Agent is in place + # agent: 61621 + +service: + expose: true + type: ClusterIP + name: music-cassandra + internalPort: 9042 + portName: cql + internalPort2: 9160 + portName2: thrift + internalPort3: 61621 + portName3: agent -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - memory: 16Gi - cpu: 8000m - requests: - memory: 8Gi - cpu: 4000m - large: - limits: - memory: 32Gi - cpu: 16000m - requests: - memory: 16Gi - cpu: 8000m - unlimited: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container @@ -69,7 +77,15 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 -## Persist data to a persitent volume +podManagementPolicy: OrderedReady +updateStrategy: + type: OnDelete + +ingress: + enabled: false + +tolerations: [] + persistence: enabled: true @@ -86,25 +102,18 @@ persistence: ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## - # storageClass: "-" - accessMode: ReadWriteMany + ## storageClass: "-" + accessMode: ReadWriteOnce size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: oof/cassandra/data -service: - type: ClusterIP - name: oof-has-cassandra - portName: oof-has-cassandra - externalPort: 9160 - internalPort: 9160 - externalPort2: 7000 - internalPort2: 7000 - externalPort3: 7001 - internalPort3: 7001 - externalPort4: 7199 - internalPort4: 7199 - externalPort5: 9042 - internalPort5: 9042 + mountPath: /dockerdata-nfs/ + mountSubPath: common/cassandra/data + storageType: local + storageClass: "" -ingress: - enabled: false +resources: + limits: + cpu: 4 + memory: 8Gi + requests: + cpu: 2 + memory: 4Gi diff --git a/kubernetes/common/music/charts/music-tomcat/Chart.yaml b/kubernetes/common/music/charts/music-tomcat/Chart.yaml new file mode 100755 index 0000000000..d0fdc6088c --- /dev/null +++ b/kubernetes/common/music/charts/music-tomcat/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP - MUSIC Tomcat Container +name: music-tomcat +version: 3.0.0 diff --git a/kubernetes/common/music/charts/music-tomcat/requirements.yaml b/kubernetes/common/music/charts/music-tomcat/requirements.yaml new file mode 100755 index 0000000000..28352e407c --- /dev/null +++ b/kubernetes/common/music/charts/music-tomcat/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/common/music/charts/music-tomcat/resources/config/music.properties b/kubernetes/common/music/charts/music-tomcat/resources/config/music.properties new file mode 100755 index 0000000000..b977ca58ee --- /dev/null +++ b/kubernetes/common/music/charts/music-tomcat/resources/config/music.properties @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +my.public.ip=localhost +all.public.ips=localhost +my.id=0 +all.ids=0 +### Host Info ### +zookeeper.host={{.Values.properties.zookeeperHost}} +cassandra.host={{.Values.properties.cassandraHost}} +### User Info ### +cassandra.user={{.Values.properties.cassandraUser}} +cassandra.password={{.Values.properties.cassandraPassword}} +### AAF Endpoint ### +aaf.endpoint.url={{.Values.properties.aafEndpointUrl}} +### Admin API ### +# AAF UAT +aaf.admin.url={{.Values.properties.aafAdminUrl}} +# AAF PROD +admin.aaf.role={{.Values.properties.adminAafRole}} +music.namespace={{.Values.properties.musicNamespace}} diff --git a/kubernetes/common/music/charts/music-tomcat/templates/configmap.yaml b/kubernetes/common/music/charts/music-tomcat/templates/configmap.yaml new file mode 100755 index 0000000000..15859345e8 --- /dev/null +++ b/kubernetes/common/music/charts/music-tomcat/templates/configmap.yaml @@ -0,0 +1,23 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/deployment.yaml b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml old mode 100644 new mode 100755 similarity index 63% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/deployment.yaml rename to kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml index 9dc160f2fa..2e04b15561 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml @@ -1,5 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: extensions/v1beta1 kind: Deployment @@ -32,22 +33,48 @@ spec: release: {{ .Release.Name }} spec: initContainers: + - name: {{ include "common.name" . }}-zookeeper-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - zookeeper + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-cassandra-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-music-cassandra-job-config" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace # War Container - - name: "{{ include "common.name" . }}-war" - image: "{{ include "common.repository" . }}/{{ .Values.warImage }}" #" - command: ["cp","/app/MUSIC.war","/webapps"] - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - volumeMounts: - - mountPath: /webapps - name: shared-data + - name: "{{ .Chart.Name }}-war" + image: "{{ include "common.repository" . }}/{{ .Values.warImage }}" + command: ["cp","/app/MUSIC.war","/webapps"] + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + volumeMounts: + - mountPath: /webapps + name: shared-data containers: # Tomcat Container - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" #" + - name: "{{ include "common.name" . }}" + image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -73,9 +100,8 @@ spec: - name: properties-music mountPath: /opt/app/music/etc/music.properties subPath: music.properties - - name: properties-music - mountPath: /opt/app/music/startup.sh - subPath: startup.sh + resources: +{{ toYaml .Values.resources | indent 10 }} volumes: - name: shared-data emptyDir: {} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/service.yaml b/kubernetes/common/music/charts/music-tomcat/templates/service.yaml old mode 100644 new mode 100755 similarity index 78% rename from kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/service.yaml rename to kubernetes/common/music/charts/music-tomcat/templates/service.yaml index f2eed43608..f6a086cc99 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/service.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/service.yaml @@ -1,5 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service @@ -23,17 +24,19 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} + annotations: spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.externalPort }} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - {{- end}} name: {{ .Values.service.portName }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/kubernetes/common/music/charts/music-tomcat/values.yaml b/kubernetes/common/music/charts/music-tomcat/values.yaml new file mode 100755 index 0000000000..5527800e41 --- /dev/null +++ b/kubernetes/common/music/charts/music-tomcat/values.yaml @@ -0,0 +1,103 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + repository: nexus3.onap.org:10001 + + # readiness check + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + + # logging agent + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: library/tomcat:8.5 +pullPolicy: Always +warImage: onap/music/music:3.0.23 + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + usernameCassandra: cassandra1 + passwordCassandra: cassandra1 + +# default number of instances +replicaCount: 3 + +job: + host: cassandra + port: 9042 + busybox: + image: library/busybox:latest + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: music-tomcat + externalPort: 8080 + internalPort: 8080 + nodePort: 76 + portName: tomcat +ingress: + enabled: false + +#resources: {} +resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 1Gi + + +properties: + zookeeperHost: zookeeper + cassandraHost: music-cassandra + cassandraUser: nelson24 + cassandraPassword: nelson24 + + # Admin API + # ONAP AAF + aafAdminUrl: + diff --git a/kubernetes/common/music/charts/zookeeper/.helmignore b/kubernetes/common/music/charts/zookeeper/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/common/music/charts/zookeeper/Chart.yaml b/kubernetes/common/music/charts/zookeeper/Chart.yaml new file mode 100644 index 0000000000..01e81736f6 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/Chart.yaml @@ -0,0 +1,15 @@ +name: zookeeper +home: https://zookeeper.apache.org/ +version: 1.0.2 +appVersion: 3.4.10 +description: Centralized service for maintaining configuration information, naming, + providing distributed synchronization, and providing group services. +icon: https://zookeeper.apache.org/images/zookeeper_small.gif +sources: +- https://github.com/apache/zookeeper +- https://github.com/kubernetes/contrib/tree/master/statefulsets/zookeeper +maintainers: +- name: lachie83 + email: lachlan.evenson@microsoft.com +- name: kow3ns + email: owensk@google.com diff --git a/kubernetes/common/music/charts/zookeeper/OWNERS b/kubernetes/common/music/charts/zookeeper/OWNERS new file mode 100644 index 0000000000..dd9facde2a --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/OWNERS @@ -0,0 +1,6 @@ +approvers: +- lachie83 +- kow3ns +reviewers: +- lachie83 +- kow3ns diff --git a/kubernetes/common/music/charts/zookeeper/README.md b/kubernetes/common/music/charts/zookeeper/README.md new file mode 100644 index 0000000000..22bbac49dc --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/README.md @@ -0,0 +1,140 @@ +# incubator/zookeeper + +This helm chart provides an implementation of the ZooKeeper [StatefulSet](http://kubernetes.io/docs/concepts/abstractions/controllers/statefulsets/) found in Kubernetes Contrib [Zookeeper StatefulSet](https://github.com/kubernetes/contrib/tree/master/statefulsets/zookeeper). + +## Prerequisites +* Kubernetes 1.6+ +* PersistentVolume support on the underlying infrastructure +* A dynamic provisioner for the PersistentVolumes +* A familiarity with [Apache ZooKeeper 3.4.x](https://zookeeper.apache.org/doc/current/) + +## Chart Components +This chart will do the following: + +* Create a fixed size ZooKeeper ensemble using a [StatefulSet](http://kubernetes.io/docs/concepts/abstractions/controllers/statefulsets/). +* Create a [PodDisruptionBudget](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-disruption-budget/) so kubectl drain will respect the Quorum size of the ensemble. +* Create a [Headless Service](https://kubernetes.io/docs/concepts/services-networking/service/) to control the domain of the ZooKeeper ensemble. +* Create a Service configured to connect to the available ZooKeeper instance on the configured client port. +* Optionally apply a [Pod Anti-Affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity-beta-feature) to spread the ZooKeeper ensemble across nodes. +* Optionally start JMX Exporter and Zookeeper Exporter containers inside Zookeeper pods. +* Optionally create a job which creates Zookeeper chroots (e.g. `/kafka1`). + +## Installing the Chart +You can install the chart with the release name `zookeeper` as below. + +```console +$ helm repo add incubator http://storage.googleapis.com/kubernetes-charts-incubator +$ helm install --name zookeeper incubator/zookeeper +``` + +If you do not specify a name, helm will select a name for you. + +### Installed Components +You can use `kubectl get` to view all of the installed components. + +```console{%raw} +$ kubectl get all -l app=zookeeper +NAME: zookeeper +LAST DEPLOYED: Wed Apr 11 17:09:48 2018 +NAMESPACE: default +STATUS: DEPLOYED + +RESOURCES: +==> v1beta1/PodDisruptionBudget +NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE +zookeeper N/A 1 1 2m + +==> v1/Service +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +zookeeper-headless ClusterIP None 2181/TCP,3888/TCP,2888/TCP 2m +zookeeper ClusterIP 10.98.179.165 2181/TCP 2m + +==> v1beta1/StatefulSet +NAME DESIRED CURRENT AGE +zookeeper 3 3 2m +``` + +1. `statefulsets/zookeeper` is the StatefulSet created by the chart. +1. `po/zookeeper-<0|1|2>` are the Pods created by the StatefulSet. Each Pod has a single container running a ZooKeeper server. +1. `svc/zookeeper-headless` is the Headless Service used to control the network domain of the ZooKeeper ensemble. +1. `svc/zookeeper` is a Service that can be used by clients to connect to an available ZooKeeper server. + +## Configuration +You can specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +$ helm install --name my-release -f values.yaml incubator/zookeeper +``` + +## Default Values + +- You can find all user-configurable settings, their defaults and commentary about them in [values.yaml](values.yaml). + +## Deep Dive + +## Image Details +The image used for this chart is based on Ubuntu 16.04 LTS. This image is larger than Alpine or BusyBox, but it provides glibc, rather than ulibc or mucl, and a JVM release that is built against it. You can easily convert this chart to run against a smaller image with a JVM that is built against that image's libc. However, as far as we know, no Hadoop vendor supports, or has verified, ZooKeeper running on such a JVM. + +## JVM Details +The Java Virtual Machine used for this chart is the OpenJDK JVM 8u111 JRE (headless). + +## ZooKeeper Details +The ZooKeeper version is the latest stable version (3.4.10). The distribution is installed into /opt/zookeeper-3.4.10. This directory is symbolically linked to /opt/zookeeper. Symlinks are created to simulate a rpm installation into /usr. + +## Failover +You can test failover by killing the leader. Insert a key: +```console +$ kubectl exec zookeeper-0 -- /opt/zookeeper/bin/zkCli.sh create /foo bar; +$ kubectl exec zookeeper-2 -- /opt/zookeeper/bin/zkCli.sh get /foo; +``` + +Watch existing members: +```console +$ kubectl run --attach bbox --image=busybox --restart=Never -- sh -c 'while true; do for i in 0 1 2; do echo zk-${i} $(echo stats | nc -${i}.:2181 | grep Mode); sleep 1; done; done'; + +zk-2 Mode: follower +zk-0 Mode: follower +zk-1 Mode: leader +zk-2 Mode: follower +``` + +Delete Pods and wait for the StatefulSet controller to bring them back up: +```console +$ kubectl delete po -l app=zookeeper +$ kubectl get po --watch-only +NAME READY STATUS RESTARTS AGE +zookeeper-0 0/1 Running 0 35s +zookeeper-0 1/1 Running 0 50s +zookeeper-1 0/1 Pending 0 0s +zookeeper-1 0/1 Pending 0 0s +zookeeper-1 0/1 ContainerCreating 0 0s +zookeeper-1 0/1 Running 0 19s +zookeeper-1 1/1 Running 0 40s +zookeeper-2 0/1 Pending 0 0s +zookeeper-2 0/1 Pending 0 0s +zookeeper-2 0/1 ContainerCreating 0 0s +zookeeper-2 0/1 Running 0 19s +zookeeper-2 1/1 Running 0 41s +``` + +Check the previously inserted key: +```console +$ kubectl exec zookeeper-1 -- /opt/zookeeper/bin/zkCli.sh get /foo +ionid = 0x354887858e80035, negotiated timeout = 30000 + +WATCHER:: + +WatchedEvent state:SyncConnected type:None path:null +bar +``` + +## Scaling +ZooKeeper can not be safely scaled in versions prior to 3.5.x. This chart currently uses 3.4.x. There are manual procedures for scaling a 3.4.x ensemble, but as noted in the [ZooKeeper 3.5.2 documentation](https://zookeeper.apache.org/doc/r3.5.2-alpha/zookeeperReconfig.html) these procedures require a rolling restart, are known to be error prone, and often result in a data loss. + +While ZooKeeper 3.5.x does allow for dynamic ensemble reconfiguration (including scaling membership), the current status of the release is still alpha, and 3.5.x is therefore not recommended for production use. + +## Limitations +* StatefulSet and PodDisruptionBudget are beta resources. +* Only supports storage options that have backends for persistent volume claims. diff --git a/kubernetes/common/music/charts/zookeeper/templates/NOTES.txt b/kubernetes/common/music/charts/zookeeper/templates/NOTES.txt new file mode 100644 index 0000000000..4f7a27bd99 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/NOTES.txt @@ -0,0 +1,7 @@ +Thank you for installing ZooKeeper on your Kubernetes cluster. More information +about ZooKeeper can be found at https://zookeeper.apache.org/doc/current/ + +Your connection string should look like: + {{ template "common.fullname" . }}-0.{{ template "common.fullname" . }}-headless:{{ .Values.service.ports.client.port }},{{ template "common.fullname" . }}-1.{{ template "common.fullname" . }}-headless:{{ .Values.service.ports.client.port }},... + +You can also use the client service {{ template "common.fullname" . }}:{{ .Values.service.ports.client.port }} to connect to an available ZooKeeper server. diff --git a/kubernetes/common/music/charts/zookeeper/templates/_helpers.tpl b/kubernetes/common/music/charts/zookeeper/templates/_helpers.tpl new file mode 100644 index 0000000000..1ef5353fa1 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "common.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "common.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "zookeeper.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml b/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml new file mode 100644 index 0000000000..aeb9a2c031 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml @@ -0,0 +1,19 @@ +{{- if .Values.exporters.jmx.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-jmx-exporter + labels: + app: {{ template "common.name" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.yml: |- + hostPort: 127.0.0.1:{{ .Values.env.JMXPORT }} + lowercaseOutputName: {{ .Values.exporters.jmx.config.lowercaseOutputName }} + rules: +{{ .Values.exporters.jmx.config.rules | toYaml | indent 6 }} + ssl: false + startDelaySeconds: {{ .Values.exporters.jmx.config.startDelaySeconds }} +{{- end }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml b/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml new file mode 100644 index 0000000000..38592ddeac --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml @@ -0,0 +1,62 @@ +{{- if .Values.jobs.chroots.enabled }} +{{- $root := . }} +{{- $job := .Values.jobs.chroots }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "common.fullname" . }}-chroots + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded + labels: + app: {{ template "common.name" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: jobs + job: chroots +spec: + activeDeadlineSeconds: {{ $job.activeDeadlineSeconds }} + backoffLimit: {{ $job.backoffLimit }} + completions: {{ $job.completions }} + parallelism: {{ $job.parallelism }} + template: + metadata: + labels: + app: {{ template "common.name" . }} + release: {{ .Release.Name }} + component: jobs + job: chroots + spec: + restartPolicy: {{ $job.restartPolicy }} + containers: + - name: main + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /bin/bash + - -o + - pipefail + - -euc + {{- $port := .Values.service.ports.client.port }} + - > + sleep 15; + export SERVER={{ template "common.fullname" $root }}:{{ $port }}; + {{- range $job.config.create }} + echo '==> {{ . }}'; + echo '====> Create chroot if does not exist.'; + zkCli.sh -server {{ template "common.fullname" $root }}:{{ $port }} get {{ . }} 2>&1 >/dev/null | grep 'cZxid' + || zkCli.sh -server {{ template "common.fullname" $root }}:{{ $port }} create {{ . }} ""; + echo '====> Confirm chroot exists.'; + zkCli.sh -server {{ template "common.fullname" $root }}:{{ $port }} get {{ . }} 2>&1 >/dev/null | grep 'cZxid'; + echo '====> Chroot exists.'; + {{- end }} + env: + {{- range $key, $value := $job.env }} + - name: {{ $key | upper | replace "." "_" }} + value: {{ $value | quote }} + {{- end }} + resources: +{{ toYaml $job.resources | indent 12 }} +{{- end -}} diff --git a/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000000..7a9f3fe105 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml @@ -0,0 +1,17 @@ +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "common.fullname" . }} + labels: + app: {{ template "common.name" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: server +spec: + selector: + matchLabels: + app: {{ template "common.name" . }} + release: {{ .Release.Name }} + component: server +{{ toYaml .Values.podDisruptionBudget | indent 2 }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml b/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml new file mode 100644 index 0000000000..70ebf6013e --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "common.fullname" . }}-headless + labels: + app: {{ template "common.name" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + clusterIP: None + ports: +{{- range $key, $port := .Values.ports }} + - name: {{ $key }} + port: {{ $port.containerPort }} + targetPort: {{ $port.name }} + protocol: {{ $port.protocol }} +{{- end }} + selector: + app: {{ template "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/service.yaml b/kubernetes/common/music/charts/zookeeper/templates/service.yaml new file mode 100644 index 0000000000..6ac3066ecf --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + labels: + app: {{ template "common.name" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +{{- with .Values.service.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + {{- range $key, $value := .Values.service.ports }} + - name: {{ $key }} +{{ toYaml $value | indent 6 }} + {{- end }} + selector: + app: {{ template "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml new file mode 100644 index 0000000000..135b59e2b6 --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml @@ -0,0 +1,191 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ template "common.fullname" . }} + labels: + app: {{ template "common.name" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: server +spec: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - "{{ .Chart.Name }}" + serviceName: {{ template "common.fullname" . }}-headless + replicas: {{ .Values.replicaCount }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + selector: + matchLabels: + app: {{ template "common.name" . }} + release: {{ .Release.Name }} + component: server + updateStrategy: +{{ toYaml .Values.updateStrategy | indent 4 }} + template: + metadata: + labels: + app: {{ template "common.name" . }} + release: {{ .Release.Name }} + component: server + {{- if .Values.podLabels }} + ## Custom pod labels + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + annotations: + {{- if .Values.podAnnotations }} + ## Custom pod annotations + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + spec: +{{- if .Values.schedulerName }} + schedulerName: "{{ .Values.schedulerName }}" +{{- end }} + securityContext: +{{ toYaml .Values.securityContext | indent 8 }} + containers: + + - name: zookeeper + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /bin/bash + - -xec + - zkGenConfig.sh && exec zkServer.sh start-foreground + ports: +{{- range $key, $port := .Values.ports }} + - name: {{ $key }} +{{ toYaml $port | indent 14 }} +{{- end }} + livenessProbe: +{{ toYaml .Values.livenessProbe | indent 12 }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 12 }} + env: + - name: ZK_REPLICAS + value: {{ .Values.replicaCount | quote }} + {{- range $key, $value := .Values.env }} + - name: {{ $key | upper | replace "." "_" }} + value: {{ $value | quote }} + {{- end }} + resources: +{{ include "common.resources" . }} + volumeMounts: + - name: zookeeper-data + mountPath: /var/lib/zookeeper + +{{- if .Values.exporters.jmx.enabled }} + - name: jmx-exporter + image: "{{ .Values.exporters.jmx.image.repository }}:{{ .Values.exporters.jmx.image.tag }}" + imagePullPolicy: {{ .Values.exporters.jmx.image.pullPolicy }} + ports: + {{- range $key, $port := .Values.exporters.jmx.ports }} + - name: {{ $key }} +{{ toYaml $port | indent 14 }} + {{- end }} + livenessProbe: +{{ toYaml .Values.exporters.jmx.livenessProbe | indent 12 }} + readinessProbe: +{{ toYaml .Values.exporters.jmx.readinessProbe | indent 12 }} + env: + - name: SERVICE_PORT + value: {{ .Values.exporters.jmx.ports.jmxxp.containerPort | quote }} + {{- with .Values.exporters.jmx.env }} + {{- range $key, $value := . }} + - name: {{ $key | upper | replace "." "_" }} + value: {{ $value | quote }} + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.exporters.jmx.resources | indent 12 }} + volumeMounts: + - name: config-jmx-exporter + mountPath: /opt/jmx_exporter/config.yml + subPath: config.yml +{{- end }} + +{{- if .Values.exporters.zookeeper.enabled }} + - name: zookeeper-exporter + image: "{{ .Values.exporters.zookeeper.image.repository }}:{{ .Values.exporters.zookeeper.image.tag }}" + imagePullPolicy: {{ .Values.exporters.zookeeper.image.pullPolicy }} + args: + - -bind-addr=:{{ .Values.exporters.zookeeper.ports.zookeeperxp.containerPort }} + - -metrics-path={{ .Values.exporters.zookeeper.path }} + - -zookeeper=localhost:{{ .Values.ports.client.containerPort }} + - -log-level={{ .Values.exporters.zookeeper.config.logLevel }} + - -reset-on-scrape={{ .Values.exporters.zookeeper.config.resetOnScrape }} + ports: + {{- range $key, $port := .Values.exporters.zookeeper.ports }} + - name: {{ $key }} +{{ toYaml $port | indent 14 }} + {{- end }} + livenessProbe: +{{ toYaml .Values.exporters.zookeeper.livenessProbe | indent 12 }} + readinessProbe: +{{ toYaml .Values.exporters.zookeeper.readinessProbe | indent 12 }} + env: + {{- range $key, $value := .Values.exporters.zookeeper.env }} + - name: {{ $key | upper | replace "." "_" }} + value: {{ $value | quote }} + {{- end }} + resources: +{{ toYaml .Values.exporters.zookeeper.resources | indent 12 }} +{{- end }} + + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if (or .Values.exporters.jmx.enabled (not .Values.persistence.enabled)) }} + volumes: + {{- if .Values.exporters.jmx.enabled }} + - name: config-jmx-exporter + configMap: + name: {{ .Release.Name }}-jmx-exporter + {{- end }} + {{- if not .Values.persistence.enabled }} + - name: zookeeper-data + emptyDir: {} + {{- end }} + {{- end }} + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: zookeeper-data + labels: + app: {{ .Chart.Name }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} + spec: + storageClassName: {{ .Values.persistence.storageClass }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + selector: + matchLabels: + release: "{{ .Release.Name }}" + {{- end }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml b/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml new file mode 100644 index 0000000000..b0c05fdbfd --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml @@ -0,0 +1,25 @@ +{{ if .Values.persistence.enabled }} +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} + labels: + type: {{ $root.Values.persistence.storageType }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} +spec: + capacity: + storage: {{ $root.Values.persistence.size }} + accessModes: + - {{ $root.Values.persistence.accessMode }} + hostPath: + path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}} + persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} +{{ end }} +{{ end }} diff --git a/kubernetes/common/music/charts/zookeeper/values.yaml b/kubernetes/common/music/charts/zookeeper/values.yaml new file mode 100644 index 0000000000..ea02e6151e --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/values.yaml @@ -0,0 +1,284 @@ +## As weighted quorums are not supported, it is imperative that an odd number of replicas +## be chosen. Moreover, the number of replicas should be either 1, 3, 5, or 7. +## +## ref: https://github.com/kubernetes/contrib/tree/master/statefulsets/zookeeper#stateful-set +replicaCount: 3 # Desired quantity of ZooKeeper pods. This should always be (1,3,5, or 7) + +podDisruptionBudget: + maxUnavailable: 1 # Limits how many Zokeeper pods may be unavailable due to voluntary disruptions. + +terminationGracePeriodSeconds: 1800 # Duration in seconds a Zokeeper pod needs to terminate gracefully. + +## OnDelete requires you to manually delete each pod when making updates. +## This approach is at the moment safer than RollingUpdate because replication +## may be incomplete when replication source pod is killed. +## +## ref: http://blog.kubernetes.io/2017/09/kubernetes-statefulsets-daemonsets.html +updateStrategy: + type: OnDelete # Pods will only be created when you manually delete old pods. + +## refs: +## - https://github.com/kubernetes/contrib/tree/master/statefulsets/zookeeper +## - https://github.com/kubernetes/contrib/blob/master/statefulsets/zookeeper/Makefile#L1 +image: + #repository: nexus3.onap.org:10001/library/zookeeper + #tag: 3.3 + repository: gcr.io/google_samples/k8szk # Container image repository for zookeeper container. + tag: v3 # Container image tag for zookeeper container. + pullPolicy: IfNotPresent # Image pull criteria for zookeeper container. + +service: + name: zookeeper + type: ClusterIP # Exposes zookeeper on a cluster-internal IP. + annotations: {} # Arbitrary non-identifying metadata for zookeeper service. + ## AWS example for use with LoadBalancer service type. + # external-dns.alpha.kubernetes.io/hostname: zookeeper.cluster.local + # service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true" + # service.beta.kubernetes.io/aws-load-balancer-internal: "true" + ports: + client: + port: 2181 # Service port number for client port. + targetPort: client # Service target port for client port. + protocol: TCP # Service port protocol for client port. + + +ports: + client: + containerPort: 2181 # Port number for zookeeper container client port. + protocol: TCP # Protocol for zookeeper container client port. + election: + containerPort: 3888 # Port number for zookeeper container election port. + protocol: TCP # Protocol for zookeeper container election port. + server: + containerPort: 2888 # Port number for zookeeper container server port. + protocol: TCP # Protocol for zookeeper container server port. + +# Resource Limit flavor -By Default using small +flavor: large +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 500m + memory: 500Mi + large: + limits: + cpu: 3 + memory: 2Gi + requests: + cpu: 2 + memory: 1Gi + unlimited: {} + +nodeSelector: {} # Node label-values required to run zookeeper pods. + +tolerations: [] # Node taint overrides for zookeeper pods. + +affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods. +affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + release: zookeeper + +podAnnotations: {} # Arbitrary non-identifying metadata for zookeeper pods. + +podLabels: {} # Key/value pairs that are attached to zookeeper pods. + +livenessProbe: + exec: + command: + - zkOk.sh + initialDelaySeconds: 20 + +readinessProbe: + exec: + command: + - zkOk.sh + initialDelaySeconds: 20 + +securityContext: + fsGroup: 1000 + #runAsUser: 1000 + +persistence: + enabled: true + ## zookeeper data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountPath: /dockerdata-nfs + mountSubPath: music/zookeeper + storageType: local + storageClass: "" + size: 4Gi + +## Exporters query apps for metrics and make those metrics available for +## Prometheus to scrape. +exporters: + + jmx: + enabled: false + image: + repository: sscaling/jmx-prometheus-exporter + tag: 0.3.0 + pullPolicy: IfNotPresent + config: + lowercaseOutputName: false + rules: + - pattern: "org.apache.ZooKeeperService<>(\\w+)" + name: "zookeeper_$2" + - pattern: "org.apache.ZooKeeperService<>(\\w+)" + name: "zookeeper_$3" + labels: + replicaId: "$2" + - pattern: "org.apache.ZooKeeperService<>(\\w+)" + name: "zookeeper_$4" + labels: + replicaId: "$2" + memberType: "$3" + - pattern: "org.apache.ZooKeeperService<>(\\w+)" + name: "zookeeper_$4_$5" + labels: + replicaId: "$2" + memberType: "$3" + startDelaySeconds: 30 + env: {} + resources: {} + path: /metrics + ports: + jmxxp: + containerPort: 9404 + protocol: TCP + livenessProbe: + httpGet: + path: /metrics + port: jmxxp + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 60 + failureThreshold: 8 + successThreshold: 1 + readinessProbe: + httpGet: + path: /metrics + port: jmxxp + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 60 + failureThreshold: 8 + successThreshold: 1 + + zookeeper: + enabled: false + image: + repository: josdotso/zookeeper-exporter + tag: v1.1.2 + pullPolicy: IfNotPresent + config: + logLevel: info + resetOnScrape: "true" + env: {} + resources: {} + path: /metrics + ports: + zookeeperxp: + containerPort: 9141 + protocol: TCP + livenessProbe: + httpGet: + path: /metrics + port: zookeeperxp + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 60 + failureThreshold: 8 + successThreshold: 1 + readinessProbe: + httpGet: + path: /metrics + port: zookeeperxp + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 60 + failureThreshold: 8 + successThreshold: 1 + +env: + + ## Options related to JMX exporter. + JMXAUTH: "false" + JMXDISABLE: "false" + JMXPORT: 1099 + JMXSSL: "false" + + ## The port on which the server will accept client requests. + ZK_CLIENT_PORT: 2181 + + ## The port on which the ensemble performs leader election. + ZK_ELECTION_PORT: 3888 + + ## The JVM heap size. + ZK_HEAP_SIZE: 2G + + ## The number of Ticks that an ensemble member is allowed to perform leader + ## election. + ZK_INIT_LIMIT: 5 + + ## The Log Level that for the ZooKeeper processes logger. + ## Choices are `TRACE,DEBUG,INFO,WARN,ERROR,FATAL`. + ZK_LOG_LEVEL: INFO + + ## The maximum number of concurrent client connections that + ## a server in the ensemble will accept. + ZK_MAX_CLIENT_CNXNS: 60 + + ## The maximum session timeout that the ensemble will allow a client to request. + ## Upstream default is `20 * ZK_TICK_TIME` + ZK_MAX_SESSION_TIMEOUT: 40000 + + ## The minimum session timeout that the ensemble will allow a client to request. + ## Upstream default is `2 * ZK_TICK_TIME`. + ZK_MIN_SESSION_TIMEOUT: 4000 + + ## The delay, in hours, between ZooKeeper log and snapshot cleanups. + ZK_PURGE_INTERVAL: 0 + + ## The port on which the leader will send events to followers. + ZK_SERVER_PORT: 2888 + + ## The number of snapshots that the ZooKeeper process will retain if + ## `ZK_PURGE_INTERVAL` is set to a value greater than `0`. + ZK_SNAP_RETAIN_COUNT: 3 + + ## The number of Tick by which a follower may lag behind the ensembles leader. + ZK_SYNC_LIMIT: 10 + + ## The number of wall clock ms that corresponds to a Tick for the ensembles + ## internal time. + ZK_TICK_TIME: 2000 + +jobs: + chroots: + enabled: false + activeDeadlineSeconds: 300 + backoffLimit: 5 + completions: 1 + config: + create: [] + # - /kafka + # - /ureplicator + env: [] + parallelism: 1 + resources: {} + restartPolicy: Never diff --git a/kubernetes/common/music/requirements.yaml b/kubernetes/common/music/requirements.yaml new file mode 100644 index 0000000000..220dc4619b --- /dev/null +++ b/kubernetes/common/music/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/common/music/values.yaml b/kubernetes/common/music/values.yaml new file mode 100644 index 0000000000..51c467cf2f --- /dev/null +++ b/kubernetes/common/music/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 3 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +resources: {} + diff --git a/kubernetes/common/mysql/templates/statefulset.yaml b/kubernetes/common/mysql/templates/statefulset.yaml index 1744940868..f73b10f460 100644 --- a/kubernetes/common/mysql/templates/statefulset.yaml +++ b/kubernetes/common/mysql/templates/statefulset.yaml @@ -251,4 +251,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} {{ end }} diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres/templates/statefulset.yaml index 3c7ae65e4a..db4a256f12 100644 --- a/kubernetes/common/postgres/templates/statefulset.yaml +++ b/kubernetes/common/postgres/templates/statefulset.yaml @@ -149,4 +149,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} #{{ end }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 28fa6a3887..e6264fa631 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -74,7 +74,7 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.4 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.5 # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints @@ -82,8 +82,8 @@ componentImages: config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3 datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.3 deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.3 - holmes_rules: onap/holmes/rule-management:1.2.0 - holmes_engine: onap/holmes/engine-management:1.2.0 + holmes_rules: onap/holmes/rule-management:1.2.3 + holmes_engine: onap/holmes/engine-management:1.2.2 inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4 policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.4.0 service_change_handler: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5 @@ -115,4 +115,3 @@ resources: # Kubernetes namespace for components deployed via Cloudify manager # If empty, use the common namespace # dcae_ns: "onap" - diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 50c56537f5..08e01d6258 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -52,7 +52,8 @@ liveness: periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: true + # liveness not desirable for Cloudify Manager container + enabled: false readiness: initialDelaySeconds: 10 diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml b/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml index 3e20e37dd4..5a5b220e61 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml +++ b/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml @@ -113,3 +113,6 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/dmaap/onap.json b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/dmaap/onap.json index 27411c64d2..9099e046ed 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/dmaap/onap.json +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/dmaap/onap.json @@ -1,5 +1,9 @@ { +{{ if eq .Values.fixedTopicNamespace true }} + "dmaapName": "mr", +{{- else -}} "dmaapName": "{{ include "common.namespace" . }}", +{{- end}} "drProvUrl": "https://dmaap-dr-prov:8443", "version": "1", "topicNsRoot": "org.onap.dmaap", diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml index 2f6bef8059..0483ce5db2 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml @@ -42,6 +42,11 @@ topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org adminPwd: demo123456! +# for Casablanca default deployment, leave this true to +# get a topic namespace that matches MR. When set to false, +# it will compose the topic namespace using the kubernetes namespace value +fixedTopicNamespace: true + nodeSelector: {} affinity: {} diff --git a/kubernetes/dmaap/charts/message-router/values.yaml b/kubernetes/dmaap/charts/message-router/values.yaml index 9ba34884da..bd1c660d9d 100644 --- a/kubernetes/dmaap/charts/message-router/values.yaml +++ b/kubernetes/dmaap/charts/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.7 +image: onap/dmaap/dmaap-mr:1.1.8 pullPolicy: Always kafka: diff --git a/kubernetes/esr/charts/esr-gui/values.yaml b/kubernetes/esr/charts/esr-gui/values.yaml index 9beb17d168..004d473b99 100644 --- a/kubernetes/esr/charts/esr-gui/values.yaml +++ b/kubernetes/esr/charts/esr-gui/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-gui:1.1.0 +image: onap/aai/esr-gui:1.2.1 pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:80 diff --git a/kubernetes/esr/charts/esr-server/values.yaml b/kubernetes/esr/charts/esr-server/values.yaml index 8f66148169..ce5688f267 100644 --- a/kubernetes/esr/charts/esr-server/values.yaml +++ b/kubernetes/esr/charts/esr-server/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-server:1.1.0 +image: onap/aai/esr-server:1.2.1 pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:80 diff --git a/kubernetes/helm/starters/onap-app/README.md b/kubernetes/helm/starters/onap-app/README.md index edb0a78197..41d002bdb0 100644 --- a/kubernetes/helm/starters/onap-app/README.md +++ b/kubernetes/helm/starters/onap-app/README.md @@ -12,8 +12,8 @@ Helm Charts for specific applications should be moved into the oom/kubernetes directory. If the application is a common reusable Helm Chart (eg. mariadb), a more appropriate location might be the oom/kubernetes/common directory. -Edit each yaml file in the new Helm Chart directoy, substituing real values -for those inside brackets (eg. ``). Some comments have been provided in +Edit each yaml file in the new Helm Chart directory, substituting real values +for those inside brackets (e.g. ``). Some comments have been provided in the file to help guide changes that need to be made. This starter Helm Chart is in no way complete. It can serve as the basis for creating a new Helm Chart that attempts to apply Helm best practices to ONAP applications being configured, diff --git a/kubernetes/multicloud/charts/multicloud-azure/values.yaml b/kubernetes/multicloud/charts/multicloud-azure/values.yaml index 7b9d9c7e4b..1a168e9249 100644 --- a/kubernetes/multicloud/charts/multicloud-azure/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-azure/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/azure:1.2.0-SNAPSHOT +image: onap/multicloud/azure:1.2.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index ec4fdd8c27..97be78d91c 100644 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -132,3 +132,7 @@ dependencies: version: ~3.0.0 repository: '@local' condition: vnfsdk.enabled + - name: vvp + version: ~3.0.0 + repository: '@local' + condition: vvp.enabled diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index dd30e1d87e..d45111427e 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -79,3 +79,5 @@ vid: enabled: false vnfsdk: enabled: false +vvp: + enabled: false diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 190a9ec67d..4950ae570b 100644 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -156,3 +156,5 @@ vid: enabled: true vnfsdk: enabled: true +vvp: + enabled: false diff --git a/kubernetes/oof/Makefile b/kubernetes/oof/Makefile index 72f97ef44c..e27258aafc 100644 --- a/kubernetes/oof/Makefile +++ b/kubernetes/oof/Makefile @@ -14,3 +14,4 @@ make-has: cd charts && helm dep up oof-has + cd charts && helm dep up oof-cmso diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/Chart.yaml b/kubernetes/oof/charts/oof-cmso/Chart.yaml similarity index 80% rename from kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/Chart.yaml rename to kubernetes/oof/charts/oof-cmso/Chart.yaml index 5c12786a97..eb5e97b58f 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/Chart.yaml +++ b/kubernetes/oof/charts/oof-cmso/Chart.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: OOF-HAS Cassandra -name: oof-has-cassandra +description: Chart for Change Management Service Orchestrator (CMSO) +name: oof-cmso version: 3.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml similarity index 80% rename from kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/Chart.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml index ad3b82726c..1af0d049fe 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/Chart.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP OOF Zookeeper -name: oof-has-zookeeper +description: Chart for Change Management Service Orchestrator (CMSO) Service +name: oof-cmso-service version: 3.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties new file mode 100644 index 0000000000..cf1d35e105 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -0,0 +1,104 @@ + +#------------------------------------------------------------------------------- +# Copyright © 2017-2018 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- +### + +### MySQL DB. +spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} +cmso.database.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + +spring.jpa.show-sql=true +spring.jpa.hibernate.ddl-auto=none +spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy +spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect +spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl +spring.jpa.hibernate.id.new_generator_mappings=false +hibernate.id.new_generator_mappings=false + +logging.level.org.hibernate.SQL=TRACE + +logging.level.org.hibernate=TRACE + +# +cmso.aaf.enabled=false + +# Enable swagger - Enable in development and test only +cmso.swagger.enabled=true + +# Enable schedule immediate to be dispatched without ticket approvals +# Has no effect when in vTM loopback mode as always approved. +cmso.cm.dispatch.immediate.enabled = true + +# NUmber of seconds between sniro dispatch jobs +cmso.optimizer.job.interval.ms=10000 + +# NUmber of seconds between change management cmso polling jobs +# Controls frequenct of polling to the ChangeManagementScheduler table... +cmso.cm.polling.job.interval.ms=10000 +# How many management cmso polling intervals to look ahead to dispatch +# (To account for possible latency of the polling job) +cmso.cm.polling.job.lookahead.intervals=5 +# Lead time before event time to enable dispatcher to +# test that it is safe to dispatch (i.e. meeting reminder lead time) +cmso.cm.dispatcher.lead.time.ms=5000 +# Lead time to prepare and call VID to dispatch work to MSO +# Includes latency from VID call to the start of the workflow +cmso.cm.dispatch.lead.time.ms=1000 + +# Interval between polling to check status of schedules in Notifications Initiated status +cmso.status.job.interval.ms=60000 + +org.quartz.jobStore.class=org.quartz.simpl.RAMJobStore + +loopback.mso.requestId=dummy123 + +so.polling.interval.ms=10000 +#mso.user=cmso@onap.org +#mso.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== + +## loopback settings +so.url=http://localhost:8080/cmso/v1/loopbacktest/onap/so/infra/orchestrationRequests/v7 +so.user=cmso@onap.org +so.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== + +mechid.user=cmso@onap.org +mechid.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== + +cmso.dispatch.url=http://localhost:8089 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/liquibase.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/liquibase.properties new file mode 100644 index 0000000000..66dad37bd8 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/liquibase.properties @@ -0,0 +1,54 @@ +### +# Copyright © 2017-2018 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +### +spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + + +#changeLogFile=calendar-liquibase-changeLog.xml +changeLogFile=cmso-liquibase-changeLog.xml + + +#spring.main.web-environment=false +#outputChangeLogFile=src/main/resources/cmso-output-changelog.xml +#url=jdbc:mariadb://localhost:3306/calendar +#url=jdbc:mysql://localhost:3306/cmso +#username=root +#password=root +#driver=org.mariadb.jdbc.Driver +#driver=com.mysql.jdbc.Driver diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties new file mode 100644 index 0000000000..b222d7bf59 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties @@ -0,0 +1,34 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2018 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- + +cmso.optimizer.url=http://localhost:8080/cmso/v1/loopbacktest/optimizer +cmso.optimizer.callbackurl=http://localhost:8080/cmso/v1/optimizerCallback + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties new file mode 100644 index 0000000000..bfdaec6b8d --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties @@ -0,0 +1,38 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2018 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- + +tm.vnfs.per.ticket=1 +tm.getPath=http://localhost:8080/cmso/v1/tm/getChangeRecord +tm.createPath=http://localhost:8080/cmso/v1/tm/createChangeRecord +tm.closePath=http://localhost:8080/cmso/v1/tm/closeCancelChangeRecord +tm.updatePath=http://localhost:8080/cmso/v1/tm/updateChangeRecord +tm.approvalStatus=Approved|Scheduled,Approved|Assigned +tm.template.folder=data/templates/tm diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/NOTES.txt similarity index 89% rename from kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/NOTES.txt rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/NOTES.txt index 974fae450e..1103affff1 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/NOTES.txt +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/NOTES.txt @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} @@ -28,7 +26,7 @@ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') echo http://$SERVICE_IP:{{ .Values.service.externalPort }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} {{- end }} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/configmap.yaml similarity index 86% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/configmap.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/configmap.yaml index 7a38efa8cc..c4397359dc 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/configmap.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/configmap.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright (C) 2018 AT&T,VMware +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-configmap + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml new file mode 100644 index 0000000000..47f732aa1e --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -0,0 +1,140 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: db-init + image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}" + imagePullPolicy: Always + env: + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + terminationMessagePolicy: File + volumeMounts: + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_user }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: user-password + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cmso.properties + path: cmso.properties + - key: optimizer.properties + path: optimizer.properties + - key: ticketmgt.properties + path: ticketmgt.properties + - key: liquibase.properties + path: liquibase.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/service.yaml similarity index 90% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/service.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/service.yaml index 097a44d2f6..1624a08b27 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/service.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,12 +22,11 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} - annotations: spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} + - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} {{- else -}} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml new file mode 100644 index 0000000000..a970f38157 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -0,0 +1,102 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-service:1.0.1 +pullPolicy: Always + +#init container image +dbinit: + image: onap/optf-cmso-dbinit:1.0.1 + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso + portName: cmso + internalPort: 8080 + externalPort: 8080 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + db_root: root + db_user: cmso-admin + mysqlDatabase: cmso + db_host: oof-cmso-dbhost + db_port: 3306 + +mariadb: + nameOverride: cmso-db + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi diff --git a/kubernetes/oof/charts/oof-cmso/requirements.yaml b/kubernetes/oof/charts/oof-cmso/requirements.yaml new file mode 100644 index 0000000000..2a3bb70ff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/requirements.yaml @@ -0,0 +1,24 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + - name: mariadb-galera + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/oof/charts/oof-cmso/values.yaml b/kubernetes/oof/charts/oof-cmso/values.yaml new file mode 100644 index 0000000000..3c5edb3754 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/values.yaml @@ -0,0 +1,35 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +mariadb-galera: + replicaCount: 1 + nameOverride: cmso-db + service: + type: ClusterIP + name: oof-cmso-dbhost + portName: cmso-dbhost + nfsprovisionerPrefix: cmso + sdnctlPrefix: cmso + persistence: + mountSubPath: cmso/data + enabled: true + disableNfsProvisioner: true + config: + mariadbRootPassword: beer + userName: cmso-admin + userPassword: nimda-osmc + mysqlDatabase: cmso + externalConfig: | + [mysqld] + lower_case_table_names = 1 \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml index 12bbeefb12..9940305659 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml @@ -36,7 +36,9 @@ spec: - /root/ready.py args: - --container-name - - oof-has-music + - oof-has-controller + - --container-name + - aaf-service env: - name: NAMESPACE valueFrom: @@ -46,6 +48,38 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-onboard" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-onboard-readiness + - command: + - sh + - -c + - resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret); + echo $resp; + sleep 2; + done + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-has-sms-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" @@ -84,6 +118,9 @@ spec: - mountPath: /usr/local/bin/log.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: log.conf + - mountPath: /usr/local/bin/AAF_RootCA.cer + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: AAF_RootCA.cer resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -106,5 +143,7 @@ spec: path: conductor.conf - key: log.conf path: log.conf + - key: AAF_RootCA.cer + path: AAF_RootCA.cer imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/zzz_conductor.cql b/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/zzz_conductor.cql deleted file mode 100644 index c2593eb1dc..0000000000 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/zzz_conductor.cql +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada, VMware -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -CREATE KEYSPACE conductor WITH replication = {'class': 'SimpleStrategy', 'replication_factor': '1'} AND durable_writes = true; - -CREATE TABLE conductor.plans ( - id text PRIMARY KEY, - created bigint, - message text, - name text, - recommend_max int, - reservation_counter int, - reservation_owner text, - solution text, - solver_counter int, - solver_owner text, - status text, - template text, - timeout int, - translation text, - translation_counter int, - translation_owner text, - updated bigint, - vector_ts text -); - -CREATE INDEX conductor_plans_index ON conductor.plans(status); - -CREATE KEYSPACE conductor_rpc WITH replication = {'class': 'SimpleStrategy', 'replication_factor': '1'} AND durable_writes = true; - -CREATE TABLE conductor_rpc.controller ( - id text PRIMARY KEY, - action text, - args text, - created bigint, - ctxt text, - failure text, - method text, - owner text, - response text, - status text, - updated bigint, - vector_ts text -); - -CREATE TABLE conductor_rpc.data ( - id text PRIMARY KEY, - action text, - args text, - created bigint, - ctxt text, - failure text, - method text, - owner text, - response text, - status text, - updated bigint, - vector_ts text -); - -INSERT INTO admin.keyspace_master ( -uuid, application_name, is_aaf, is_api, keyspace_name, password,username) -VALUES ( now(), 'conductor', False, True, 'conductor', 'c0nduct0r', 'conductor'); - -INSERT INTO admin.keyspace_master ( -uuid, application_name, is_aaf, is_api, keyspace_name, password, username) -VALUES( now(), 'conductor', False, True, 'conductor_rpc', 'c0nduct0r', 'conductor'); - -CREATE ROLE IF NOT EXISTS conductor WITH PASSWORD = 'c0nduct0r' AND LOGIN = true; - -GRANT ALL PERMISSIONS on KEYSPACE conductor to 'conductor'; - -GRANT ALL PERMISSIONS on KEYSPACE conductor_rpc to 'conductor'; - -INSERT INTO conductor.plans (id, created, message, name, recommend_max, solution, status, template,timeout, translation,updated) VALUES('healthcheck',1479482603641,'','foo',1,'{"healthcheck": " healthcheck"}','solved','{"healthcheck": "healthcheck"}',3600,'{"healthcheck": "healthcheck"}',1484324150629); - - - diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/deployment.yaml deleted file mode 100644 index aed92e5768..0000000000 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/deployment.yaml +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - - containerPort: {{ .Values.service.internalPort3 }} - - containerPort: {{ .Values.service.internalPort4 }} - - containerPort: {{ .Values.service.internalPort5 }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: - - /bin/bash - - -c - - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - exec: - command: - - /bin/bash - - -c - - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: CASSUSER - value: "{{ .Values.config.cassandraUsername }}" - - name: CASSPASS - value: "{{ .Values.config.cassandraPassword }}" - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: cassandra-docker-entrypoint-initdb - mountPath: /docker-entrypoint-initdb.d/zzz_conductor.cql - subPath: zzz_conductor.cql - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: cassandra-docker-entrypoint-initdb - configMap: - name: {{ include "common.fullname" . }}-docker-entry-initd - {{- if .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/pv.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/pv.yaml deleted file mode 100644 index 0fa33fc6fb..0000000000 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/pv.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/pvc.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/pvc.yaml deleted file mode 100644 index 0f4de0c9e2..0000000000 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-controller/templates/deployment.yaml index 00f26255f7..c5646f6453 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-controller/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-controller/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - oof-has-music + - music-tomcat env: - name: NAMESPACE valueFrom: @@ -46,6 +46,38 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-onboard" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-onboard-readiness + - command: + - sh + - -c + - resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret); + echo $resp; + sleep 2; + done + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-cont-sms-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" @@ -87,6 +119,9 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + - mountPath: /usr/local/bin/AAF_RootCA.cer + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: AAF_RootCA.cer resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,5 +146,7 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh + - key: AAF_RootCA.cer + path: AAF_RootCA.cer imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-data/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-data/templates/deployment.yaml index 3f64923a0e..e4ec820b1f 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-data/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-data/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - oof-has-music + - music-tomcat env: - name: NAMESPACE valueFrom: @@ -46,6 +46,52 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-onboard" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-onboard-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-healthcheck" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-health-readiness + - command: + - sh + - -c + - resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret); + echo $resp; + sleep 2; + done + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-data-sms-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/resources/config/startup.sh b/kubernetes/oof/charts/oof-has/charts/oof-has-music/resources/config/startup.sh deleted file mode 100755 index dd2c550f11..0000000000 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/resources/config/startup.sh +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -OUT=$(curl -o /dev/null -s -w "%{http_code}\n" \ - http://localhost:8080/MUSIC/rest/v2/admin/onboardAppWithMusic \ - -H 'Cache-Control: no-cache' \ - -H 'Content-Type: application/json' \ - -H 'Postman-Token: 705d4a9d-aaf2-40b4-914a-e0ce1a79534c' \ - -d '{ - "appname": "conductor", - "userId" : "conductor", - "isAAF" : false, - "password" : "c0nduct0r" -} -') - -if [ ${OUT} = "200" ]; then - echo "Success" - echo 1 > /tmp/onboarded - exit 0; -else - echo "Failure" - exit 1; -fi diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/templates/deployment.yaml index a967bb50e1..7c30360cd6 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - oof-has-music + - music-tomcat env: - name: NAMESPACE valueFrom: @@ -46,6 +46,52 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-onboard" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-onboard-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-healthcheck" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-health-readiness + - command: + - sh + - -c + - resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" .}}:10443/v1/sms/domain/has/secret); + echo $resp; + sleep 2; + done + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-resrv-sms-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" @@ -87,6 +133,9 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + - mountPath: /usr/local/bin/AAF_RootCA.cer + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: AAF_RootCA.cer resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,5 +160,7 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh + - key: AAF_RootCA.cer + path: AAF_RootCA.cer imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-solver/templates/deployment.yaml index 26ed7c75e3..0cc4ded3b5 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-solver/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-solver/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - oof-has-music + - music-tomcat env: - name: NAMESPACE valueFrom: @@ -46,6 +46,52 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-onboard" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-onboard-readiness + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-oof-has-healthcheck" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-health-readiness + - command: + - sh + - -c + - resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret); + echo $resp; + sleep 2; + done + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-solvr-sms-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" @@ -87,6 +133,9 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + - mountPath: /usr/local/bin/AAF_RootCA.cer + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: AAF_RootCA.cer resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,5 +160,7 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh + - key: AAF_RootCA.cer + path: AAF_RootCA.cer imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/deployment.yaml deleted file mode 100644 index 888bfd0555..0000000000 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/templates/deployment.yaml +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - {{- if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/requirements.yaml b/kubernetes/oof/charts/oof-has/requirements.yaml index 14f1f9a82d..cda496bd87 100755 --- a/kubernetes/oof/charts/oof-has/requirements.yaml +++ b/kubernetes/oof/charts/oof-has/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~3.0.0 repository: '@local' + - name: music + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf index 00a65ce30d..4db857a898 100755 --- a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Modifications Copyright © 2018 AT&T,VMware, Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,7 +23,14 @@ #api_paste_config = api_paste.ini # Music keyspace for content (string value) -keyspace = conductor +#keyspace = conductor + +# Delay time (Seconds) for MUSIC requests. Set it to 2 seconds by default. +# (integer value) +#delay_time = 2 + +# (boolean value) +#HPA_enabled = true # # From oslo.log @@ -32,14 +39,9 @@ keyspace = conductor # If set to true, the logging level will be set to DEBUG instead of the default # INFO level. (boolean value) # Note: This option can be changed without restarting. +#debug = false debug = true -# DEPRECATED: If set to false, the logging level will be set to WARNING instead -# of the default INFO level. (boolean value) -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#verbose = true - # The name of a logging configuration file. This file is appended to any # existing logging configuration files. For details about logging configuration # files, see the Python logging module documentation. Note that when logging @@ -48,7 +50,8 @@ debug = true # example, logging_context_format_string). (string value) # Note: This option can be changed without restarting. # Deprecated group/name - [DEFAULT]/log_config -# log_config_append = /usr/local/bin/log.conf +#log_config_append = +log_config_append = /usr/local/bin/log.conf # Defines the format string for %%(asctime)s in log records. Default: # %(default)s . This option is ignored if log_config_append is set. (string @@ -78,10 +81,20 @@ debug = true # is set. (boolean value) #use_syslog = false +# Enable journald for logging. If running in a systemd environment you may wish +# to enable journal support. Doing so will use the journal native protocol +# which includes structured metadata in addition to log messages.This option is +# ignored if log_config_append is set. (boolean value) +#use_journal = false + # Syslog facility to receive log lines. This option is ignored if # log_config_append is set. (string value) #syslog_log_facility = LOG_USER +# Use JSON formatting for logging. This option is ignored if log_config_append +# is set. (boolean value) +#use_json = false + # Log output to standard error. This option is ignored if log_config_append is # set. (boolean value) #use_stderr = false @@ -106,7 +119,7 @@ debug = true # List of package logging levels in logger=LEVEL pairs. This option is ignored # if log_config_append is set. (list value) -#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO +#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,oslo_messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO # Enables or disables publication of error events. (boolean value) #publish_errors = false @@ -135,6 +148,65 @@ debug = true #fatal_deprecations = false +[aaf_api] + +# +# From conductor +# + +# is_aaf_enabled. (boolean value) +is_aaf_enabled = true + +# aaf_cache_expiry_hrs. (integer value) +aaf_cache_expiry_hrs = 3 + +# aaf_url. (string value) +aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/ + +# aaf_cert_file. (string value) +#aaf_cert_file = + +# aaf_cert_key_file. (string value) +#aaf_cert_key_file = + +# aaf_ca_bundle_file. (string value) +#aaf_ca_bundle_file = +aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer + +# aaf_retries. (integer value) +#aaf_retries = 3 + +# aaf_timeout. (integer value) +#aaf_timeout = 100 + +# aaf_user_roles. (list value) +#aaf_permissions = {"type": "org.onap.oof.access","instance": "*","action": "*"} + + +[aaf_sms] + +# +# From conductor +# + +# Base URL for SMS, up to and not including the version, and without a trailing +# slash. (string value) +aaf_sms_url = https://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}} + + +# Timeout for SMS API Call (integer value) +#aaf_sms_timeout = 30 + +# Path to the cacert that will be used to verify If this is None, verify will +# be False and the server certis not verified by the client. (string value) +#aaf_ca_certs = AAF_RootCA.cer +aaf_ca_certs = /usr/local/bin/AAF_RootCA.cer + +# Domain UUID - A unique UUID generated when the domainfor HAS is created by +# administrator during deployment (string value) +#secret_domain = has + + [aai] # @@ -142,7 +214,12 @@ debug = true # # Interval with which to refresh the local cache, in minutes. (integer value) +#cache_refresh_interval = 1440 cache_refresh_interval = 1 + +# Interval with which to refresh the local complex cache, in minutes. (integer +# value) +#complex_cache_refresh_interval = 1440 complex_cache_refresh_interval = 60 # Data Store table prefix. (string value) @@ -152,6 +229,12 @@ complex_cache_refresh_interval = 60 # trailing slash. (string value) server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai +# Timeout for A&AI Rest Call (string value) +#aai_rest_timeout = 30 + +# Number of retry for A&AI Rest Call (string value) +#aai_retries = 3 + # The version of A&AI in v# format. (string value) server_url_version = v14 @@ -164,13 +247,13 @@ certificate_key_file = # Certificate Authority Bundle file in pem format. Must contain the appropriate # trust chain for the Certificate file. (string value) -#certificate_authority_bundle_file = /opt/app/conductor/etc/certs/ca_bundle.pem -certificate_authority_bundle_file =/usr/local/bin/AAF_RootCA.cer +#certificate_authority_bundle_file = certificate_authority_bundle.pem +certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer -# Basic Authentication Username (string value) +# Username for AAI. (string value) username = OOF -# Basic Authentication Password (string value) +# Password for AAI. (string value) password = OOF @@ -189,13 +272,24 @@ password = OOF [conductor_api] -# Basic Authentication Username (string value) +# +# From conductor +# + +# Base URL for plans. (string value) +#server_url = + +# username for plans. (string value) +#username = username = admin1 -# Basic Authentication Password (string value) +# password for plans. (string value) +#password = password = plan.15 -basic_auth_secure = False +# auth toggling. (boolean value) +basic_auth_secure = true + [controller] @@ -205,6 +299,7 @@ basic_auth_secure = False # Timeout for planning requests. Default value is 10. (integer value) # Minimum value: 1 +#timeout = 10 timeout = 200 # Maximum number of result sets to return. Default value is 1. (integer value) @@ -215,11 +310,47 @@ timeout = 200 # Minimum value: 1 #workers = 1 +# Set to True when controller will run in active-active mode. When set to +# False, controller will flush any abandoned messages at startup. The +# controller always restarts abandoned template translations at startup. +# (boolean value) +#concurrent = false +concurrent = true + # Time between checking for new plans. Default value is 1. (integer value) # Minimum value: 1 #polling_interval = 1 + +# (integer value) +# Minimum value: 1 +#max_translation_counter = 1 + + +[data] + +# +# From conductor +# + +# Number of workers for data service. Default value is 1. (integer value) +# Minimum value: 1 +#workers = 1 + +# Set to True when data will run in active-active mode. When set to False, data +# will flush any abandoned messages at startup. (boolean value) +#concurrent = false concurrent = true +# Default value is -8000, which is the diameter of the earth. The distance +# cannot larger than this value (floating point value) +#existing_placement_cost = -8000.0 + +# (floating point value) +#cloud_candidate_cost = 2.0 + +# (floating point value) +#service_candidate_cost = 1.0 + [inventory_provider] @@ -238,16 +369,21 @@ concurrent = true # # Music keyspace for messages (string value) -keyspace = conductor_rpc +#keyspace = conductor_rpc # Wait interval while checking for a message response. Default value is 1 # second. (integer value) # Minimum value: 1 #check_interval = 1 -# Overall message response timeout. Default value is 10 seconds. (integer +# Overall message response timeout. Default value is 120 seconds. (integer # value) # Minimum value: 1 +#response_timeout = 120 + +# Timeout for detecting a VM is down, and other VMs can pick the plan up. +# Default value is 5 minutes. (integer value) (integer value) +# Minimum value: 1 timeout = 300 # Number of workers for messaging service. Default value is 1. (integer value) @@ -262,19 +398,36 @@ timeout = 300 #debug = false +[multicloud] + +# +# From conductor +# + +# Base URL for Multicloud without a trailing slash. (string value) +#server_url = http://msb.onap.org/api/multicloud +server_url = http://{{.Values.config.msb.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.msb.port}}/api/multicloud + +# Timeout for Multicloud Rest Call (string value) +#multicloud_rest_timeout = 30 + +# Number of retry for Multicloud Rest Call (string value) +#multicloud_retries = 3 + +# The version of Multicloud API. (string value) +#server_url_version = v0 + + [music_api] # # From conductor # -music_new_version = True + # Base URL for Music REST API without a trailing slash. (string value) -server_url = http://oof-has-music:8080/MUSIC/rest/v2 +#server_url = http://oof-has-music:8080/MUSIC/rest/v2 +server_url = http://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2 version = v2 -music_version = "2.5.3" -aafuser = conductor -aafpass = c0nduct0r -aafns = conductor # DEPRECATED: List of hostnames (round-robin access) (list value) # This option is deprecated for removal. @@ -294,21 +447,104 @@ aafns = conductor # Reason: Use server_url instead #path = +# Socket connection timeout (floating point value) +#connect_timeout = 3.05 + +# Socket read timeout (floating point value) +#read_timeout = 12.05 + # Lock timeout (integer value) #lock_timeout = 10 + +# Replication factor (integer value) +#replication_factor = 1 replication_factor = 1 -# Log debug messages. Default value is False. (boolean value) -#debug = false # Use mock API (boolean value) #mock = false -# Socket connection timeout (floating point value) -connect_timeout = 3.05 +# (string value) +#music_topology = SimpleStrategy -# Socket read timeout (floating point value) -read_timeout = 12.05 +# Name of the first data center (string value) +#first_datacenter_name = + +# Number of replicas in first data center (integer value) +#first_datacenter_replicas = +# Name of the second data center (string value) +#second_datacenter_name = + +# Number of replicas in second data center (integer value) +#second_datacenter_replicas = + +# Name of the third data center (string value) +#third_datacenter_name = + +# Number of replicas in third data center (integer value) +#third_datacenter_replicas = + +# new or old version (boolean value) +#music_new_version = +music_new_version = True + +# for version (string value) +#music_version = +music_version = "3.0.21" + +# username value that used for creating basic authorization header (string +# value) +#aafuser = +aafuser = conductor + +# password value that used for creating basic authorization header (string +# value) +#aafpass = +aafpass = c0nduct0r + +# AAF namespace field used in MUSIC request header (string value) +#aafns = +aafns = conductor + + +[prometheus] + +# +# From conductor +# + +# Prometheus Metrics Endpoint (list value) +#metrics_port = 8000,8001,8002,8003,8004 + + +[reservation] + +# +# From conductor +# + +# Number of workers for reservation service. Default value is 1. (integer +# value) +# Minimum value: 1 +#workers = 1 + +# Number of times reservation/release should be attempted. (integer value) +#reserve_retries = 1 + +# Timeout for detecting a VM is down, and other VMs can pick the plan up and +# resereve. Default value is 600 seconds. (integer value) (integer value) +# Minimum value: 1 +#timeout = 600 + +# Set to True when reservation will run in active-active mode. When set to +# False, reservation will restart any orphaned reserving requests at startup. +# (boolean value) +#concurrent = false +concurrent = true + +# (integer value) +# Minimum value: 1 +#max_reservation_counter = 1 [sdnc] @@ -324,13 +560,22 @@ read_timeout = 12.05 #table_prefix = sdnc # Base URL for SDN-C, up to and including the version. (string value) +#server_url = https://controller:8443/restconf/ server_url = https://sdncodl-conexus-e2e.ecomp.cci.att.com:8543/restconf/ # Basic Authentication Username (string value) +#username = username = admin # Basic Authentication Password (string value) -password = sdnc.15 +#password = +password = Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + +# Timeout for SDNC Rest Call (string value) +#sdnc_rest_timeout = 30 + +# Retry Numbers for SDNC Rest Call (string value) +#sdnc_retries = 3 [service_controller] @@ -353,41 +598,32 @@ password = sdnc.15 # Minimum value: 1 #workers = 1 +# The timeout value for solver service. Default value is 480 seconds. (integer +# value) +# Minimum value: 1 +#solver_timeout = 480 + # Set to True when solver will run in active-active mode. When set to False, # solver will restart any orphaned solving requests at startup. (boolean value) #concurrent = false concurrent = true +# Timeout for detecting a VM is down, and other VMs can pick the plan up. This +# value should be larger than solver_timeoutDefault value is 10 minutes. +# (integer value) (integer value) +# Minimum value: 1 +#timeout = 600 - -[reservation] -concurrent = true - - -[multicloud] - -# -# From conductor -# - -# Base URL for Multicloud without a trailing slash. (string value) -server_url = http://{{.Values.config.msb.serviceName}}:{{.Values.config.msb.port}}/api/multicloud - -# Timeout for Multicloud Rest Call (string value) -multicloud_rest_timeout = 30 - -# Number of retry for Multicloud Rest Call (string value) -multicloud_retries = 3 - -# The version of Multicloud API. (string value) -server_url_version = v0 +# (integer value) +# Minimum value: 1 +#max_solver_counter = 1 [vim_controller] + # # From conductor # # Extensions list to use (list value) -extensions = multicloud - +#extensions = multicloud diff --git a/kubernetes/oof/charts/oof-has/resources/config/healthcheck.json b/kubernetes/oof/charts/oof-has/resources/config/healthcheck.json new file mode 100755 index 0000000000..833fa0f5d9 --- /dev/null +++ b/kubernetes/oof/charts/oof-has/resources/config/healthcheck.json @@ -0,0 +1,18 @@ +{ + "consistencyInfo": { + "type": "eventual" + }, + "values": { + "id": "healthcheck", + "created": 1479482603641, + "message": "", + "name": "foo", + "recommend_max": 1, + "solution": "{\"healthcheck\": \" healthcheck\"}", + "status": "solved", + "template": "{\"healthcheck\": \"healthcheck\"}", + "timeout": 3600, + "translation": "{\"healthcheck\": \" healthcheck\"}", + "updated": 1484324150629 + } +} diff --git a/kubernetes/oof/charts/oof-has/resources/config/onboard.json b/kubernetes/oof/charts/oof-has/resources/config/onboard.json new file mode 100755 index 0000000000..2c3d69be8d --- /dev/null +++ b/kubernetes/oof/charts/oof-has/resources/config/onboard.json @@ -0,0 +1,6 @@ +{ + "appname": "conductor", + "userId": "conductor", + "isAAF": "false", + "password": "c0nduct0r" +} diff --git a/kubernetes/oof/charts/oof-has/templates/job-healthcheck.yaml b/kubernetes/oof/charts/oof-has/templates/job-healthcheck.yaml new file mode 100755 index 0000000000..6e38034c46 --- /dev/null +++ b/kubernetes/oof/charts/oof-has/templates/job-healthcheck.yaml @@ -0,0 +1,100 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-healthcheck + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - oof-has-api + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ include "common.name" . }}-healthcheck + command: + - "/bin/sh" + - "-c" + - | + echo "INSERT HEALTHCHECK PLAN"; + sleep 15; + resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null --write-out %{http_code} -X POST http://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2/keyspaces/conductor/tables/plans/rows?id=healthcheck \ + -H "Content-Type: application/json" \ + -H "ns: conductor" \ + -H "Authorization: Basic Y29uZHVjdG9yOmMwbmR1Y3Qwcg==" \ + --data @healthcheck.json); + echo $resp; + sleep 2; + done; + workingDir: /has + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /has/healthcheck.json + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: healthcheck.json + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ .Values.global.commonConfigPrefix }}-config + configMap: + name: {{ .Values.global.commonConfigPrefix }}-configmap + items: + - key: healthcheck.json + path: healthcheck.json + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-has/templates/job-onboard.yaml b/kubernetes/oof/charts/oof-has/templates/job-onboard.yaml new file mode 100755 index 0000000000..2b24d4017d --- /dev/null +++ b/kubernetes/oof/charts/oof-has/templates/job-onboard.yaml @@ -0,0 +1,108 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-onboard + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "music-tomcat" + - --container-name + - "music-cassandra" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-music-cassandra-job-config" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-music-db-readiness + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ include "common.name" . }}-onboard + command: + - "/bin/sh" + - "-c" + - | + curl -X POST http://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2/admin/onboardAppWithMusic \ + -H "Content-Type: application/json" \ + -H "Authorization: Basic Y29uZHVjdG9yOmMwbmR1Y3Qwcg==" \ + --data @onboard.json + workingDir: /has + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /has/onboard.json + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: onboard.json + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ .Values.global.commonConfigPrefix }}-config + configMap: + name: {{ .Values.global.commonConfigPrefix }}-configmap + items: + - key: onboard.json + path: onboard.json + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-has/values.yaml b/kubernetes/oof/charts/oof-has/values.yaml index fa6b4100d8..d825e4437b 100755 --- a/kubernetes/oof/charts/oof-has/values.yaml +++ b/kubernetes/oof/charts/oof-has/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, AT&T, Bell Canada, VMware +# Modifications Copyright © 2018 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,17 +25,44 @@ global: commonConfigPrefix: onap-oof-has image: readiness: oomk8s/readiness-check:2.0.0 - optf_has: onap/optf-has:1.2.1 + optf_has: onap/optf-has:1.2.4 filebeat: docker.elastic.co/beats/filebeat:5.5.0 pullPolicy: Always nodePortPrefix: 302 dataRootDir: /dockerdata-nfs config: + aaf: + serviceName: aaf-service + port: 8100 aai: serviceName: aai port: 8443 msb: serviceName: msb-iag port: 80 - + music: + serviceName: music-tomcat + port: 8080 + sms: + serviceName: aaf-sms + port: 10443 +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + memory: 2Gi + cpu: 1000m + requests: + memory: 1Gi + cpu: 500m + large: + limits: + memory: 4Gi + cpu: 2000m + requests: + memory: 2Gi + cpu: 1000m + unlimited: {} diff --git a/kubernetes/oof/resources/config/osdf_config.yaml b/kubernetes/oof/resources/config/osdf_config.yaml index d39a83222f..fea3d908cf 100755 --- a/kubernetes/oof/resources/config/osdf_config.yaml +++ b/kubernetes/oof/resources/config/osdf_config.yaml @@ -68,7 +68,7 @@ aaf_user_roles: {{- end }} # Secret Management Service from AAF -aaf_sms_url: {{ .Values.config.aaf_sms_url }} +aaf_sms_url: {{ .Values.config.aaf_sms_url }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }} aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }} secret_domain: {{ .Values.config.secret_domain }} aaf_ca_certs: {{ .Values.config.aaf_ca_certs }} diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index 07f1ff44a9..d4558b72dd 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -37,12 +37,6 @@ spec: args: - --container-name - pdp - - --container-name - - aaf-service - - --container-name - - aaf-sms - - --container-name - - oof-has-api env: - name: NAMESPACE valueFrom: @@ -52,6 +46,24 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - sh + - -c + - resp="FAILURE"; + until [ $resp = "200" ]; do + resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret); + echo $resp; + sleep 2; + done + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-osdf-sms-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index da69c42b9e..24a0333e5a 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/optf-osdf:1.2.1 +image: onap/optf-osdf:1.2.4 pullPolicy: Always # flag to enable debugging - application support required @@ -36,7 +36,7 @@ debugEnabled: false config: msbgateway: msb-iag msbPort: 80 - placementVersioningEnabled: False + placementVersioningEnabled: True # Placement API latest version numbers to be set in HTTP header placementMajorVersion: "1" placementMinorVersion: "0" @@ -57,7 +57,7 @@ config: # versions to be set in HTTP header conductorMinorVersion: 0 # Url and credentials for the Policy Platform - policyPlatformUrl: http://pdp:8081/pdp/api/getConfig # Policy Dev platform URL + policyPlatformUrl: https://pdp:8081/pdp/api/getConfig # Policy Dev platform URL policyPlatformEnv: TEST # Environment for policy platform policyPlatformUsername: testpdp # Policy platform username. policyPlatformPassword: alpha123 # Policy platform password. @@ -92,7 +92,8 @@ config: aaf_user_roles: - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL' # Secret Management Service from AAF - aaf_sms_url: https://aaf-sms:10443 + aaf_sms_url: https://aaf-sms + aaf_sms_port: 10443 aaf_sms_timeout: 30 secret_domain: osdf aaf_ca_certs: /opt/app/ssl_cert/aaf_root_ca.cer @@ -118,15 +119,15 @@ flavor: small resources: small: limits: - memory: 4Gi - cpu: 2000m + memory: 2Gi + cpu: 1000m requests: memory: 1Gi cpu: 500m large: limits: - memory: 8Gi - cpu: 4000m + memory: 4Gi + cpu: 2000m requests: memory: 2Gi cpu: 1000m diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index 2f65c87bc2..b074d48501 100644 --- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -63,5 +63,5 @@ BRMS_UEB_API_KEY= BRMS_UEB_API_SECRET= #Dependency.json file version -BRMS_DEPENDENCY_VERSION=1.2.0 +BRMS_DEPENDENCY_VERSION=1.3.1 diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index b9ce28e86b..5109465837 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.3.0 +image: onap/policy-pe:1.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index 24f6b8208c..7afaeaea61 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -91,7 +91,7 @@ AAI_PASSWORD=demo123456! # MSO -SO_URL=http://so.{{.Release.Namespace}}:8080/ecomp/mso/infra +SO_URL=http://so.{{.Release.Namespace}}:8080/onap/so/infra SO_USERNAME=InfraPortalClient SO_PASSWORD=password1$ diff --git a/kubernetes/policy/charts/drools/templates/service.yaml b/kubernetes/policy/charts/drools/templates/service.yaml index 84eedd1bc6..221063bd82 100644 --- a/kubernetes/policy/charts/drools/templates/service.yaml +++ b/kubernetes/policy/charts/drools/templates/service.yaml @@ -34,8 +34,8 @@ spec: nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} name: {{ .Values.service.portName }}-{{ .Values.service.externalPort2 }} {{- else -}} - - port: {{ .Values.service.type.externalPort }} - targetPort: {{ .Values.service.type.internalPort }} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} {{- end}} selector: diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index bacddde0b5..9dfefae61c 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-drools:1.3.0 +image: onap/policy-drools:1.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 6bb6765169..5496123104 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.3.0 +image: onap/policy-pe:1.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml index 2a5b04a344..96803cfd70 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-apex-pdp:2.0.0 +image: onap/policy-apex-pdp:2.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-distribution/values.yaml b/kubernetes/policy/charts/policy-distribution/values.yaml index 835a7456ce..cad79df99e 100644 --- a/kubernetes/policy/charts/policy-distribution/values.yaml +++ b/kubernetes/policy/charts/policy-distribution/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-distribution:2.0.0 +image: onap/policy-distribution:2.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh index 82b08151fc..050ee6c5a3 100644 --- a/kubernetes/policy/resources/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada, AT&T +# Modifications Copyright © 2018 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,7 +23,7 @@ echo "Upload BRMS Param Template" sleep 2 -wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl +wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl?h=casablanca sleep 2 @@ -73,7 +74,7 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A "RULE": { "templateName": "ClosedLoopControlName", "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", - "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + "controlLoopYaml": "controlLoop%3A%0A++version%3A+2.0.0%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0A++timeout%3A+1200%0A++abatement%3A+false%0Apolicies%3A%0A++-+id%3A+unique-policy-id-1-scale-up%0A++++name%3A+Create+a+new+VF+Module%0A++++description%3A%0A++++actor%3A+SO%0A++++recipe%3A+VF+Module+Create%0A++++target%3A%0A++++++type%3A+VNF%0A++++payload%3A%0A++++++requestParameters%3A+%27%7B%22usePreload%22%3Atrue%2C%22userParams%22%3A%5B%5D%7D%27%0A++++++configurationParameters%3A+%27%5B%7B%22ip-addr%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B9%5D%22%2C%22oam-ip-addr%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B16%5D%22%2C%22enabled%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B23%5D%22%7D%5D%27%0A++++retry%3A+0%0A++++timeout%3A+1200%0A++++success%3A+final_success%0A++++failure%3A+final_failure%0A++++failure_timeout%3A+final_failure_timeout%0A++++failure_retries%3A+final_failure_retries%0A++++failure_exception%3A+final_failure_exception%0A++++failure_guard%3A+final_failure_guard" } } }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' @@ -500,4 +501,4 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A "pdpGroup": "default", "policyName": "com.OOF_PCI_CONFIG_POLICY", "policyType": "Base" -}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' \ No newline at end of file +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 2165b18170..8d72d1922b 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -41,7 +41,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.3.0 +image: onap/policy-pe:1.3.1 pullPolicy: Always subChartsOnly: diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml index 72692d9d4e..78c5367b8b 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml @@ -38,8 +38,8 @@ config: aaiUsername: AAI aaiPassword: OBF:1gfr1ev31gg7 aaiHttpProtocol: https - aaiConnectionTimeout: 5000 - aaiReadTimeout: 1000 + aaiConnectionTimeout: 60000 + aaiReadTimeout: 60000 # HTTP Basic Authorization credentials for Rest Service API httpUserId: admin httpPassword: OBF:1u2a1toa1w8v1tok1u30 diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh b/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh new file mode 100644 index 0000000000..8a76cdd929 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +# Get the list of topic from curl ressult +dmaap_mr_host=message-router +dmaap_mr_port=3904 +temp_output_file=".tmpoutput" +curl -X GET http://$dmaap_mr_host:$dmaap_mr_port/topics > $temp_output_file + +# Test topic POA-AUDIT-INIT, POA-AUDIT-RESULT, POA-RULE-VALIDATION +TOPICS="POA-AUDIT-INIT POA-RULE-VALIDATION POA-AUDIT-RESULT" +for i_topic in $TOPICS +do + echo "Looping ... topic: $i_topic" + if grep -iFq "$i_topic" $temp_output_file + then + # code if found + echo "$i_topic found." + else + # code if not found + echo "$i_topic NOT found." + curl -X POST -H "content-type: application/json" --data '{"event":"create topic"}' http://$dmaap_mr_host:$dmaap_mr_port/events/$i_topic + fi +done + +# remove the temp file +rm -f $temp_output_file diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties index 7a119f9267..eab3864168 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties @@ -23,6 +23,6 @@ key.store.password=70c87528c88dcd9f9c2558d30e817868 key.store.type=PKCS12 key.manager.factory.algorithm=SunX509 security.protocol=TLS -connection.timeout.ms=15000 -read.timeout.ms=10000 +connection.timeout.ms=60000 +read.timeout.ms=60000 base.uri=/aaicontextbuilder/service/context diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties index 80167d2257..9a27a6c8c8 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -22,6 +22,6 @@ key.store.password=70c87528c88dcd9f9c2558d30e817868 key.store.type=PKCS12 key.manager.factory.algorithm=SunX509 security.protocol=TLS -connection.timeout.ms=15000 -read.timeout.ms=10000 +connection.timeout.ms=60000 +read.timeout.ms=60000 base.uri=/sdccontextbuilder/service/context diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/ndcb.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/future-builders/ndcb.properties similarity index 100% rename from kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/ndcb.properties rename to kubernetes/pomba/charts/pomba-contextaggregator/resources/config/future-builders/ndcb.properties diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml index 767b2407be..d5ce98e6f2 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml @@ -27,3 +27,11 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/builders/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pre-start-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml index 44268db46e..52a28d012c 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml @@ -30,6 +30,21 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -63,6 +78,10 @@ spec: - mountPath: /opt/app/config/builders name: {{ include "common.fullname" . }}-config-builders readOnly: true + - mountPath: /opt/app/bin/pre_start.sh + name: {{ include "common.fullname" . }}-pre-start + subPath: pre_start.sh + readOnly: false resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -83,5 +102,9 @@ spec: - name: {{ include "common.fullname" . }}-config-builders configMap: name: {{ include "common.fullname" . }}-configmap-builders + - name: {{ include "common.fullname" . }}-pre-start + configMap: + name: {{ include "common.fullname" . }}-pre-start-configmap + defaultMode: 0777 imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index ac8aa6bae6..9c9a6ff185 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -18,6 +18,8 @@ global: nodePortPrefix: 302 repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/application.properties index 7eacd187aa..08879c5606 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/application.properties @@ -36,7 +36,7 @@ sdcConnect.consumerID={{ .Values.config.sdcConsumerId }} sdcConnect.sdcAddress={{ .Values.config.sdcServiceName }}.{{.Release.Namespace}}:{{ .Values.config.sdcPort }} # Minimum timeout value is 15 seconds; default is 120000s -sdcConnect.timeout.seconds=12000 +sdcConnect.timeout.seconds=60000 # {0} = UUID sdc.url.template=/sdc/v1/catalog/services/{0}/toscaModel diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml index f85490dc12..b813288baa 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml @@ -39,7 +39,7 @@ debugEnabled: false config: #Application properties sdcUsername: pomba - sdcPassword: OBF:1uha1uh81w8v1ugi1ugg + sdcPassword: OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp sdcConsumerId: pomba sdcServiceName: sdc-be sdcPort: 8443 diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties index bce6710a5e..5b64f841e2 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties @@ -32,14 +32,14 @@ basicAuth.username={{ .Values.config.serviceDecompositionUserId }} basicAuth.password={{ .Values.config.serviceDecompositionPassword }} # AAI REST Client Configuration -aai.serviceName=127.0.0.1 -aai.servicePort=8443 -aai.username=AAI -aai.password=OBF:1gfr1ev31gg7 -aai.httpProtocol=https +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} aai.securityProtocol=TLS -aai.connectionTimeout=15000 -aai.readTimeout=15000 +aai.connectionTimeout=60000 +aai.readTimeout=60000 aai.resourceList=vnfc,vserver,l3-network aai.serviceInstancePath=/aai/v13/nodes/service-instance/{0} diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml index a4b2c8b1d6..a1ef2725d8 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml @@ -34,6 +34,11 @@ debugEnabled: false # Example: config: # Service Decomposition REST Client Configuration + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https # Basic Authorization Client credentials for Service Decomposition REST service serviceDecompositionUserId: admin serviceDecompositionPassword: OBF:1u2a1toa1w8v1tok1u30 diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml index c87e6c377a..c9515c1f41 100644 --- a/kubernetes/portal/charts/portal-app/resources/server/server.xml +++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml @@ -14,6 +14,8 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. + + Modifications to this file for use in ONAP are also subject to the Apache-2.0 license. --> + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/${allLogName}.log + + ${logDirectory}/${allLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + + + + + + ${logDirectory}/${errorLogName}.log + + + + AUDIT_MARKER + + NEUTRAL + DENY + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + INFO + + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${debugLogName}.log + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + + e.level.toInt() <= DEBUG.toInt() + + DENY + NEUTRAL + + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${auditLogName}.log + + + + AUDIT_MARKER + + DENY + ACCEPT + + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${transactionLogName}.log + + + + TRANSACTION_MARKER + + DENY + ACCEPT + + + ${logDirectory}/${transactionLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${queueSize} + + + + ${queueSize} + + + + ${queueSize} + + + + ${queueSize} + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/NOTES.txt b/kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt similarity index 95% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/NOTES.txt rename to kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt index 2088e3305d..41f9706fec 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/templates/NOTES.txt +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml new file mode 100644 index 0000000000..1d0751a01b --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-logging-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml new file mode 100644 index 0000000000..d20a1d123d --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml @@ -0,0 +1,149 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "sdc-be" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: {{ include "common.name" . }}-job-completion + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" + command: + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-sdc-be-config-backend + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: /dcae/conf/composition + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: ENVNAME + value: {{ .Values.global.env.name }} + - name: JAVA_OPTIONS + value: {{ .Values.config.javaOptions }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /var/opt/dcae-be/chef-solo/environments/ + - name: {{ include "common.fullname" . }}-localtime + mountPath: /etc/localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-logback + mountPath: /tmp/logback.xml + subPath: logback.xml + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/dcae-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + volumes: + - name: {{ include "common.fullname" . }}-localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-sdc-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logback + configMap: + name : {{ include "common.fullname" . }}-logging-configmap + - name: {{ include "common.fullname" . }}-environments + configMap: + name: {{ .Release.Name }}-sdc-environments-configmap + defaultMode: 0755 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml new file mode 100644 index 0000000000..0d7cabcc4d --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml @@ -0,0 +1,70 @@ +# Copyright © 2017 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-tools + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ include "common.name" . }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }}-job + image: {{ include "common.repository" . }}/{{ .Values.backendInitImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /var/opt/dcae-tools/chef-solo/environments + env: + - name: ENVNAME + value: {{ .Values.global.env.name }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumes: + - name: {{ include "common.fullname" . }}-environments + configMap: + name: {{ .Release.Name }}-sdc-environments-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Never diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml new file mode 100644 index 0000000000..1b981c04d1 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml @@ -0,0 +1,56 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "sdc-dcae-be", + "version": "v1", + "url": "/dcae", + "protocol": "REST", + "port": "{{ .Values.service.internalPort2 }}", + "visualRange": "1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml new file mode 100644 index 0000000000..9ae8f31499 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml @@ -0,0 +1,91 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dcae-be:1.3-STAGING-latest +pullPolicy: Always +backendInitImage: onap/dcae-tools:1.3-STAGING-latest + +# flag to enable debugging - application support required +debugEnabled: false + +config: + javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-be/logback-spring.xml + cassandraSslEnabled: "false" + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 240 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 240 + periodSeconds: 10 + +service: + type: ClusterIP + name: sdc-dcae-be + portName: sdc-dcae-be-8082 + externalPort: 8082 + internalPort: 8082 + portName2: sdc-dcae-be-8444 + externalPort2: 8444 + internalPort2: 8444 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml new file mode 100644 index 0000000000..e7d4830c78 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP DCAE desiner composition tool for creating customized templates +name: sdc-dcae-dt +version: 3.0.0 diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml b/kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml new file mode 100644 index 0000000000..89fd30159c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml @@ -0,0 +1,205 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/${allLogName}.log + + ${logDirectory}/${allLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + + + + + + ${logDirectory}/${errorLogName}.log + + + + AUDIT_MARKER + + NEUTRAL + DENY + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + INFO + + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${debugLogName}.log + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + + e.level.toInt() <= DEBUG.toInt() + + DENY + NEUTRAL + + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${auditLogName}.log + + + + AUDIT_MARKER + + DENY + ACCEPT + + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${transactionLogName}.log + + + + TRANSACTION_MARKER + + DENY + ACCEPT + + + ${logDirectory}/${transactionLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${queueSize} + + + + ${queueSize} + + + + ${queueSize} + + + + ${queueSize} + + + + + + + + + + + + + + + diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt b/kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt new file mode 100644 index 0000000000..0063bb6c80 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.fullname" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml new file mode 100644 index 0000000000..144bdb719f --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-logging-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml new file mode 100644 index 0000000000..f91335e1fd --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - sdc-dcae-be + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: {{ include "common.name" . }}-job-completion + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" + command: + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-sdc-dcae-be-tools + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: /dcae/healthCheckOld + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: ENVNAME + value: {{ .Values.global.env.name }} + - name: JAVA_OPTIONS + value: {{ .Values.config.javaOptions }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /var/opt/dcae-dt/chef-solo/environments/ + - name: {{ include "common.fullname" . }}-localtime + mountPath: /etc/localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-logback + mountPath: /tmp/logback.xml + subPath: logback.xml + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + volumes: + - name: {{ include "common.fullname" . }}-localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-sdc-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logback + configMap: + name : {{ include "common.fullname" . }}-logging-configmap + - name: {{ include "common.fullname" . }}-environments + configMap: + name: {{ .Release.Name }}-sdc-environments-configmap + defaultMode: 0755 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/service.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml similarity index 53% rename from kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/service.yaml rename to kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml index 7ec7f07020..e9186089d0 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml @@ -1,5 +1,4 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,31 +22,27 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "sdc-dcae-dt", + "version": "v1", + "url": "/dcae", + "protocol": "UI", + "port": "{{ .Values.service.internalPort }}", + "visualRange": "0|1" + } + ]' spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} + - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} + - port: {{ .Values.service.internalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} - name: {{ .Values.service.portName }}4 - - port: {{ .Values.service.externalPort5 }} - targetPort: {{ .Values.service.internalPort5 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort5 }} - name: {{ .Values.service.portName }}5 - {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} @@ -55,15 +50,6 @@ spec: - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName }}4 - - port: {{ .Values.service.externalPort5 }} - targetPort: {{ .Values.service.internalPort5 }} - name: {{ .Values.service.portName }}5 {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml new file mode 100644 index 0000000000..f04b8fa5f2 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -0,0 +1,83 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dcae-dt:1.2-STAGING-latest +pullPolicy: IfNotPresent +config: + javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + enabled: false + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: sdc-dcae-dt + portName: dcae-dt + nodePort: "65" + internalPort: 8186 + portName2: dcae-dt2 + nodePort2: "66" + internalPort2: 9446 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/.helmignore b/kubernetes/sdc/charts/sdc-dcae-fe/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml new file mode 100644 index 0000000000..75825026f3 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2013 Amdocs, AT&T,Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP SDC DCAE UI for service monitoring and MC create and configure +name: sdc-dcae-fe +version: 3.0.0 diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml b/kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml new file mode 100644 index 0000000000..8dbf347dc7 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml @@ -0,0 +1,204 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/${allLogName}.log + + ${logDirectory}/${allLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + + + + + + ${logDirectory}/${errorLogName}.log + + + + AUDIT_MARKER + + NEUTRAL + DENY + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + INFO + + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${debugLogName}.log + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + + e.level.toInt() <= DEBUG.toInt() + + DENY + NEUTRAL + + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${auditLogName}.log + + + + AUDIT_MARKER + + DENY + ACCEPT + + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${logDirectory}/${transactionLogName}.log + + + + TRANSACTION_MARKER + + DENY + ACCEPT + + + ${logDirectory}/${transactionLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${queueSize} + + + + ${queueSize} + + + + ${queueSize} + + + + ${queueSize} + + + + + + + + + + + + + + + diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt b/kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt new file mode 100644 index 0000000000..0063bb6c80 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.fullname" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml new file mode 100644 index 0000000000..144bdb719f --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-logging-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml new file mode 100644 index 0000000000..c13942f160 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml @@ -0,0 +1,148 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - sdc-dcae-be + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: {{ include "common.name" . }}-job-completion + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" + command: + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-sdc-dcae-be-tools + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: /dcaed/healthCheck + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: ENVNAME + value: {{ .Values.global.env.name }} + - name: JAVA_OPTIONS + value: {{ .Values.config.javaOptions }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /var/opt/dcae-fe/chef-solo/environments/ + - name: {{ include "common.fullname" . }}-localtime + mountPath: /etc/localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-logback + mountPath: /tmp/logback.xml + subPath: logback.xml + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/dcae-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + volumes: + - name: {{ include "common.fullname" . }}-localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-sdc-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logback + configMap: + name : {{ include "common.fullname" . }}-logging-configmap + - name: {{ include "common.fullname" . }}-environments + configMap: + name: {{ .Release.Name }}-sdc-environments-configmap + defaultMode: 0755 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml new file mode 100644 index 0000000000..49364bf05c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml @@ -0,0 +1,56 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "dcae-gui", + "version": "v1", + "url": "/dcae", + "protocol": "UI", + "port": "{{ .Values.service.internalPort }}", + "visualRange": "0|1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName }}2 + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName }}2 + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml new file mode 100644 index 0000000000..9f544cb9e0 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -0,0 +1,88 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dcae-fe:1.3-STAGING-latest +pullPolicy: Always +config: + javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + #Example service definition with external, internal and node ports. + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: sdc-dcae-fe + portName: dcae-fe + nodePort: "63" + internalPort: 8183 + portName2: dcae-fe2 + nodePort2: "64" + internalPort2: 9444 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml new file mode 100644 index 0000000000..28e25000ee --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Tosca model for component monitoring and descriptors deployment +name: sdc-dcae-tosca-lab +version: 3.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/NOTES.txt b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt similarity index 87% rename from kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/NOTES.txt rename to kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt index 974fae450e..41f9706fec 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/NOTES.txt +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,13 +18,13 @@ http://{{ . }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') echo http://$SERVICE_IP:{{ .Values.service.externalPort }} {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml new file mode 100644 index 0000000000..c6cc67e997 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml @@ -0,0 +1,124 @@ +# Copyright © 2017 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "sdc-dcae-be" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: /healthcheck + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: ENVNAME + value: {{ .Values.global.env.name }} + - name: JAVA_OPTIONS + value: {{ .Values.config.javaOptions }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /var/opt/dcae-be/chef-solo/environments/ + - name: {{ include "common.fullname" . }}-localtime + mountPath: /etc/localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + volumes: + - name: {{ include "common.fullname" . }}-localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-sdc-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-environments + configMap: + name: {{ .Release.Name }}-sdc-environments-configmap + defaultMode: 0755 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml new file mode 100644 index 0000000000..6595a04d57 --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml @@ -0,0 +1,56 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "dcae-be", + "version": "v1", + "url": "/dcae", + "protocol": "REST", + "port": "{{ .Values.service.internalPort2 }}", + "visualRange": "1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/values.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml similarity index 80% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/values.yaml rename to kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml index f848162ce6..a22479e8e8 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml @@ -1,5 +1,4 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repository: nexus3.onap.org:10001 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -29,17 +27,15 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: library/tomcat:8.5 +image: onap/dcae-tosca-app:1.3-STAGING-latest pullPolicy: Always -warImage: onap/music/music:2.5.3 # flag to enable debugging - application support required debugEnabled: false -# application configuration config: - usernameCassandra: cassandra1 - passwordCassandra: cassandra1 + javaOptions: -XX:MaxPermSize=256m -Xmx1024m + cassandraSslEnabled: "false" # default number of instances replicaCount: 1 @@ -48,43 +44,47 @@ nodeSelector: {} affinity: {} -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - memory: 4Gi - cpu: 2000m - requests: - memory: 1Gi - cpu: 500m - large: - limits: - memory: 8Gi - cpu: 4000m - requests: - memory: 2Gi - cpu: 1000m - unlimited: {} # probe configuration parameters liveness: initialDelaySeconds: 10 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: true + enabled: false readiness: initialDelaySeconds: 10 periodSeconds: 10 service: - type: NodePort - name: oof-has-music - externalPort: 8080 - internalPort: 8080 - nodePort: 76 - portName: oof-has-music + type: ClusterIP + name: sdc-dcae-tosca-lab + portName: sdc-dcae-tosca-lab-8085 + externalPort: 8085 + internalPort: 8085 + portName2: sdc-dcae-tosca-lab-8445 + externalPort2: 8445 + internalPort2: 8445 + ingress: enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/values.yaml b/kubernetes/sdc/charts/sdc-es/values.yaml index 93a66a9236..f7487c5940 100644 --- a/kubernetes/sdc/charts/sdc-es/values.yaml +++ b/kubernetes/sdc/charts/sdc-es/values.yaml @@ -52,7 +52,7 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index 52240457e1..67e237a51f 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -12,11 +12,12 @@ "CS_VIP": "sdc-cs.{{include "common.namespace" .}}", "BE_VIP": "sdc-be.{{include "common.namespace" .}}", "ONBOARDING_BE_VIP": "sdc-onboarding-be.{{include "common.namespace" .}}", + "DCAE_BE_VIP": "sdc-dcae-be.{{include "common.namespace" .}}", + "DCAE_FE_VIP": "sdc-dcae-fe.{{include "common.namespace" .}}", + "DCAE_TOSCA_LAB_VIP": "sdc-dcae-tosca-lab.{{include "common.namespace" .}}", "FE_VIP": "sdc-fe.{{include "common.namespace" .}}", "ES_VIP": "sdc-es.{{include "common.namespace" .}}", "KB_VIP": "sdc-kb.{{include "common.namespace" .}}", - "DCAE_BE_VIP": "", - "DCAE_FE_VIP": "", "interfaces": { "application": "eth0", "private": "eth0" @@ -53,12 +54,12 @@ }, "Plugins": { "DCAE": { - "dcae_discovery_url": "{{.Values.config.environment.dcaeUrl}}", - "dcae_source_url": "{{.Values.config.environment.dcaeUrl}}" + "dcae_discovery_url": "http://sdc-dcae-fe.{{include "common.namespace" .}}:8183/dcaed/#/home", + "dcae_source_url": "http://sdc.dcae.plugin.simpledemo.onap.org:30263/dcaed/#/home" }, "DCAE-TAB": { - "dcae_dt_discovery_url": "", - "dcae_dt_source_url": "" + "dcae_dt_discovery_url": "http://sdc-dcae-dt.{{include "common.namespace" .}}:8186/dcae/#/dcae/home", + "dcae_dt_source_url": "http://sdc.dcae.plugin.simpledemo.onap.org:30265/dcae/#/dcae/home" }, "WORKFLOW": { "workflow_discovery_url": "http://sdc-wfd-fe.{{include "common.namespace" .}}:8080", diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index 9965673967..ea95bd7f53 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -29,10 +29,10 @@ config: logstashServiceName: log-ls logstashPort: 5044 environment: - dcaeUrl: 10.0.2.15 workflowUrl: 10.0.2.15 vnfRepoPort: 8702 + sdc-es: service: name: sdc-es diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index ac183f0af8..2c46307f05 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.3.4 +image: onap/admportal-sdnc-image:1.4.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/ueb-listener/resources/config/ueb-listener.properties b/kubernetes/sdnc/charts/ueb-listener/resources/config/ueb-listener.properties index 4ff572a762..86e51317f2 100644 --- a/kubernetes/sdnc/charts/ueb-listener/resources/config/ueb-listener.properties +++ b/kubernetes/sdnc/charts/ueb-listener/resources/config/ueb-listener.properties @@ -12,7 +12,7 @@ org.onap.ccsdk.sli.northbound.uebclient.spool.incoming=/opt/onap/sdnc/ueb-listen org.onap.ccsdk.sli.northbound.uebclient.spool.archive=/opt/onap/sdnc/ueb-listener/spool/archive org.onap.ccsdk.sli.northbound.uebclient.polling-interval=30 org.onap.ccsdk.sli.northbound.uebclient.polling-timeout=15 -org.onap.ccsdk.sli.northbound.uebclient.client-startup-timeout=900 +org.onap.ccsdk.sli.northbound.uebclient.client-startup-timeout=300 org.onap.ccsdk.sli.northbound.uebclient.relevant-artifact-types=TOSCA_CSAR org.onap.ccsdk.sli.northbound.uebclient.activate-server-tls-auth=false org.onap.ccsdk.sli.northbound.uebclient.keystore-path= diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 32d98840f7..b30ef38bb8 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -195,4 +195,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} {{ end }} diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index fc6d216d5b..cf554df7c5 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -264,8 +264,7 @@ appc: timeout: 360000 write: APPC-LCM-READ sdnc: - read: - name: SDNC-LCM-WRITE + read: SDNC-LCM-WRITE write: SDNC-LCM-READ response: timeout: 360000 diff --git a/kubernetes/uui/charts/uui-server/values.yaml b/kubernetes/uui/charts/uui-server/values.yaml index 268c6f3e41..bcf6897cf1 100644 --- a/kubernetes/uui/charts/uui-server/values.yaml +++ b/kubernetes/uui/charts/uui-server/values.yaml @@ -25,7 +25,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/usecase-ui/usecase-ui-server:1.1.1 +image: onap/usecase-ui-server:1.2.0 pullPolicy: Always # application configuration diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index faab73a7a2..a1341d0310 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -25,7 +25,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/usecase-ui:1.2.0 +image: onap/usecase-ui:1.2.1 pullPolicy: Always # application configuration diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml index 0c77a17261..e90b1564e8 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml @@ -120,6 +120,8 @@ spec: volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} annotations: {{- if .Values.persistence.storageClass }} volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }} @@ -132,4 +134,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} + selector: + matchLabels: + name: {{ include "common.fullname" . }} {{- end }} diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index a236754c75..3e6b319444 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -89,7 +89,7 @@ spec: - name: VID_ECOMP_REDIRECT_URL value: https://{{ .Values.config.portalhost }}:{{ .Values.config.onapport }}/ONAPPORTAL/login.htm - name: VID_ECOMP_REST_URL - value: https://portal-app.{{ include "common.namespace" . }}:{{ .Values.config.onapportrest }}/ONAPPORTAL/auxapi + value: https://portal-app:{{ .Values.config.onapportrest }}/ONAPPORTAL/auxapi - name: VID_ROLE_ACCESS_CENTRALIZED value: "{{ .Values.config.roleaccesscentralized }}" - name: VID_CONTACT_US_LINK diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index c36b873a60..1527f39919 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:3.0.0 +image: onap/vid:3.2.0 pullPolicy: Always # mariadb image for initializing diff --git a/kubernetes/vvp/Chart.yaml b/kubernetes/vvp/Chart.yaml new file mode 100644 index 0000000000..61b8ed1edc --- /dev/null +++ b/kubernetes/vvp/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP VNF Validation Platform +name: vvp +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml new file mode 100644 index 0000000000..5304ccb55f --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: end-to-end flow tests based on Seleniunm +name: vvp-ci-uwsgi +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py new file mode 100644 index 0000000000..8b70506f6c --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py @@ -0,0 +1,278 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os +from datetime import datetime + +# With this file at web/settings/__init__.py, we need three applications of +# dirname() to find the project root. +PROJECT_PATH = os.path.realpath(os.path.dirname(os.path.dirname(os.path.dirname(__file__)))) +LOGS_PATH = os.path.join(PROJECT_PATH, "logs") + +ICE_ENVIRONMENT = os.environ['ICE_ENVIRONMENT'] +PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX'] +SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER'] +PROGRAM_NAME = os.environ['PROGRAM_NAME'] +SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN'] + +# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ +SECRET_KEY = os.environ["SECRET_KEY"] + +# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts +# Anything in the Host header that does not match our expected domain should +# raise SuspiciousOperation exception. +ALLOWED_HOSTS = ['*'] + +if ICE_ENVIRONMENT == 'production': + DEBUG = False + + EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' + EMAIL_HOST = os.environ.get('ICE_EMAIL_HOST') + EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] + EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] + EMAIL_PORT = os.environ['EMAIL_PORT'] +else: + DEBUG = True + EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' + + +# Note: Only SSL email backends are allowed +EMAIL_USE_SSL = True + +REST_FRAMEWORK = { + 'DEFAULT_AUTHENTICATION_CLASSES': ( + 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', + ), + 'PAGE_SIZE': 10, + # Use Django's standard `django.contrib.auth` permissions, + # or allow read-only access for unauthenticated users. + 'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',), +} +APPEND_SLASH = False + +# Application definition + +INSTALLED_APPS = [ + + 'django.contrib.auth', + 'django.contrib.contenttypes', # required by d.c.admin + 'django.contrib.sessions', # required by d.c.admin + 'django.contrib.messages', # required by d.c.admin + 'django.contrib.staticfiles', + 'django.contrib.admin', # django admin site + 'rest_framework', + 'iceci.apps.IceCiConfig', +] + +MIDDLEWARE_CLASSES = [ + 'django.middleware.security.SecurityMiddleware', + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', +] + +ROOT_URLCONF = 'web.urls' + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'DIRS': [PROJECT_PATH + '/web/templates'], + 'APP_DIRS': True, + 'OPTIONS': { + 'context_processors': [ + 'django.template.context_processors.debug', + 'django.template.context_processors.request', + 'django.contrib.auth.context_processors.auth', # required by d.c.admin + 'django.contrib.messages.context_processors.messages', # required by d.c.admin + ], + }, + }, +] + +WSGI_APPLICATION = 'web.wsgi.application' + +# Database +# https://docs.djangoproject.com/en/1.9/ref/settings/#databases + +DATABASES = { + 'default': { # CI DB details. + 'NAME': '/app/ice_ci_db.db' , + 'ENGINE': 'django.db.backends.sqlite3', + 'TEST_NAME': '/app/ice_ci_db.db', + }, +} +SINGLETONE_DB = { + 'default': { # CI DB details. + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.environ.get('CI_DB_NAME', 'ice_ci_db'), + 'USER': os.environ.get('CI_DB_USER', 'iceci'), + 'PASSWORD': os.environ.get('CI_DB_PASSWORD', 'Aa123456'), + 'HOST': os.environ.get('CI_DB_HOST', 'localhost'), + 'PORT': os.environ.get('CI_DB_PORT', '5433'), + }, + 'em_db': { # ICE DB details. + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.environ.get('EM_DB_NAME', 'icedb'), + 'USER': os.environ.get('EM_DB_USER', 'iceuser'), + 'PASSWORD': os.environ.get('EM_DB_PASSWORD', 'Aa123456'), + 'HOST': os.environ.get('EM_DB_HOST', 'localhost'), + 'PORT': os.environ.get('EM_DB_PORT', '5433'), + }, + 'cms_db': { # ICE CMS details. + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.environ.get('CMS_DB_NAME', 'icecmsdb'), + 'USER': os.environ.get('CMS_DB_USER', 'icecmsuser'), + 'PASSWORD': os.environ.get('CMS_DB_PASSWORD', 'Aa123456'), + 'HOST': os.environ.get('CMS_DB_HOST', 'localhost'), + 'PORT': os.environ.get('CMS_DB_PORT', '5433'), + } +} + +# Password validation +# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators + +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', + }, +] + + +# Internationalization +# https://docs.djangoproject.com/en/1.9/topics/i18n/ + +LANGUAGE_CODE = 'en-us' + +TIME_ZONE = 'UTC' + +USE_I18N = True + +USE_L10N = True + +USE_TZ = False + + +# Static files (CSS, JavaScript, Images) +# https://docs.djangoproject.com/en/1.9/howto/static-files/ +STATIC_ROOT = os.environ['STATIC_ROOT'] +STATIC_URL = '/static/' + +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes + 'verbose': { + 'format': '%(asctime)s %(levelname)s %(module)s %(filename)s:%(lineno)d %(process)d %(thread)d %(message)s' + }, + 'simple': { + 'format': '%(asctime)s %(levelname)s %(filename)s:%(lineno)d %(message)s' + }, + }, + 'handlers': { + 'console': { + 'class': 'logging.StreamHandler', + 'formatter': 'simple' + }, + 'file1': { + 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL) + 'class': 'logging.FileHandler', + 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-info.log', + 'formatter': 'verbose' + }, + 'file2': { + 'level': 'DEBUG', + 'class': 'logging.FileHandler', + 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-debug.log', + 'formatter': 'verbose' + }, + 'file3': { + 'level': 'ERROR', + 'class': 'logging.FileHandler', + 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-requests.log', + 'formatter': 'verbose' + }, + 'file4': { + 'level': 'ERROR', + 'class': 'logging.FileHandler', + 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-db.log', + 'formatter': 'verbose' + } + }, + 'loggers': { + 'vvp-ci.logger': { + 'handlers': ['file1', 'file2', 'file3', 'file4','console'], + 'level': os.getenv('ICE_ICE_LOGGER_LEVEL', 'DEBUG'), + }, + 'django': { + 'handlers': ['console'], + 'level': os.getenv('ICE_DJANGO_LOGGER_LEVEL', 'DEBUG'), + }, + 'django.request': { + 'handlers': ['file3'], + 'level': os.getenv('ICE_ICE_REQUESTS_LOGGER_LEVEL', 'ERROR'), + }, + 'django.db.backends': { + 'handlers': ['file4'], + 'level': os.getenv('ICE_ICE_DB_LOGGER_LEVEL', 'ERROR'), + } + } +} + + +############################# +# ICE-CI Related Configuration +############################# +ICE_CONTACT_FROM_ADDRESS = os.getenv('ICE_CONTACT_FROM_ADDRESS') +ICE_CONTACT_EMAILS = list(os.getenv('ICE_CONTACT_EMAILS','user@example.com').split(',')) +ICE_CI_ENVIRONMENT_NAME = os.getenv('ICE_CI_ENVIRONMENT_NAME', 'Dev') # Dev / Docker / Staging +ICE_EM_URL = "{domain}/{prefix}".format(domain=os.environ['ICE_EM_DOMAIN_NAME'], prefix=PROGRAM_NAME_URL_PREFIX) +ICE_PORTAL_URL = os.environ['ICE_DOMAIN'] +EM_REST_URL = ICE_EM_URL + '/v1/engmgr/' + +#Number of test results presented in admin page. Illegal values: '0' or 'Null' +NUMBER_OF_TEST_RESULTS = int(os.getenv('NUMBER_OF_TEST_RESULTS', '30')) +ICE_BUILD_REPORT_NUM = os.getenv('ICE_BUILD_REPORT_NUM',"{:%Y-%m-%d-%H-%M-%S}".format(datetime.now())) +IS_JUMP_STATE=os.getenv('IS_JUMP_STATE', "True") +DATABASE_TYPE = 'sqlite' + +# FIXME: Does this authentication scheme actually gain us anything? What's the +# threat model +WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN'] + +# The authentication token and URL needed for us to issue requests to the GitLab API. +GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN'] +GITLAB_URL = "http://vvp-gitlab/" + +JENKINS_URL = "http://vvp-jenkins:8080/" +JENKINS_USERNAME = "admin" +JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD'] + +AWS_S3_HOST = os.environ['S3_HOST'] +AWS_S3_PORT = int(os.environ['S3_PORT']) +AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] +AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] +AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini new file mode 100644 index 0000000000..556fd55713 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini @@ -0,0 +1,20 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +bind = ":8282" +chdir = '/app' +pidfile = '/tmp/ice-project-master.pid' +backlog = '5000' +errorlog = '-' +loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml new file mode 100644 index 0000000000..1d340532a4 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml @@ -0,0 +1,30 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-settings + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/ci/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-secret + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + admin_password: "Y2lhZG1pbnBhc3M=" diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml new file mode 100644 index 0000000000..5c9df34f49 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml @@ -0,0 +1,135 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: 80 + - containerPort: 8282 + - containerPort: 9000 + volumeMounts: + - name: ci-settings + mountPath: /opt/configmaps/settings/ + - name: site-crt + mountPath: /opt/secrets/site-crt/ + env: + - name: ICE_ENVIRONMENT + value: "development" + - name: PROGRAM_NAME_URL_PREFIX + value: "vvp" + - name: SERVICE_PROVIDER + value: "NA" + - name: PROGRAM_NAME + value: "VVP" + - name: SERVICE_PROVIDER_DOMAIN + value: "na.com" + - name: SECRET_KEY + valueFrom: + secretKeyRef: {name: em-secret, key: key} + - name: EM_DB_HOST + value: postgresql + - name: EM_DB_PORT + value: "5432" + - name: EM_DB_NAME + value: icedb + - name: EM_DB_USER + value: "em_postgresuser" + - name: EM_DB_PASSWORD + valueFrom: + secretKeyRef: {name: postgresql-passwords, key: emPassword} + - name: CMS_DB_HOST + value: postgresql + - name: CMS_DB_PORT + value: "5432" + - name: CMS_DB_NAME + value: "icecmsdb" + - name: CMS_DB_USER + value: "cms_postgresuser" + - name: CMS_DB_PASSWORD + valueFrom: + secretKeyRef: {name: postgresql-passwords, key: cmsPassword} + - name: CI_DB_HOST + value: postgresql + - name: CI_DB_PORT + value: "5432" + - name: CI_DB_NAME + value: icedb + - name: CI_DB_USER + value: "em_postgresuser" + - name: CI_DB_PASSWORD + valueFrom: + secretKeyRef: {name: postgresql-passwords, key: ciPassword} + - name: STATIC_ROOT + value: "/app/htdocs" + - name: ICE_CONTACT_FROM_ADDRESS + value: "example" + - name: SECRET_WEBHOOK_TOKEN + valueFrom: + secretKeyRef: {name: em-secret, key: em_webhook_token} + - name: SECRET_GITLAB_AUTH_TOKEN + valueFrom: + secretKeyRef: {name: gitlab-password, key: auth-token} + - name: SECRET_JENKINS_PASSWORD + valueFrom: + secretKeyRef: {name: em-secret, key: jenkins_admin_password} + - name: ICE_DOMAIN + value: https://development.vvp.example.com + - name: ICE_EM_DOMAIN_NAME + value: https://development.vvp.example.com + - name: OAUTHLIB_INSECURE_TRANSPORT + value: "1" + - name: CI_ADMIN_USER + value: "ciadminuser" + - name: CI_ADMIN_MAIL + value: "ciadminmail@example.com" + - name: CI_ADMIN_PASSWORD + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: admin_password} + - name: S3_HOST + value: "dev-s3.vvp.example.com" + - name: S3_PORT + value: "443" + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: {name: em-secret, key: aws_access_key_id} + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: {name: em-secret, key: aws_secret_access_key} + command: ["/app/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "web.wsgi:application", ] + volumes: + - name: ci-settings + configMap: + name: {{ include "common.fullname" . }}-settings + - name: site-crt + secret: + secretName: site-crt diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml similarity index 61% rename from kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/configmap.yaml rename to kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml index 6d7dad9bc1..a4260013a4 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-cassandra/templates/configmap.yaml +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,15 +13,16 @@ # limitations under the License. apiVersion: v1 -kind: ConfigMap +kind: Service metadata: - name: {{ include "common.fullname" . }}-docker-entry-initd + name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/cassandra/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }} - +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/values.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml similarity index 58% rename from kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/values.yaml rename to kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml index 64e0550da2..1b58dd52aa 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-zookeeper/values.yaml +++ b/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,42 +12,34 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults +################################################################# +# Global configuration defaults. +################################################################# +global: nodePortPrefix: 302 - persistence: {} - + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 +################################################################# +# Application configuration defaults. +################################################################# # application image repository: nexus3.onap.org:10001 -image: zookeeper:3.4 +image: onap/vvp/test-engine:1.0.0 pullPolicy: Always -# default number of instances +# flag to enable debugging - application support required +debugEnabled: false + replicaCount: 1 + nodeSelector: {} + affinity: {} -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - memory: 4Gi - cpu: 2000m - requests: - memory: 1Gi - cpu: 500m - large: - limits: - memory: 8Gi - cpu: 4000m - requests: - memory: 2Gi - cpu: 1000m - unlimited: {} + # probe configuration parameters liveness: initialDelaySeconds: 10 @@ -56,14 +47,14 @@ liveness: # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + readiness: initialDelaySeconds: 10 periodSeconds: 10 + service: type: ClusterIP - name: oof-has-zk - externalPort: 2181 - internalPort: 2181 - portName: oof-has-zookeeper + internalPort: 8282 + ingress: enabled: false diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml new file mode 100644 index 0000000000..3adf9a2514 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: backend uwsgi server which hosts django application +name: vvp-cms-uwsgi +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py new file mode 100644 index 0000000000..b583985739 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py @@ -0,0 +1,395 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, unicode_literals +import os +from cms.envbool import envbool + +from django import VERSION as DJANGO_VERSION +from django.utils.translation import ugettext_lazy as _ +from boto.s3.connection import OrdinaryCallingFormat + + +###################### +# MEZZANINE SETTINGS # +###################### + +# The following settings are already defined with default values in +# the ``defaults.py`` module within each of Mezzanine's apps, but are +# common enough to be put here, commented out, for conveniently +# overriding. Please consult the settings documentation for a full list +# of settings Mezzanine implements: +# http://mezzanine.jupo.org/docs/configuration.html#default-settings + +# Controls the ordering and grouping of the admin menu. +# +# ADMIN_MENU_ORDER = ( +# ("Content", ("pages.Page", "blog.BlogPost", +# "generic.ThreadedComment", (_("Media Library"), "media-library"),)), +# ("Site", ("sites.Site", "redirects.Redirect", "conf.Setting")), +# ("Users", ("auth.User", "auth.Group",)), +# ) + +# A three item sequence, each containing a sequence of template tags +# used to render the admin dashboard. +# +# DASHBOARD_TAGS = ( +# ("blog_tags.quick_blog", "mezzanine_tags.app_list"), +# ("comment_tags.recent_comments",), +# ("mezzanine_tags.recent_actions",), +# ) + +# A sequence of templates used by the ``page_menu`` template tag. Each +# item in the sequence is a three item sequence, containing a unique ID +# for the template, a label for the template, and the template path. +# These templates are then available for selection when editing which +# menus a page should appear in. Note that if a menu template is used +# that doesn't appear in this setting, all pages will appear in it. + +# PAGE_MENU_TEMPLATES = ( +# (1, _("Top navigation bar"), "pages/menus/dropdown.html"), +# (2, _("Left-hand tree"), "pages/menus/tree.html"), +# (3, _("Footer"), "pages/menus/footer.html"), +# ) + +# A sequence of fields that will be injected into Mezzanine's (or any +# library's) models. Each item in the sequence is a four item sequence. +# The first two items are the dotted path to the model and its field +# name to be added, and the dotted path to the field class to use for +# the field. The third and fourth items are a sequence of positional +# args and a dictionary of keyword args, to use when creating the +# field instance. When specifying the field class, the path +# ``django.models.db.`` can be omitted for regular Django model fields. +# +# EXTRA_MODEL_FIELDS = ( +# ( +# # Dotted path to field. +# "mezzanine.blog.models.BlogPost.image", +# # Dotted path to field class. +# "somelib.fields.ImageField", +# # Positional args for field class. +# (_("Image"),), +# # Keyword args for field class. +# {"blank": True, "upload_to": "blog"}, +# ), +# # Example of adding a field to *all* of Mezzanine's content types: +# ( +# "mezzanine.pages.models.Page.another_field", +# "IntegerField", # 'django.db.models.' is implied if path is omitted. +# (_("Another name"),), +# {"blank": True, "default": 1}, +# ), +# ) + +# Setting to turn on featured images for blog posts. Defaults to False. +# +# BLOG_USE_FEATURED_IMAGE = True + +# If True, the django-modeltranslation will be added to the +# INSTALLED_APPS setting. +USE_MODELTRANSLATION = False + + +######################## +# MAIN DJANGO SETTINGS # +######################## + +# Hosts/domain names that are valid for this site; required if DEBUG is False +# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts +ALLOWED_HOSTS = ['*'] + +# Set UTC time zone: +TIME_ZONE = 'UTC' +USE_TZ = True + +# Local time zone for this installation. Choices can be found here: +# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name +# although not all choices may be available on all operating systems. +# On Unix systems, a value of None will cause Django to use the same +# timezone as the operating system. +# If running in a Windows environment this must be set to the same as your +# system time zone. +TIME_ZONE = 'UTC' + +# If you set this to True, Django will use timezone-aware datetimes. +USE_TZ = True + +# Language code for this installation. All choices can be found here: +# http://www.i18nguy.com/unicode/language-identifiers.html +LANGUAGE_CODE = "en" + +# Supported languages +LANGUAGES = ( + ('en', _('English')), +) + +ENVIRONMENT = os.environ['ENVIRONMENT'] + +# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ +SECRET_KEY = os.environ["SECRET_KEY"] + +# A boolean that turns on/off debug mode. When set to ``True``, stack traces +# are displayed for error pages. Should always be set to ``False`` in +# production. Best set to ``True`` in local_settings.py +DEBUG = envbool('DJANGO_DEBUG_MODE', False) + +# Note: Only SSL email backends are allowed +EMAIL_USE_SSL = True + +# Whether a user's session cookie expires when the Web browser is closed. +SESSION_EXPIRE_AT_BROWSER_CLOSE = True + +SITE_ID = 1 + +# If you set this to False, Django will make some optimizations so as not +# to load the internationalization machinery. +USE_I18N = False + +AUTHENTICATION_BACKENDS = ("mezzanine.core.auth_backends.MezzanineBackend",) + +# The numeric mode to set newly-uploaded files to. The value should be +# a mode you'd pass directly to os.chmod. +FILE_UPLOAD_PERMISSIONS = 0o644 + + +############# +# DATABASES # +############# + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.environ['PGDATABASE'], + 'USER': os.environ['PGUSER'], + 'PASSWORD': os.environ['PGPASSWORD'], + 'HOST': os.environ['PGHOST'], + 'PORT': os.environ['PGPORT'], + } +} + + +######### +# PATHS # +######### + +# Full filesystem path to the project. +PROJECT_APP_PATH = os.path.dirname(os.path.abspath(__file__)) +PROJECT_APP = os.path.basename(PROJECT_APP_PATH) +PROJECT_ROOT = BASE_DIR = os.path.dirname(PROJECT_APP_PATH) + +# Every cache key will get prefixed with this value - here we set it to +# the name of the directory the project is in to try and use something +# project specific. +CACHE_MIDDLEWARE_KEY_PREFIX = PROJECT_APP + +# Package/module name to import the root urlpatterns from for the project. +ROOT_URLCONF = 'cms.urls' + +TEMPLATES = [ + { + "BACKEND": "django.template.backends.django.DjangoTemplates", + "DIRS": [ + os.path.join(PROJECT_ROOT, "templates") + ], + "APP_DIRS": True, + "OPTIONS": { + "context_processors": [ + "django.contrib.auth.context_processors.auth", + "django.contrib.messages.context_processors.messages", + "django.template.context_processors.debug", + "django.template.context_processors.i18n", + "django.template.context_processors.static", + "django.template.context_processors.media", + "django.template.context_processors.request", + "django.template.context_processors.tz", + "mezzanine.conf.context_processors.settings", + "mezzanine.pages.context_processors.page", + ], + "builtins": [ + "mezzanine.template.loader_tags", + ], + }, + }, +] + +if DJANGO_VERSION < (1, 9): + del TEMPLATES[0]["OPTIONS"]["builtins"] + + +################ +# APPLICATIONS # +################ + +INSTALLED_APPS = ( + "mezzanine_api", + "rest_framework", + "rest_framework_swagger", + "oauth2_provider", + "django.contrib.admin", + "django.contrib.auth", + "django.contrib.contenttypes", + "django.contrib.redirects", + "django.contrib.sessions", + "django.contrib.sites", + "django.contrib.sitemaps", + "django.contrib.staticfiles", + "mezzanine.boot", + "mezzanine.conf", + "mezzanine.core", + "mezzanine.generic", + "mezzanine.pages", + "mezzanine.blog", + "mezzanine.forms", + "mezzanine.galleries", + "mezzanine.twitter", + # "mezzanine.accounts", + # "mezzanine.mobile", + "cms" , + "storages", +) + +# List of middleware classes to use. Order is important; in the request phase, +# these middleware classes will be applied in the order given, and in the +# response phase the middleware will be applied in reverse order. +MIDDLEWARE_CLASSES = ( + "mezzanine.core.middleware.UpdateCacheMiddleware", + "mezzanine_api.middleware.ApiMiddleware", + 'django.contrib.sessions.middleware.SessionMiddleware', + # Uncomment if using internationalisation or localisation + # 'django.middleware.locale.LocaleMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + + "mezzanine.core.request.CurrentRequestMiddleware", + "mezzanine.core.middleware.RedirectFallbackMiddleware", + "mezzanine.core.middleware.TemplateForDeviceMiddleware", + "mezzanine.core.middleware.TemplateForHostMiddleware", + "mezzanine.core.middleware.AdminLoginInterfaceSelectorMiddleware", + "mezzanine.core.middleware.SitePermissionMiddleware", + "mezzanine.pages.middleware.PageMiddleware", + "mezzanine.core.middleware.FetchFromCacheMiddleware", +) + +# Store these package names here as they may change in the future since +# at the moment we are using custom forks of them. +PACKAGE_NAME_FILEBROWSER = "filebrowser_safe" +PACKAGE_NAME_GRAPPELLI = "grappelli_safe" + +######################### +# OPTIONAL APPLICATIONS # +######################### + +# These will be added to ``INSTALLED_APPS``, only if available. +OPTIONAL_APPS = ( + "debug_toolbar", + "django_extensions", + "compressor", + PACKAGE_NAME_FILEBROWSER, + PACKAGE_NAME_GRAPPELLI, +) + +##################### +# REST API SETTINGS # +##################### +try: + from mezzanine_api.settings import * +except ImportError: + pass + + +################## +# LOCAL SETTINGS # +################## + +# Allow any settings to be defined in local_settings.py which should be +# ignored in your version control system allowing for settings to be +# defined per ma chine. + +# Instead of doing "from .local_settings import *", we use exec so that +# local_settings has full access to everything defined in this module. +# Also force into sys.modules so it's visible to Django's autoreload. + +f = os.path.join(PROJECT_APP_PATH, "local_settings/__init__.py") +if os.path.exists(f): + import sys + import imp + module_name = "%s.local_settings" % PROJECT_APP + module = imp.new_module(module_name) + module.__file__ = f + sys.modules[module_name] = module + exec(open(f, "rb").read()) + + +#################### +# DYNAMIC SETTINGS # +#################### + +# set_dynamic_settings() will rewrite globals based on what has been +# defined so far, in order to provide some better defaults where +# applicable. We also allow this settings module to be imported +# without Mezzanine installed, as the case may be when using the +# fabfile, where setting the dynamic settings below isn't strictly +# required. +try: + from mezzanine.utils.conf import set_dynamic_settings +except ImportError: + pass +else: + set_dynamic_settings(globals()) + +# default settings for mezzanine +NEVERCACHE_KEY = os.getenv('CMS_NEVERCACHE_KEY', ''), +# Application User +CMS_APP_USER = os.getenv('CMS_APP_USER') +CMS_APP_USER_PASSWORD = os.getenv('CMS_APP_USER_PASSWORD') +CMS_APP_USER_MAIL = os.getenv('CMS_APP_USER_MAIL') +# Client App (EM) +CMS_APP_CLIENT_ID = os.getenv('CMS_APP_CLIENT_ID') +CMS_APP_CLIENT_SECRET = os.getenv('CMS_APP_CLIENT_SECRET') +CMS_APP_NAME = 'Engagement_Manager_App' +REST_FRAMEWORK['DEFAULT_RENDERER_CLASSES'] = ( + 'rest_framework.renderers.JSONRenderer', +) + +# S3 configuration for static resources storage and media upload + +# used by our custom storage.py +MEDIA_BUCKET = "cms-media" +STATIC_BUCKET = "cms-static" + +# django-storages configuration +AWS_S3_HOST = os.environ['S3_HOST'] +AWS_S3_PORT = int(os.environ['S3_PORT']) +AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] +AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] +AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] +AWS_AUTO_CREATE_BUCKET = True +AWS_PRELOAD_METADATA = True + +# Set by custom subclass. +# AWS_STORAGE_BUCKET_NAME = "em-static" +AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat() +DEFAULT_FILE_STORAGE = 'cms.settings.storage.S3MediaStorage' +STATICFILES_STORAGE = 'cms.settings.storage.S3StaticStorage' + +# These seem to have no effect even when we don't override with custom_domain? +STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET) +MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET) + +STATIC_ROOT = os.environ['STATIC_ROOT'] + diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini new file mode 100644 index 0000000000..29cca7db93 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini @@ -0,0 +1,20 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +bind = ":80" +chdir = '/srv' +pidfile = '/tmp/ice-project-master.pid' +backlog = '5000' +errorlog = '-' +loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py new file mode 100644 index 0000000000..0abfae9035 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py @@ -0,0 +1,50 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +storage.py + +In order to make Django store trusted static files and untrusted media +(user-uploaded) files in separate s3 buckets, we must create two different +storage classes. + +https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/ +http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/ + +""" + +# FIXME this module never changes so might not need not be kept in a +# configmap. Also it is (almost) the same as what we use in em; that does +# not use S3BotoStorageMixin. + +# There is a newer storage based on boto3 but that doesn't support changing +# the HOST, as we need to for non-amazon s3 services. It does support an +# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work. +from storages.backends.s3boto import S3BotoStorage +from filebrowser_safe.storage import S3BotoStorageMixin +from django.conf import settings + + +# NOTE for some reason, collectstatic uploads to bucket/location but the +# urls constructed are domain/location +class S3StaticStorage(S3BotoStorage, S3BotoStorageMixin): + custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET) + bucket_name = settings.STATIC_BUCKET + # location = ... + + +class S3MediaStorage(S3BotoStorage, S3BotoStorageMixin): + custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET) + bucket_name = settings.MEDIA_BUCKET + # location = ... diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml new file mode 100644 index 0000000000..d8b2bbbbbc --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml @@ -0,0 +1,37 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-settings + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/cms/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-secret + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + key: "KCtkbV9yaigwMDU9XmV2emVzZDMjeHB5JC0kY15qI2NsemlsYngmXz0wbGg3by0zNCM=" + app_user: "Y21zYXBwdXNlcg==" + app_user_mail: "Y21zYXBwdXNlckBleGFtcGxlLmNvbQ==" + app_user_password: "Y21zYXBwdXNlcnBhc3N3b3Jk" + app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ==" + app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU=" + nevercache_key: "YV9qLWc1aCszKW9AMndpYXNtYmcoaHV4cHVqaD05NShwLSR2ejF4aiZ0K20pKy11ODQ=" +--- diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml new file mode 100644 index 0000000000..c2408c5824 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml @@ -0,0 +1,111 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort1 }} + - containerPort: {{ .Values.service.internalPort2 }} + env: + - name: ENVIRONMENT + value: "development" + - name: SECRET_KEY + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: key} + - name: EMAIL_HOST + value: "localhost" + - name: EMAIL_HOST_USER + value: "example" + - name: EMAIL_PORT + value: "25" + - name: EMAIL_HOST_PASSWORD + valueFrom: + secretKeyRef: {name: email-secret, key: password} + - name: PGHOST + value: vvp-postgres + - name: PGPORT + value: "5432" + - name: PGDATABASE + value: "icecmsdb" + - name: PGUSER + value: "cms_postgresuser" + - name: PGPASSWORD + valueFrom: + secretKeyRef: {name: postgresql-passwords, key: cmsPassword} + - name: ICE_CONTACT_FROM_ADDRESS + value: "example" + - name: CMS_NEVERCACHE_KEY + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: nevercache_key} + - name: CMS_APP_USER + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user} + - name: CMS_APP_USER_MAIL + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_mail} + - name: CMS_APP_USER_PASSWORD + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_password} + - name: CMS_APP_CLIENT_ID + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_id} + - name: CMS_APP_CLIENT_SECRET + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_secret} + - name: STATIC_ROOT + value: "/app/htdocs" + - name: DJANGO_DEBUG_MODE + value: "True" + - name: S3_HOST + value: "dev-s3.vvp.example.com" + - name: S3_PORT + value: "443" + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: {name: em-secret, key: aws_access_key_id} + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: {name: em-secret, key: aws_secret_access_key} + command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "cms.wsgi:application", ] + volumeMounts: + - name: settings + mountPath: /opt/configmaps/settings/ + - name: site-crt + mountPath: /opt/secrets/site-crt/ + volumes: + - name: settings + configMap: + name: {{ include "common.fullname" . }}-settings + - name: site-crt + secret: + secretName: site-crt diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml new file mode 100644 index 0000000000..0c6c30da78 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort1 }} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml new file mode 100644 index 0000000000..e57b1730c3 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml @@ -0,0 +1,61 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/cms:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + internalPort1: 80 + internalPort2: 9000 + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml new file mode 100644 index 0000000000..4393322261 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: backend uwsgi server which hosts django application +name: vvp-em-uwsgi +version: 3.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/requirements.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml similarity index 87% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/requirements.yaml rename to kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml index 14f1f9a82d..9f44c6df28 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/requirements.yaml +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py new file mode 100644 index 0000000000..ed57ca604d --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py @@ -0,0 +1,332 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +Django settings for VVP project. + +Environment variables that must exist: + + ENVIRONMENT + SECRET_KEY + SECRET_WEBHOOK_TOKEN + SECRET_GITLAB_AUTH_TOKEN + SECRET_JENKINS_PASSWORD + SECRET_CMS_APP_CLIENT_ID + SECRET_CMS_APP_CLIENT_SECRET + +Environment variables that must exist in production: + + EMAIL_HOST + EMAIL_HOST_PASSWORD + EMAIL_HOST_USER + EMAIL_PORT + +""" + +import os +from vvp.settings.envbool import envbool +from corsheaders.defaults import default_headers +from boto.s3.connection import OrdinaryCallingFormat +import datetime + +# With this file at ice/settings/__init__.py, we need three applications of +# dirname() to find the project root. +import engagementmanager +PROJECT_PATH = os.path.dirname(os.path.dirname(engagementmanager.__file__)) +LOGS_PATH = os.path.join(PROJECT_PATH, "logs") + +ENVIRONMENT = os.environ['ENVIRONMENT'] +PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX'] +SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER'] +PROGRAM_NAME = os.environ['PROGRAM_NAME'] +SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN'] + +# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ +SECRET_KEY = os.environ["SECRET_KEY"] + +# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts +# Anything in the Host header that does not match our expected domain should +# raise SuspiciousOperation exception. +ALLOWED_HOSTS = ['*'] + +DEBUG = envbool('DJANGO_DEBUG_MODE', False) + +if ENVIRONMENT == 'production': + EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' + EMAIL_HOST = os.environ['EMAIL_HOST'] + EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] + EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] + EMAIL_PORT = os.environ['EMAIL_PORT'] +else: + EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' + +# Note: Only SSL email backends are allowed +EMAIL_USE_SSL = True + +REST_FRAMEWORK = { + # Use Django's standard `django.contrib.auth` permissions, + # or allow read-only access for unauthenticated users. + 'EXCEPTION_HANDLER': 'engagementmanager.utils.exception_handler.ice_exception_handler', + 'PAGE_SIZE': 10, + 'DEFAULT_PERMISSION_CLASSES': ( + 'rest_framework.permissions.IsAuthenticated', + ), + 'DEFAULT_AUTHENTICATION_CLASSES': ( + 'rest_framework.authentication.SessionAuthentication', + 'rest_framework.authentication.BasicAuthentication', + 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', + ), + 'DEFAULT_PARSER_CLASSES': ( + 'engagementmanager.rest.parsers.XSSJSONParser', + 'engagementmanager.rest.parsers.XSSFormParser', + 'engagementmanager.rest.parsers.XSSMultiPartParser', + ) +} + +JWT_AUTH = { + 'JWT_AUTH_HEADER_PREFIX': 'token', + 'JWT_ALGORITHM': 'HS256', + 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1), + 'JWT_DECODE_HANDLER': 'engagementmanager.utils.authentication.ice_jwt_decode_handler', +} + +APPEND_SLASH = False + +# Application definition +INSTALLED_APPS = [ + 'django.contrib.auth', # required by d.c.admin + 'corsheaders', + 'django.contrib.contenttypes', # required by d.c.admin + 'django.contrib.sessions', # required by d.c.admin + 'django.contrib.messages', # required by d.c.admin + 'django.contrib.staticfiles', + 'django.contrib.admin', # django admin site + 'rest_framework', + 'engagementmanager.apps.EngagementmanagerConfig', + 'validationmanager.apps.ValidationmanagerConfig', +] + +MIDDLEWARE_CLASSES = [ + 'django.middleware.security.SecurityMiddleware', + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', # required by d.c.admin + 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'corsheaders.middleware.CorsMiddleware', +] + +ROOT_URLCONF = 'vvp.urls' + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'DIRS': [PROJECT_PATH + '/web/templates'], + 'APP_DIRS': True, + 'OPTIONS': { + 'context_processors': [ + 'django.template.context_processors.debug', + 'django.template.context_processors.request', + 'django.contrib.auth.context_processors.auth', # required by d.c.admin + 'django.contrib.messages.context_processors.messages', # required by d.c.admin + ], + }, + }, +] + +WSGI_APPLICATION = 'vvp.wsgi.application' + + +# Database +# https://docs.djangoproject.com/en/1.9/ref/settings/#databases +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.environ['PGDATABASE'], + 'USER': os.environ['PGUSER'], + 'PASSWORD': os.environ['PGPASSWORD'], + 'HOST': os.environ['PGHOST'], + 'PORT': os.environ['PGPORT'], + } +} + + +# Password validation +# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators +AUTH_PASSWORD_VALIDATORS = [ + {'NAME': 'django.contrib.auth.password_validation.%s' % s} for s in [ + 'UserAttributeSimilarityValidator', + 'MinimumLengthValidator', + 'CommonPasswordValidator', + 'NumericPasswordValidator', + ]] + + +# Internationalization +# https://docs.djangoproject.com/en/1.9/topics/i18n/ +LANGUAGE_CODE = 'en-us' +TIME_ZONE = 'UTC' +USE_I18N = True +USE_L10N = True +USE_TZ = True + +CORS_ALLOW_HEADERS = default_headers + ('ICE-USER-ID',) + +# Static files (CSS, JavaScript, Images) +# https://docs.djangoproject.com/en/1.9/howto/static-files/ +STATIC_ROOT = os.environ['STATIC_ROOT'] + + +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes + 'verbose': { + 'format': '%(asctime)s %(levelname)s %(name)s %(module)s %(lineno)d %(process)d %(thread)d %(message)s' + }, + 'simple': { + 'format': '%(asctime)s %(levelname)s %(name)s %(message)s' + }, + }, + 'handlers': { + 'console': { + 'class': 'logging.StreamHandler', + 'formatter': 'simple' + }, + 'vvp-info.log': { + 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL) + 'class': 'logging.FileHandler', + 'filename': os.path.join(LOGS_PATH, 'vvp-info.log'), + 'formatter': 'verbose' + }, + 'vvp-debug.log': { + 'level': 'DEBUG', + 'class': 'logging.FileHandler', + 'filename': os.path.join(LOGS_PATH, 'vvp-debug.log'), + 'formatter': 'verbose' + }, + 'vvp-requests.log': { + 'level': 'ERROR', + 'class': 'logging.FileHandler', + 'filename': os.path.join(LOGS_PATH, 'vvp-requests.log'), + 'formatter': 'verbose' + }, + 'vvp-db.log': { + 'level': 'ERROR', + 'class': 'logging.FileHandler', + 'filename': os.path.join(LOGS_PATH, 'vvp-db.log'), + 'formatter': 'verbose', + }, + }, + 'loggers': { + 'vvp.logger': { + 'handlers': ['vvp-info.log', 'vvp-debug.log', 'vvp-requests.log', 'vvp-db.log', 'console'], + 'level': 'DEBUG' if DEBUG else 'INFO', + }, + 'django': { + 'handlers': ['console'], + 'level': 'INFO' if DEBUG else 'ERROR', + }, + 'django.request': { + 'handlers': ['vvp-requests.log', 'console'], + 'level': 'INFO' if DEBUG else 'ERROR', + }, + 'django.db.backends': { + 'handlers': ['vvp-db.log', 'console'], + 'level': 'DEBUG' if DEBUG else 'ERROR', + 'propagate': False, + }, + # silence the hundred lines of useless "missing variable in template" + # complaints per admin pageview. + 'django.template': { + 'level': 'DEBUG', + 'handlers': ['vvp-info.log', 'vvp-debug.log', 'console'], + 'propagate': False, + }, + } +} + + +############################# +# VVP Related Configuration +############################# +CONTACT_FROM_ADDRESS = os.getenv('CONTACT_FROM_ADDRESS', 'dummy@example.com') +CONTACT_EMAILS = [s.strip() for s in os.getenv('CONTACT_EMAILS', 'user@example.com').split(',') if s] +DOMAIN = os.getenv('EM_DOMAIN_NAME') +TOKEN_EXPIRATION_IN_HOURS = 48 +DAILY_SCHEDULED_JOB_HOUR = 20 +NUMBER_OF_POLLED_ACTIVITIES = 5 +TEMP_PASSWORD_EXPIRATION_IN_HOURS = 48 +# This is the DNS name pointing to the private-network ip of the host machine +# running (a haproxy that points to) (an nginx frontend for) this app +API_DOMAIN = 'em' + +# The authentication token needed by Jenkins or Gitlab to issue webhook updates +# to us. This is a "secret" shared by Jenkins and Django. It must be part of +# the URL path component for the Jenkins webhook in ValidationManager to accept +# a notification. It should be a set of random URL-path-safe characters, with +# no slash '/'. +# FIXME: Does this authentication scheme actually gain us anything? What's the +# threat model +WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN'] + +# The authentication token and URL needed for us to issue requests to the GitLab API. +GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN'] +GITLAB_URL = "http://vvp-gitlab/" + +JENKINS_URL = "http://vvp-jenkins:8080/" +JENKINS_USERNAME = "admin" +JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD'] + +IS_CL_CREATED_ON_REVIEW_STATE = envbool('IS_CL_CREATED_ON_REVIEW_STATE', False) # Options: True, False +IS_SIGNAL_ENABLED = envbool('IS_SIGNAL_ENABLED', True) +RECENT_ENG_TTL = 3 # In days +CMS_URL = "http://vvp-cms-uwsgi/api/" +CMS_APP_CLIENT_ID = os.environ['SECRET_CMS_APP_CLIENT_ID'] +CMS_APP_CLIENT_SECRET = os.environ['SECRET_CMS_APP_CLIENT_SECRET'] + +# slack integration +SLACK_API_TOKEN = os.environ['SLACK_API_TOKEN'] +ENGAGEMENTS_CHANNEL = os.getenv('ENGAGEMENTS_CHANNEL', '') +ENGAGEMENTS_NOTIFICATIONS_CHANNEL = os.getenv('ENGAGEMENTS_NOTIFICATIONS_CHANNEL:', '') +DEVOPS_CHANNEL = os.getenv('DEVOPS_CHANNEL', '') +DEVOPS_NOTIFICATIONS_CHANNEL = os.getenv('DEVOPS_NOTIFICATIONS_CHANNEL', '') + +# S3 configuration for static resources storage and media upload + +# used by our custom storage.py +MEDIA_BUCKET = "em-media" +STATIC_BUCKET = "em-static" + +# django-storages configuration +AWS_S3_HOST = os.environ['S3_HOST'] +AWS_S3_PORT = int(os.environ['S3_PORT']) +AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] +AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] +AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] +AWS_AUTO_CREATE_BUCKET = True +AWS_PRELOAD_METADATA = True + +# Set by custom subclass. +# AWS_STORAGE_BUCKET_NAME = "em-static" +AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat() +DEFAULT_FILE_STORAGE = 'vvp.settings.storage.S3MediaStorage' +STATICFILES_STORAGE = 'vvp.settings.storage.S3StaticStorage' + +# These seem to have no effect even when we don't override with custom_domain? +STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET) +MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET) + +STATIC_ROOT = os.environ['STATIC_ROOT'] diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py new file mode 100644 index 0000000000..31f4385d16 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py @@ -0,0 +1,44 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +envbool.py + +Return which environment is currently running on (to setting.py). + +""" +import os + + +def envbool(key, default=False, unknown=True): + """Return a boolean value based on that of an environment variable. + + Environment variables have no native boolean type. They are always strings, and may be empty or + unset (which differs from empty.) Furthermore, notions of what is "truthy" in shell script + differ from that of python. + + This function converts environment variables to python boolean True or False in + case-insensitive, expected ways to avoid pitfalls: + + "True", "true", and "1" become True + "False", "false", and "0" become False + unset or empty becomes False by default (toggle with 'default' parameter.) + any other value becomes True by default (toggle with 'unknown' parameter.) + + """ + return { + 'true': True, '1': True, # 't': True, + 'false': False, '0': False, # 'f': False. + '': default, + }.get(os.getenv(key, '').lower(), unknown) diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini new file mode 100644 index 0000000000..29cca7db93 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini @@ -0,0 +1,20 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +bind = ":80" +chdir = '/srv' +pidfile = '/tmp/ice-project-master.pid' +backlog = '5000' +errorlog = '-' +loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py new file mode 100644 index 0000000000..c76046a329 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py @@ -0,0 +1,48 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +storage.py + +In order to make Django store trusted static files and untrusted media +(user-uploaded) files in separate s3 buckets, we must create two different +storage classes. + +https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/ +http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/ + +""" + +# FIXME this module never changes so might not need not be kept in a +# configmap. Also it is (almost) the same as what we use in cms. + +# There is a newer storage based on boto3 but that doesn't support changing +# the HOST, as we need to for non-amazon s3 services. It does support an +# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work. +from storages.backends.s3boto import S3BotoStorage +from django.conf import settings + + +# NOTE for some reason, collectstatic uploads to bucket/location but the +# urls constructed are domain/location +class S3StaticStorage(S3BotoStorage): + custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET) + bucket_name = settings.STATIC_BUCKET + # location = ... + + +class S3MediaStorage(S3BotoStorage): + custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET) + bucket_name = settings.MEDIA_BUCKET + # location = ... diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml new file mode 100644 index 0000000000..1163973c28 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-settings + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/em/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml new file mode 100644 index 0000000000..1d08f76ed8 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml @@ -0,0 +1,133 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: 80 + - containerPort: 9000 + volumeMounts: + - name: em-settings + mountPath: /opt/configmaps/settings/ + - name: site-crt + mountPath: /opt/secrets/site-crt/ + env: + - name: ENVIRONMENT + value: "development" + - name: PROGRAM_NAME_URL_PREFIX + value: "vvp" + - name: SERVICE_PROVIDER + value: "NA" + - name: PROGRAM_NAME + value: "VVP" + - name: SERVICE_PROVIDER_DOMAIN + value: "na.com" + - name: SECRET_KEY + valueFrom: + secretKeyRef: {name: em-secret, key: key} + - name: EMAIL_HOST + value: "localhost" + - name: EMAIL_HOST_USER + value: "example" + - name: EMAIL_PORT + value: "25" + - name: EMAIL_HOST_PASSWORD + valueFrom: + secretKeyRef: {name: email-secret, key: password} + - name: PGHOST + value: vvp-postgres + - name: PGPORT + value: "5432" + - name: PGDATABASE + value: icedb + - name: PGUSER + value: "em_postgresuser" + - name: PGPASSWORD + valueFrom: + secretKeyRef: {name: postgresql-passwords, key: emPassword} + - name: DOMAIN + value: https://development.vvp.example.com + - name: ICE_EM_DOMAIN_NAME + value: https://development.vvp.example.com + - name: CONTACT_FROM_ADDRESS + value: "example" + - name: OAUTHLIB_INSECURE_TRANSPORT + value: "1" + - name: SECRET_WEBHOOK_TOKEN + valueFrom: + secretKeyRef: {name: em-secret, key: em_webhook_token} + - name: SECRET_GITLAB_AUTH_TOKEN + valueFrom: + secretKeyRef: {name: gitlab-password, key: auth-token} + - name: SECRET_JENKINS_PASSWORD + valueFrom: + secretKeyRef: {name: em-secret, key: jenkins_admin_password} + - name: SECRET_CMS_APP_CLIENT_ID + valueFrom: + secretKeyRef: {name: em-secret, key: cms_app_client_id} + - name: SECRET_CMS_APP_CLIENT_SECRET + valueFrom: + secretKeyRef: {name: em-secret, key: cms_app_client_secret} + - name: STATIC_ROOT + value: "/app/htdocs" + - name: DJANGO_DEBUG_MODE + value: "True" + - name: SLACK_API_TOKEN + valueFrom: + secretKeyRef: {name: em-secret, key: slack_api_token} + - name: ENGAGEMENTS_CHANNEL + value: "" + - name: ENGAGEMENTS_NOTIFICATIONS_CHANNEL + value: "" + - name: DEVOPS_CHANNEL + value: "" + - name: DEVOPS_NOTIFICATIONS_CHANNEL + value: "" + - name: S3_HOST + value: "dev-s3.vvp.example.com" + - name: S3_PORT + value: "443" + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: {name: em-secret, key: aws_access_key_id} + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: {name: em-secret, key: aws_secret_access_key} + command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "vvp.wsgi:application", ] + volumes: + - name: site-crt + secret: + secretName: site-crt + - name: em-settings + configMap: + name: {{ include "common.fullname" . }}-settings diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml new file mode 100644 index 0000000000..a4260013a4 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml new file mode 100644 index 0000000000..a96ca26119 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml @@ -0,0 +1,61 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/engagementmgr:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + internalPort: 80 + portName: em + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml new file mode 100644 index 0000000000..721912d3c9 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: load balancer for external transport +name: vvp-ext-haproxy +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file new file mode 100644 index 0000000000..ca7b40a7bc --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file @@ -0,0 +1,79 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +resolvers dns + nameserver pod_dns "10.3.0.10:53" + resolve_retries 3 + timeout retry 1s + hold valid 30s + +defaults + mode http + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms + option httpclose + option redispatch + option abortonclose + option httplog + option dontlognull + default-server init-addr last,libc,none + +backend gitlab_ssh + mode tcp + option tcplog + timeout server 2h + server gitlabssh vvp-gitlab:22 resolvers dns + +frontend gitlab_ssh_frontend + mode tcp + option tcplog + timeout client 2h + bind 0.0.0.0:22 + acl is_ssh dst_port 22 + use_backend gitlab_ssh if is_ssh + +backend portal_backend + mode http + server ice_portal vvp:8181 resolvers dns + +backend api + mode http + server engagement_manager vvp-em-uwsgi:80 resolvers dns + +backend s3 + mode http + balance roundrobin + option httpchk HEAD / + server ceph-01 10.252.0.21:8080 check inter 10000ms + +frontend portal + mode http + acl is_api_call path_beg -i /vvp + acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. + use_backend api if is_api_call + use_backend s3 if is_s3 + bind 0.0.0.0:80 + bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12 + default_backend portal_backend + +listen stats + bind 0.0.0.0:9001 + mode http + stats enable # Enable stats page + stats realm Haproxy\ Statistics + stats uri /haproxy_stats + stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" + acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 + http-request deny if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml new file mode 100644 index 0000000000..0bb0e264cb --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-cfg + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/ext-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml new file mode 100644 index 0000000000..afe8c75425 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml @@ -0,0 +1,66 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: 80 + - containerPort: 22 + - containerPort: 443 + - containerPort: 9001 + env: + - name: HAPROXY_USER + valueFrom: + secretKeyRef: + name: haproxy-auth + key: user + - name: HAPROXY_PASS + valueFrom: + secretKeyRef: + name: haproxy-auth + key: pass + volumeMounts: + - mountPath: /usr/local/etc/haproxy/ + name: ext-haproxy-cfg + - mountPath: /etc/haproxy/ + name: site-pem + volumes: + - name: ext-haproxy-cfg + configMap: + name: {{ include "common.fullname" . }}-cfg + items: + - key: file + path: haproxy.cfg + - name: site-pem + secret: + secretName: site-pem diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml new file mode 100644 index 0000000000..bcc41c1671 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort1 }} + name: {{ .Values.service.portName1 }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + - port: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + - port: {{ .Values.service.internalPort4 }} + name: {{ .Values.service.portName4 }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml new file mode 100644 index 0000000000..88b32d7d77 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml @@ -0,0 +1,63 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: docker.io +image: haproxy:1.7.2-alpine +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + portName1: web + internalPort1: 80 + portName2: ssl + internalPort2: 443 + portName3: ssh + internalPort3: 22 + portName4: stats + internalPort4: 9000 + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml b/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml new file mode 100644 index 0000000000..4598d6754a --- /dev/null +++ b/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: holds all customers files in repos +name: vvp-gitlab +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml new file mode 100644 index 0000000000..821b5b7dc9 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml @@ -0,0 +1,32 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: gitlab-password + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + password: "YW82aWo2d29oV2VpcXU0ZQ==" + auth-token: "amFkdTZ5b2hqYWl5OFdvYjBJZUs=" +--- +kind: Secret +apiVersion: v1 +metadata: + name: jenkins-deploykey + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + deploykey.pub: "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlQWFNQT2ppSkYvWEdicmNpVXNja1hMbFA0Q0ZHNS9POHErQ0xRZW1CTlE=" diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml new file mode 100644 index 0000000000..09ffaac224 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml @@ -0,0 +1,71 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort1 }} + - containerPort: {{ .Values.service.internalPort2 }} + securityContext: + privileged: true + volumeMounts: + - mountPath: /var/opt/gitlab + name: gitlab + subPath: var/opt/gitlab + - mountPath: /etc/gitlab + name: gitlab + subPath: etc/gitlab + - mountPath: /var/log/gitlab + name: gitlab + subPath: var/log/gitlab + - mountPath: /tmp/deploykey + name: jenkins-deploykey + env: + - name: ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: gitlab-password + key: password + - name: AUTHENTICATION_TOKEN + valueFrom: + secretKeyRef: + name: gitlab-password + key: auth-token + - name: EXTERNAL_URL + value: "http://vvp-gitlab" + volumes: + - name: gitlab + emptyDir: {} + - name: jenkins-deploykey + secret: + secretName: jenkins-deploykey + imagePullSecrets: + - name: onapkey diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml new file mode 100644 index 0000000000..dd4a9cd33b --- /dev/null +++ b/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml @@ -0,0 +1,30 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort1 }} + name: {{ .Values.service.portName1 }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-gitlab/values.yaml b/kubernetes/vvp/charts/vvp-gitlab/values.yaml new file mode 100644 index 0000000000..4855c8873e --- /dev/null +++ b/kubernetes/vvp/charts/vvp-gitlab/values.yaml @@ -0,0 +1,63 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/gitlab:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + internalPort1: 80 + internalPort2: 22 + portName1: web + portName2: ssh + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml b/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml new file mode 100644 index 0000000000..f0b00dcf98 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: scan for validity and viruses on users files +name: vvp-imagescanner +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml b/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml new file mode 100644 index 0000000000..9f44c6df28 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py b/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py new file mode 100644 index 0000000000..1777b13ae0 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os +from pathlib import Path +from awsauth import S3Auth +# A mapping from host names to Requests Authentication Objects; see +# http://docs.python-requests.org/en/master/user/authentication/ +AUTHS = {} +if 'S3_HOST' in os.environ: + AUTHS[os.environ['S3_HOST']] = S3Auth( + os.environ['AWS_ACCESS_KEY_ID'], + os.environ['AWS_SECRET_ACCESS_KEY'], + service_url='https://%s/' % os.environ['S3_HOST'] + ) +LOGS_PATH = Path(os.environ['IMAGESCANNER_LOGS_PATH']) +STATUSFILE = LOGS_PATH/'status.txt' +# A dict passed as kwargs to jenkins.Jenkins constructor. +JENKINS = { + 'url': 'http://jenkins:8080', + 'username': 'admin', + 'password': os.environ['SECRET_JENKINS_PASSWORD'], + } diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml new file mode 100644 index 0000000000..59d60666ef --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml @@ -0,0 +1,91 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: imagescanner-settings + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/imagescanner/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: slack-tokens + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + notifications: "" +--- +kind: Secret +apiVersion: v1 +metadata: + name: imagescanner-ssh + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + # FIXME the imagescanner really should have its own private key, but then we + # have to adjust the gitlab wrapper script to set two public keys as + # deploykeys. + id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K" +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: site-certificate + namespace: {{ include "common.namespace" . }} +data: + site.crt: | + -----BEGIN CERTIFICATE----- + MIIDEDCCAfgCCQDhahVKE9/eUjANBgkqhkiG9w0BAQsFADBKMRAwDgYDVQQKDAdF + eGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtkZXZlbG9wbWVudC52 + dnAuZXhhbXBsZS5jb20wHhcNMTcxMjI0MTUzOTA3WhcNMTgxMjI0MTUzOTA3WjBK + MRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtk + ZXZlbG9wbWVudC52dnAuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB + DwAwggEKAoIBAQCkvNGXe+bdvL2kvrP2L3WABt2WCFoZ2Pn8Px0eEsRiJHVD0eWz + rgJYHFJu0C0cK9NYSKxVVI8LnKH7Ny5MFfM4Tqyr3UEOLs+fSwaAqM5tSyZU/tEK + ractA7bi9fDk2lkcs+LLuZMqGPZ37UZcZwsUQ0BONHP668LqkWqT9hNLIN4ejInr + 32WA3Y7hPNd8Cj+AaLt1x2cXYzi9hrE5l3h9ofkOpXsgDzeIHlp4jJ6kXXQf8UM5 + 1viqa2CWXHBHEG+5eftLSaeE6LAlNt5IJ6LcWEZgNtXr2es4LJC3FjXrv0gc04Cp + U2OfizpbhT11cLGaeXOq1cUCXNIb4FcJApoXAgMBAAEwDQYJKoZIhvcNAQELBQAD + ggEBAFGPDG9iurAhUKbFkY97xLA443U01bdwi7eAT5T9qo/RzOwcbuKWXVm1k5HK + CQO81nlLqLQwhI1+uTTmR41epuJxyGIaDgUySB+8fLzyRSIFaxKD+UeVPgipDNZs + h0sKSKrO6MoWzMLUYvdZRw6VIc+UpSCqPY+FKUBUHZtMpSFLnhHjRvVkiP4VvFXj + b7jQzHughzeITygws42fKK/MK7wQ6byaMVRbPbQKPAXNxd/UrSPeX+RzKRWOZ6R8 + Ulyp7dezXCP77UaTZTsxwlurPQIZNMshDxE/SbWt0Q1g28rj5KfAjoZs5Tg/gmQ8 + LLKI/b1OvKohaANGZ6We5U+ceeU= + -----END CERTIFICATE----- + wrapper.sh: | + #!/bin/sh + # This script is meant to be used as a wrapper, so that it can be easily + # used with docker or kubernetes' container command specification. + # + # Kubernetes' volumeMount creates symlinks for configMapped files at the + # target directory. + # Alpine's update-ca-certificates ignores symlinks. + # So we must contrive to copy the contents of the mounted cert (a symlink) + # into place as a normal file. + dev_cert="${0%/*}/site.crt" + echo >&2 "$0: Checking for site CA certificate at $dev_cert..." + if [ -s "$dev_cert" ]; then + echo >&2 "$0: Updating container CA certificate bundle with site certificate..." + cp -L "$dev_cert" /usr/local/share/ca-certificates/ + update-ca-certificates + else + echo >&2 "$0: No site CA certificate found." + fi + echo >&2 "$0: Launching command: $@" + exec "$@" + diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml new file mode 100644 index 0000000000..d01a7d6960 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml @@ -0,0 +1,123 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: imagescanner-worker + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: + - "sh" + - "/opt/site-certificate/wrapper.sh" + - "/usr/local/bin/imagescanner-worker" + securityContext: + privileged: true + volumeMounts: + - name: imagescanner-ssh + mountPath: /root/.ssh + - name: dev + mountPath: /dev + - name: logs + mountPath: /var/log/imagescanner + - name: imagescanner-settings + mountPath: /opt/imagescanner-settings + - name: site-certificate + mountPath: /opt/site-certificate + env: + - name: PYTHONPATH + value: /opt/imagescanner-settings + - name: S3_HOST + value: "dev-s3.vvp.example.com" + - name: S3_PORT + value: "443" + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: {name: em-secret, key: aws_access_key_id} + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: {name: em-secret, key: aws_secret_access_key} + - name: SECRET_JENKINS_PASSWORD + value: '' + - name: REQUESTS_CA_BUNDLE + value: /etc/ssl/certs/ca-certificates.crt + + - name: notifications-worker + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/usr/local/bin/notifications-worker"] + securityContext: + privileged: true + env: + - name: SLACK_TOKEN + valueFrom: + secretKeyRef: {name: slack-tokens, key: notifications} + - name: DOMAIN + value: "dev-em.vvp.example.com" + - name: PYTHONPATH + value: /opt/imagescanner-settings + - name: SECRET_JENKINS_PASSWORD + valueFrom: + secretKeyRef: {name: em-secret, key: jenkins_admin_password} + volumeMounts: + - name: imagescanner-settings + mountPath: /opt/imagescanner-settings + + - name: imagescanner-frontend + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/usr/local/bin/imagescanner-frontend"] + securityContext: + privileged: true + ports: + - containerPort: 80 + volumeMounts: + - name: logs + mountPath: /var/log/imagescanner + - name: imagescanner-settings + mountPath: /opt/imagescanner-settings + env: + - name: DEFAULT_SLACK_CHANNEL + value: "#notifications" + - name: SECRET_JENKINS_PASSWORD + value: '' + + volumes: + - name: imagescanner-ssh + secret: + secretName: imagescanner-ssh + defaultMode: 0600 + - name: dev + hostPath: + path: /dev + - name: logs + emptyDir: {} + - name: imagescanner-settings + configMap: + name: imagescanner-settings + - name: site-certificate + configMap: + name: site-certificate diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml new file mode 100644 index 0000000000..a4260013a4 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-imagescanner/values.yaml b/kubernetes/vvp/charts/vvp-imagescanner/values.yaml new file mode 100644 index 0000000000..ed62413c4f --- /dev/null +++ b/kubernetes/vvp/charts/vvp-imagescanner/values.yaml @@ -0,0 +1,61 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/image-scanner:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + internalPort: 80 + portName: web + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml new file mode 100644 index 0000000000..b2a1de80ad --- /dev/null +++ b/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: load balancer for internal (container to container) transport +name: vvp-int-haproxy +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file new file mode 100644 index 0000000000..d497ba48b6 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file @@ -0,0 +1,88 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +resolvers dns + nameserver pod_dns "10.3.0.10:53" + resolve_retries 3 + timeout retry 1s + hold valid 30s + +defaults + mode http + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms + option httpclose + option redispatch + option abortonclose + option httplog + option dontlognull + default-server init-addr last,libc,none + +backend gitlab_web_backend + mode http + server gitlab_web_1 vvp-gitlab:80 resolvers dns + +frontend gitlab_web + mode http + bind 0.0.0.0:80 + + acl is_scanner path_beg /imagescanner + acl is_em_admin hdr_beg(host) em. staging-em. dev-em. + acl is_cms hdr_beg(host) cms. staging-cms. dev-cms. + acl is_ci_admin hdr_beg(host) staging-ci. dev-ci. + acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. + + use_backend imagescanner if is_em_admin is_scanner + use_backend cms if is_cms + use_backend api if is_em_admin + use_backend ci if is_ci_admin + use_backend s3 if is_s3 + + default_backend gitlab_web_backend + +backend s3 + mode http + balance roundrobin + server ceph-01 10.252.0.21:8080 + +backend cms + mode http + server cms_server vvp-cms-uwsgi:80 resolvers dns + +backend api + mode http + server engagement_manager vvp-em-uwsgi:80 resolvers dns + +backend ci + mode http + server ci_test vvp-ci-uwsgi:8282 resolvers dns + +listen jenkins + bind 0.0.0.0:8080 + server jenkins vvp-jenkins:8080 resolvers dns + +backend imagescanner + mode http + server imagescanner vvp-imagescanner:80 resolvers dns + +listen stats + bind 0.0.0.0:9000 + mode http + stats enable # Enable stats page + stats realm Haproxy\ Statistics + stats uri /haproxy_stats + stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" + acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 + block if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml new file mode 100644 index 0000000000..255f8f9e78 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-cfg + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/int-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml new file mode 100644 index 0000000000..4344df3ab2 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml @@ -0,0 +1,60 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: 80 + - containerPort: 8080 + - containerPort: 9000 + env: + - name: HAPROXY_USER + valueFrom: + secretKeyRef: + name: haproxy-auth + key: user + - name: HAPROXY_PASS + valueFrom: + secretKeyRef: + name: haproxy-auth + key: pass + volumeMounts: + - mountPath: /usr/local/etc/haproxy/ + name: int-haproxy-cfg + volumes: + - name: int-haproxy-cfg + configMap: + name: {{ include "common.fullname" . }}-cfg + items: + - key: file + path: haproxy.cfg diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml new file mode 100644 index 0000000000..1f8fa2cd64 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml @@ -0,0 +1,32 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort1 }} + name: {{ .Values.service.portName1 }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + - port: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml new file mode 100644 index 0000000000..8a304b4cf5 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml @@ -0,0 +1,61 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: docker.io +image: haproxy:1.7.2-alpine +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + portName1: web + internalPort1: 80 + portName2: jenkins + internalPort2: 8080 + portName3: stats + internalPort3: 9000 + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml b/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml new file mode 100644 index 0000000000..190312fcb0 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: run validation tasks +name: vvp-jenkins +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml b/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml new file mode 100644 index 0000000000..9f44c6df28 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml new file mode 100644 index 0000000000..ba58c32eab --- /dev/null +++ b/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +kind: Secret +apiVersion: v1 +metadata: + name: jenkins-users-admin + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + config.xml: "PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0nVVRGLTgnPz4KPHVzZXI+CiAgPGZ1bGxOYW1lPmFkbWluPC9mdWxsTmFtZT4KICA8ZGVzY3JpcHRpb24+PC9kZXNjcmlwdGlvbj4KICA8cHJvcGVydGllcz4KICAgIDxodWRzb24uc2VjdXJpdHkuSHVkc29uUHJpdmF0ZVNlY3VyaXR5UmVhbG1fLURldGFpbHM+CiAgICAgIDxwYXNzd29yZEhhc2g+I2piY3J5cHQ6JDJhJDEwJERyaXVLdThPcTdpaWhtdi80bzlKOHV6cmg2QlVBaUtuejMuM21EMXBDb2dzUHJnOW42M1pXPC9wYXNzd29yZEhhc2g+CiAgICA8L2h1ZHNvbi5zZWN1cml0eS5IdWRzb25Qcml2YXRlU2VjdXJpdHlSZWFsbV8tRGV0YWlscz4KICA8L3Byb3BlcnRpZXM+CjwvdXNlcj4K" +--- +kind: Secret +apiVersion: v1 +metadata: + name: jenkins-ssh + namespace: {{ include "common.namespace" . }} +type: Opaque +data: + # .ssh/config isn't really a secret, but it's the easiest way to get it into + # the same directory as the key + config: "SG9zdCAqClVzZXJLbm93bkhvc3RzRmlsZSAvZGV2L251bGwKU3RyaWN0SG9zdEtleUNoZWNraW5nIG5vCklkZW50aXR5RmlsZSAiL3Zhci9qZW5raW5zX2hvbWUvLnNzaC9pZF9lZDI1NTE5Igo=" + id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K" diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml new file mode 100644 index 0000000000..def0c03c15 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml @@ -0,0 +1,55 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + ports: + - containerPort: 8080 + volumeMounts: + - name: jenkins-home + mountPath: /var/jenkins_home + - name: jenkins-users-admin + mountPath: /var/jenkins_home/users/admin + - name: jenkins-ssh + mountPath: /var/jenkins_home/.ssh + volumes: + - name: jenkins-home + emptyDir: {} + - name: jenkins-users-admin + secret: + secretName: jenkins-users-admin + - name: jenkins-ssh + secret: + secretName: jenkins-ssh + diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml new file mode 100644 index 0000000000..a4260013a4 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-jenkins/values.yaml b/kubernetes/vvp/charts/vvp-jenkins/values.yaml new file mode 100644 index 0000000000..083f88a663 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-jenkins/values.yaml @@ -0,0 +1,61 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/jenkins:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + internalPort: 8080 + portName: jenkins + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-postgres/Chart.yaml b/kubernetes/vvp/charts/vvp-postgres/Chart.yaml new file mode 100644 index 0000000000..3f4811b7c4 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: store all data of engagement manager +name: vvp-postgres +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf new file mode 100644 index 0000000000..46dec02e65 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# initdb defaults +# +listen_addresses = '*' # what IP address(es) to listen on; +max_connections = 100 # (change requires restart) +shared_buffers = 32MB # min 128kB +datestyle = 'iso, mdy' +lc_messages = 'en_US.UTF-8' # locale for system error message +lc_monetary = 'en_US.UTF-8' # locale for monetary formatting +lc_numeric = 'en_US.UTF-8' # locale for number formatting +lc_time = 'en_US.UTF-8' # locale for time formatting +default_text_search_config = 'pg_catalog.english' +log_line_prefix = 'user=%u,db=%d ' +# +# our customizations +# +dynamic_shared_memory_type = posix +log_timezone = 'UTC' +timezone = 'UTC' diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-music/resources/config/music.properties b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh similarity index 53% rename from kubernetes/oof/charts/oof-has/charts/oof-has-music/resources/config/music.properties rename to kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh index 0b4a973d4f..c2a1f6b6f7 100644 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-music/resources/config/music.properties +++ b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T,VMware +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,16 +12,14 @@ # See the License for the specific language governing permissions and # limitations under the License. -my.public.ip=localhost -all.public.ips=localhost -my.id=0 -all.ids=0 -####################################### -# Optional current values are defaults -####################################### -zookeeper.host=oof-has-zk -cassandra.host=oof-has-cassandra -cassandra.user=root -cassandra.password=Aa123456 -# AAF Endpoint if using AAF -aaf.endpoint.url=https://aaf.api.simpledemo.onap.org +# sourced, not executed, by docker-entrypoint.sh (/bin/bash) + +# defaults +: ${ICE_CMS_DB_USER:="icecmsuser"} +: ${ICE_CMS_DB_NAME:="icecmsdb"} +: ${ICE_CMS_DB_PASSWORD:="na"} + +psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<- EOF + CREATE USER ${ICE_CMS_DB_USER} WITH CREATEDB PASSWORD '${ICE_CMS_DB_PASSWORD}'; + CREATE DATABASE ${ICE_CMS_DB_NAME} WITH OWNER ${ICE_CMS_DB_USER} ENCODING 'utf-8'; +EOF diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh new file mode 100644 index 0000000000..9ca36a141e --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh @@ -0,0 +1,16 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# sourced, not executed, by docker-entrypoint.sh (/bin/bash) +ln -sf /etc/postgresql/conf.d/postgresql.conf "${PGDATA}"/postgresql.conf diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml new file mode 100644 index 0000000000..e5773f6e3f --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml @@ -0,0 +1,29 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgresql-conf + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/postgres/conf/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgresql-initdb + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/postgres/init/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml new file mode 100644 index 0000000000..c7e537da26 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml @@ -0,0 +1,72 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: 5432 + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresql-data + - mountPath: /etc/postgresql/conf.d/ + name: postgresql-conf + - mountPath: /docker-entrypoint-initdb.d/ + name: postgresql-initdb + env: + - name: POSTGRES_DB + value: icedb + - name: ICE_CMS_DB_NAME + value: icecmsdb + - name: POSTGRES_USER + value: em_postgresuser + - name: ICE_CMS_DB_USER + value: cms_postgresuser + - name: ICE_CMS_DB_PASSWORD + valueFrom: + secretKeyRef: + name: postgresql-passwords + key: cmsPassword + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgresql-passwords + key: emPassword + volumes: + - name: postgresql-data + emptyDir: {} + - name: postgresql-conf + configMap: + name: postgresql-conf + - name: postgresql-initdb + configMap: + name: postgresql-initdb diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml new file mode 100644 index 0000000000..a4260013a4 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-postgres/values.yaml b/kubernetes/vvp/charts/vvp-postgres/values.yaml new file mode 100644 index 0000000000..000c049522 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-postgres/values.yaml @@ -0,0 +1,63 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/postgresql:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + name: vvp-postgres + portName: vvp-postgres + internalPort: 5432 + externalPort: 5432 + +ingress: + enabled: false diff --git a/kubernetes/vvp/charts/vvp-redis/Chart.yaml b/kubernetes/vvp/charts/vvp-redis/Chart.yaml new file mode 100644 index 0000000000..4147dd265f --- /dev/null +++ b/kubernetes/vvp/charts/vvp-redis/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: in memory key-value store for all project +name: vvp-redis +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml new file mode 100644 index 0000000000..744b686f94 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml @@ -0,0 +1,41 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + hostname: {{ include "common.name" . }} + containers: + - args: + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + name: {{ include "common.name" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vvp/charts/vvp-redis/templates/service.yaml b/kubernetes/vvp/charts/vvp-redis/templates/service.yaml new file mode 100644 index 0000000000..e46ab4b030 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-redis/templates/service.yaml @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-redis/values.yaml b/kubernetes/vvp/charts/vvp-redis/values.yaml new file mode 100644 index 0000000000..2eddd512da --- /dev/null +++ b/kubernetes/vvp/charts/vvp-redis/values.yaml @@ -0,0 +1,63 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: docker.io +image: redis:alpine +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + name: vvp-redis + portName: vvp-redis + internalPort: 6379 + externalPort: 6379 + +ingress: + enabled: false diff --git a/kubernetes/vvp/requirements.yaml b/kubernetes/vvp/requirements.yaml new file mode 100644 index 0000000000..9f44c6df28 --- /dev/null +++ b/kubernetes/vvp/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/vvp/resources/config/vvp/file b/kubernetes/vvp/resources/config/vvp/file new file mode 100644 index 0000000000..3acdcd8673 --- /dev/null +++ b/kubernetes/vvp/resources/config/vvp/file @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +pid /nginx.pid; +error_log /dev/stdout warn; + +http { + access_log /dev/stdout; + server { + listen 0.0.0.0:8181; + + location / { + include /etc/nginx/mime.types; + root /usr/share/nginx/html/; + } + + } +} + +events { + worker_connections 4096; +} diff --git a/kubernetes/vvp/resources/config/vvp/service_provider.json b/kubernetes/vvp/resources/config/vvp/service_provider.json new file mode 100644 index 0000000000..bcdbbc65fe --- /dev/null +++ b/kubernetes/vvp/resources/config/vvp/service_provider.json @@ -0,0 +1,22 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{ + "serviceProvider": { + "name": "NA" + }, + "program": { + "name": "VVP" + } +} diff --git a/kubernetes/vvp/templates/configmap.yaml b/kubernetes/vvp/templates/configmap.yaml new file mode 100644 index 0000000000..0c3eacdad2 --- /dev/null +++ b/kubernetes/vvp/templates/configmap.yaml @@ -0,0 +1,90 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal-nginx-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/vvp/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: onapkey +data: + .dockercfg: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOiB7InVzZXJuYW1lIjogImRvY2tlciIsICJwYXNzd29yZCI6ICJkb2NrZXIiLCAiZW1haWwiOiAiZW1haWxAZW1haWwuY29tIn19 +type: kubernetes.io/dockercfg +--- +apiVersion: v1 +kind: Secret +metadata: + name: em-secret +type: Opaque +data: + key: "IzkxZV9fdzNrPTc4MUB5KGVfIzZodTZ0JmgyNTQjdSkmYmorbTl0aHglayE2XiowNnI=" + em_webhook_token: "QWlwN29oeDFlaUhhZXNob2g5c2hhaWx1OWVleDd0aGE=" + gitlab_admin_password: "YW82aWo2d29oV2VpcXU0ZQ==" + jenkins_admin_password: "a29peWVCYWlUaDNrYWlOZw==" + cms_app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ==" + cms_app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU=" + slack_api_token: "" + aws_access_key_id: "MlpCMTlVOUQ4SzZYVkpHNzVWWDA=" + aws_secret_access_key: "N3hWV2Vxc0xJb3RLT3VhMHh2aGFwSXNDdDFWVTB4Nk0yRTRmVFJLTw==" +--- +kind: Secret +apiVersion: v1 +metadata: + name: email-secret +type: Opaque +data: + password: "RVhBTVBMRQ==" +--- +kind: Secret +apiVersion: v1 +metadata: + name: site-crt +type: Opaque +data: + # the public part of the certificate, not actually a secret. + site.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" +--- +piVersion: v1 +kind: Secret +metadata: + name: postgresql-passwords +type: Opaque +data: + emPassword: "ZW1fcG9zdGdyZXNwYXNz" + cmsPassword: "Y21zX3Bvc3RncmVzcGFzcw==" + ciPassword: "Y2lkYnBhc3M=" +--- +kind: Secret +apiVersion: v1 +metadata: + name: site-pem +type: Opaque +data: + site.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgotLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0KTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDa3ZOR1hlK2Jkdkwyawp2clAyTDNXQUJ0MldDRm9aMlBuOFB4MGVFc1JpSkhWRDBlV3pyZ0pZSEZKdTBDMGNLOU5ZU0t4VlZJOExuS0g3Ck55NU1GZk00VHF5cjNVRU9McytmU3dhQXFNNXRTeVpVL3RFS3JhY3RBN2JpOWZEazJsa2NzK0xMdVpNcUdQWjMKN1VaY1p3c1VRMEJPTkhQNjY4THFrV3FUOWhOTElONGVqSW5yMzJXQTNZN2hQTmQ4Q2orQWFMdDF4MmNYWXppOQpockU1bDNoOW9ma09wWHNnRHplSUhscDRqSjZrWFhRZjhVTTUxdmlxYTJDV1hIQkhFRys1ZWZ0TFNhZUU2TEFsCk50NUlKNkxjV0VaZ050WHIyZXM0TEpDM0ZqWHJ2MGdjMDRDcFUyT2ZpenBiaFQxMWNMR2FlWE9xMWNVQ1hOSWIKNEZjSkFwb1hBZ01CQUFFQ2dnRUFmaXVua3cvd2FBK3daOGN2YWZRN1dBenFGWWpjQ1VQbllzeXI3bWFOUm1XSgo4cUdGL2pIZDFjSUxXSmZVbE9qeiszL2RqWlV2NGNMYlJONmtkTjJ5NUlOTk9HeEM4U3ZsRkttUGwyYXlnMzYxCkl3L3U1dkROUTJxKzNlRmoyTU5xME5MdGR2N3d1YU5ZMGMxR3dHcWpUNmVhVHN0WnNPcDA1TmJ1KzlmU093ejgKcHJFOUVxU2FpbHBjMFpIMDNUb0JDY1ZpTFBRN0RDeWkzd0QvTHFaWXlqbnNKdnBWVjFGV2paTWRNQjVCTHlQNQp2Wkg5Qk1iQ0Eva2YrUDVYVjBtUU9rcWk3OVN0bEhHc21id3A5YzVEUnZiUHZ3TWdsdUpqVDRRNXZldXNtY1ozClF4ZGpXVVpLeXZUU2w2QmFVV0tmSkxhMGhPWHR1UXB5VHhhMDY3S1RNUUtCZ1FEU2tTUXM4aGhnYVhMQVJDMWUKcWwxK29ZNVNjckxVb3dBbHJoNXYxRjlzcTAyNEkrRXRPa3dUZHZkbDNTQjg0bmhyRDVZQ2JhcXlWRi9uNFRaQQpoMnZkUHVsZ3pOT0FPQUh5bjQyanpuQm5kcWtqaXQrdUhOUVBWVjA3bzVwaDk1N05DT25XNFFPZ01IeFhrbDRzCllROTlVYkJmTmdwTC9PY0NUOWhFbnl3d3pRS0JnUURJU0QvV2poMFZ3Nmd0VXlUcjFUMlQ0S3FzS09HTXNIZ1gKbWVqRkJnQVpoeTNSQTRxSnBLWkdPOWUyK0VvMWRSN1ErVjIzOXhaVy9WdEZDcmdLYUNENm9EWFFQM0grcC93VgpvRXozbDJoMWRrSmxYSVd1Z1ZUY05uOGNHeU1TUi9BMUEycFVQNkMwRTJqSTFXWURpT2VQdnFSVTZpczE4dGYwCkNwMjdnNU5tY3dLQmdGSEUvMUZjNms1MlpKTjVaa3oreDdQbk5RZWJkd3JRQ2J5WU0wV21LVEJnRFp4V2dwazMKckZkYXVaUWJIUVNpUmJUOXBubG04UVN6YzFMdXlFeWl5aVp1eWQ1SGJGSzhiVFUwOUtJS0J1aUcwZ1AxYUF1TApNbWFKOWR5MUdieTFsanQxSEtuUFU4TWZVUW9JMHYxVTY5ajBvaE0zUHlSbkg2WnNMMFhtc2hoNUFvR0FZT0tLCmR5a0NLdUFlUCtiRHFvM2FIdW9FeGdsMHFwRkhWdXR1TGJrc1hTMEdYZURmcUp3TWoxY3RqK1ptUjV2amoyWEMKRDFjbzZHWGhPL0htZTZwSm9kUFVsR3ZNb2tyeTZDZEdkRk03QmU5eVNRUkw2dEhIa2t1T2k3TVk4U1A1c0R0NQp1VTJhV09JMncwaHY4Ky9MVEw4RlVjcUJvclJhQVVVTmJvTkV6NzhDZ1lFQXF0bXI0YmJYeWRnNFpFckY5c2ZWCkh4NUhZdDQweU1QajJrR3hSWm9uQXYvaXBwaHpCNFRXZmZFckdCNlgvdzNnUWpla2Z6S2pFNU5rSGVvMytEQisKbzFqc1BySXhrcFlYSzAydlNWN3RZdnlaczBBWGlGcm5sZFBkSzlhNHRtWHhhZEQwZm1OSkxmU0hwd0tVNXdQagpOR2UzUG5rT1pMUlQ4MHVPWkVpMUx4Zz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=" +--- +apiVersion: v1 +kind: Secret +metadata: + name: haproxy-auth +type: Opaque +data: + user: "aGFwcm94eXVzZXI=" + pass: "aGFwcm94eXBhc3M=" + diff --git a/kubernetes/vvp/templates/deployment.yaml b/kubernetes/vvp/templates/deployment.yaml new file mode 100644 index 0000000000..293013f88d --- /dev/null +++ b/kubernetes/vvp/templates/deployment.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + volumeMounts: + - mountPath: /tmp/ + name: portal-nginx-config + ports: + - containerPort: {{ .Values.service.internalPort }} + command: ["nginx", "-g", "daemon off;", "-c", "/tmp/nginx.conf"] + volumes: + - name: portal-nginx-config + configMap: + name: portal-nginx-config + items: + - key: file + path: nginx.conf + - key: service_provider.json + path: service_provider.json + imagePullSecrets: + - name: onapkey diff --git a/kubernetes/vvp/templates/service.yaml b/kubernetes/vvp/templates/service.yaml new file mode 100644 index 0000000000..4f5287c608 --- /dev/null +++ b/kubernetes/vvp/templates/service.yaml @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/values.yaml b/kubernetes/vvp/values.yaml new file mode 100644 index 0000000000..740811e8c0 --- /dev/null +++ b/kubernetes/vvp/values.yaml @@ -0,0 +1,61 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/vvp/portal:1.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + internalPort: 8181 + externalPort: 8181 + +ingress: + enabled: false