From: Andreas Geissler Date: Fri, 15 Jul 2022 10:01:46 +0000 (+0000) Subject: Merge "[DCAE] Enable optional DCAE components" X-Git-Tag: 11.0.0~104 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=19253fcbba119e3c57ccd39690e04afa02e40f33;hp=1718658339b9e53731048ed4c5a76d989c92581a;p=oom.git Merge "[DCAE] Enable optional DCAE components" --- diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties index b6a3433439..2818fd99b4 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties @@ -18,7 +18,7 @@ ### START -Controller Blueprints Properties # Load Resource Source Mappings */}} -resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability,cps-data=source-rest # Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy @@ -112,6 +112,14 @@ blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-tr blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json +# CPS Data +blueprintsprocessor.restclient.cps-data.type=basic-auth +blueprintsprocessor.restclient.cps-data.url=http://cps-core:8080 +blueprintsprocessor.restclient.cps-data.username=${CPS_USER} +blueprintsprocessor.restclient.cps-data.password=${CPS_PASS_PLAIN} +blueprintsprocessor.restclient.cps-data.additionalHeaders.Accept=application/json +blueprintsprocessor.restclient.cps-data.additionalHeaders.Content-Type=application/json + # Self Service Request Kafka Message Consumer blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable={{ .Values.kafkaRequestConsumer.enabled }} blueprintsprocessor.messageconsumer.self-service-api.type={{ .Values.kafkaRequestConsumer.type }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index d68e900222..1e4f5e10a0 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -118,6 +118,10 @@ spec: fieldPath: metadata.name - name: CLUSTER_CONFIG_FILE value: {{ .Values.config.appConfigDir }}/hazelcast.yaml + - name: CPS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 12 }} + - name: CPS_PASS_PLAIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 12 }} {{ if .Values.useStrimziKafka }} - name: JAAS_PASS value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-kafka-secret" "key" "password") | indent 12 }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index c2745ca7e3..023bf4917b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -72,6 +72,12 @@ secrets: - name: password value: '{{ .Values.config.someConfig }}' policy: generate + - uid: cps-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}' + login: '{{ .Values.config.cps.cpsUsername }}' + password: '{{ .Values.config.cps.cpsPassword }}' + passwordPolicy: required ################################################################# # AAF part @@ -127,6 +133,10 @@ config: # dbRootPassword: password # dbRootPassExternalSecret someConfig: blah + cps: + cpsUsername: '' + cpsPassword: '' + cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds' # default number of instances replicaCount: 1 diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index 28d227645a..58c649c326 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -90,9 +90,9 @@ service: type: NodePort name: cli externalPort: 443 - externalPort1: 9090 + externalPort1: 9443 internalPort: "443" - internalPort1: 9090 + internalPort1: 9443 nodePort: "60" nodePort1: "71" @@ -104,7 +104,7 @@ ingress: port: 443 - baseaddr: "cli2.api" name: cli - port: 9090 + port: 9443 config: ssl: "redirect" diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index d719fb30bd..e9fe577233 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -384,8 +384,9 @@ updateStrategy: ## podAnnotations: # sidecar.istio.io/inject: "false" - traffic.sidecar.istio.io/excludeInboundPorts: "4568" + traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568" traffic.sidecar.istio.io/includeInboundPorts: '*' + traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568" ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh index 1d99c516b7..1b721b363c 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. CLAMP DBHost is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh index 30f324b7cf..865d477b7d 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-policydb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh index db5dcad558..a0974c0a45 100755 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-so-db[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh index f5d9941395..7b0bc246f6 100755 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-vid-mariadb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index e9d890e432..174eb2c3a9 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -68,7 +68,7 @@ spec: mountPath: /etc/jmx-kafka {{- end }} - name: srimzi-zk-entrance - image: 'docker.io/scholzj/zoo-entrance:latest' + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zookeeper.entrance.image }} command: - /opt/stunnel/stunnel_run.sh ports: @@ -227,4 +227,4 @@ spec: - port: {{ .Values.global.zkTunnelService.internalPort }} protocol: TCP policyTypes: - - Ingress \ No newline at end of file + - Ingress diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 372665243e..11daae0de8 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -71,6 +71,10 @@ certInitializer: image: onap/dmaap/dmaap-mr:1.3.2 pullPolicy: Always +zookeeper: + entrance: + image: scholzj/zoo-entrance:latest + secrets: - uid: mr-kafka-admin-secret externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 3beef061ce..3f8ac9deec 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -273,7 +273,7 @@ if [ $execscript ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) @@ -304,4 +304,4 @@ fi if [ -n "$TAG" ]; then VARIABLEFILES="-V /share/config/robot_properties.py" kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out -fi \ No newline at end of file +fi diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 4ef8f462f0..82bf836ade 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -82,7 +82,7 @@ if [ "${!#}" = "execscript" ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2 DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh index 1b31c16e81..90bfa11c13 100755 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -50,7 +50,7 @@ if [ "${!#}" = "execscript" ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh index aef812b143..94883567d6 100755 --- a/kubernetes/robot/instantiate-k8s.sh +++ b/kubernetes/robot/instantiate-k8s.sh @@ -97,7 +97,7 @@ OUTPUT_DIRECTORY=/tmp/vnfdata.${BUILDNUM} set -x POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") TAGS="-i $TAG" ETEHOME=/var/opt/ONAP OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_instantiate_vnf @@ -112,19 +112,19 @@ kubectl --namespace $NAMESPACE cp $FOLDER ${POD}:/tmp/vnfdata.${BUILDNUM} echo "Executing instantiation..." if [ $POLL = 1 ]; then - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" - pid=`kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "pgrep runTags.sh -n"` + pid=`kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "pgrep runTags.sh -n"` if [ -z "$pid" ]; then echo "robot testsuite unable to start" exit 1 fi - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" else - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" fi set +x diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index dac6f6c667..fb6682bf28 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.10.4 -backendInitImage: onap/sdc-backend-init:1.10.4 +image: onap/sdc-backend-all-plugins:1.11.4 +backendInitImage: onap/sdc-backend-init:1.11.4 pullPolicy: Always diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 2b6817b5a1..1e182ed3ee 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -51,8 +51,8 @@ cassandra: # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.10.4 -cassandraInitImage: onap/sdc-cassandra-init:1.10.4 +image: onap/sdc-cassandra:1.11.4 +cassandraInitImage: onap/sdc-cassandra-init:1.11.4 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index e86ae4c0d2..05ac50d432 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.10.4 +image: onap/sdc-frontend:1.11.4 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 30a5f031c2..5a1c6643e6 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.10.4 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.4 +image: onap/sdc-onboard-backend:1.11.4 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.4 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index c89f03b824..7689dcc5e9 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -101,7 +101,7 @@ readiness: service: type: ClusterIP name: sdnc-ansible-server - portName: sdnc-ansible-server + portName: http internalPort: 8000 externalPort: 8000 diff --git a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml index 21416c9b5f..03432d3b63 100644 --- a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml @@ -49,32 +49,34 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: WEBPROTOCOL - value: {{ .Values.config.webProtocol }} + value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }} - name: WEBPORT - value: {{ .Values.config.webPort | quote }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }} - name: SDNRPROTOCOL - value: {{ .Values.config.sdnrProtocol }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }} - name: SDNRHOST - value: {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }} - name: SDNRPORT - value: {{ .Values.config.sdnrPort | quote }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }} + {{ if (include "common.needTLS" .) }} - name: SSL_CERT_DIR value: {{ .Values.config.sslCertDir }} - name: SSL_CERTIFICATE value: {{ .Values.config.sslCertiticate }} - name: SSL_CERTIFICATE_KEY value: {{ .Values.config.sslCertKey }} + {{ end }} {{ if .Values.config.transportpce.enabled }} - name: TRPCEURL value: {{ .Values.config.transportpce.transportpceUrl }} diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index c066b5e0c7..ecc5573f28 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -29,10 +29,15 @@ pullPolicy: Always config: sdncChartName: sdnc webProtocol: HTTPS + webPlainProtocol: HTTP webPort: 8443 + webPlainPort: 8080 sdnrProtocol: https + sdnrPlainProtocol: http sdnrHost: "sdnc" + sdnrPlainHost: "sdnc" sdnrPort: "8443" + sdnrPlainPort : "8080" sslCertDir: "/opt/app/osaaf/local/certs" sslCertiticate: "cert.pem" sslCertKey: "key.pem" @@ -100,9 +105,12 @@ service: # for liveness and readiness probe only # internalPort: internalPort: 8443 + internalPlainPort: 8080 ports: - - name: "sdnc-web" + - name: http-sdnc-web port: "8443" + plain_port: "8080" + port_protocol: http nodePort: "05" #ingress: diff --git a/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties b/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties index 946773b18b..45a80af8a6 100644 --- a/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties +++ b/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties @@ -1,4 +1,9 @@ +{{- if (include "common.needTLS" .) }} org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8443 +{{- else }} +org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8080 +org.onap.ccsdk.sli.northbound.uebclient.use-https=false +{{- end }} org.onap.ccsdk.sli.northbound.uebclient.consumer-group=sdc-OpenSource-Env1-sdnc-dockero org.onap.ccsdk.sli.northbound.uebclient.consumer-id=sdc-COpenSource-Env11-sdnc-dockero org.onap.ccsdk.sli.northbound.uebclient.environment-name=AUTO diff --git a/kubernetes/sdnc/resources/config/conf/aaiclient.properties b/kubernetes/sdnc/resources/config/conf/aaiclient.properties index 7021990da0..5108a9d005 100755 --- a/kubernetes/sdnc/resources/config/conf/aaiclient.properties +++ b/kubernetes/sdnc/resources/config/conf/aaiclient.properties @@ -38,7 +38,11 @@ org.onap.ccsdk.sli.adaptors.aai.application=openECOMP # # Configuration file for A&AI Client # +{{- if (include "common.needTLS" .) }} org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443 +{{- else }} +org.onap.ccsdk.sli.adaptors.aai.uri=http://aai.{{.Release.Namespace}}:80 +{{- end }} connection.timeout=60000 read.timeout=60000 diff --git a/kubernetes/sdnc/templates/job.yaml b/kubernetes/sdnc/templates/job.yaml index 11b1a87128..b6dc32b096 100755 --- a/kubernetes/sdnc/templates/job.yaml +++ b/kubernetes/sdnc/templates/job.yaml @@ -131,8 +131,28 @@ spec: command: - /bin/bash args: - - {{.Values.config.binDir }}/installSdncDb.sh + - -c + - | + sleep 60; {{.Values.config.binDir }}/installSdncDb.sh resources: {{ include "common.resources" . | nindent 10 }} + {{- if include "common.onServiceMesh" . }} + - name: sdnc-service-mesh-wait-for-job-container + image: {{ include "repositoryGenerator.image.quitQuit" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - "-c" + args: + - | + echo "waiting 20s for istio side cars to be up"; sleep 20s; + /app/ready.py --service-mesh-check sdnc -t 45; + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end }} diff --git a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml index cb8d7574db..665e16c9f8 100755 --- a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml +++ b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml @@ -53,7 +53,10 @@ spec: image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] - args: ["-c", "{{ .Values.config.binDir }}/startODL.sh"] + args: + - -c + - | + sleep 90; "{{ .Values.config.binDir }}/startODL.sh" env: - name: SDNC_AAF_ENABLED value: "{{ .Values.global.aafEnabled}}" @@ -76,6 +79,24 @@ spec: value: "-k" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} + {{- if include "common.onServiceMesh" . }} + - name: sdnrdb-service-mesh-wait-for-job-container + image: {{ include "repositoryGenerator.image.quitQuit" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - "-c" + args: + - | + echo "waiting 30s for istio side cars to be up"; sleep 30s; + /app/ready.py --service-mesh-check sdnc-sdnrdb-init-job -t 45; + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 9539d01068..83a30caadf 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -543,7 +543,7 @@ readiness: service: type: NodePort name: sdnc - portName: sdnc + portName: http internalPort: 8181 internalPort2: 8101 internalPort3: 8080 diff --git a/kubernetes/sniro-emulator/values.yaml b/kubernetes/sniro-emulator/values.yaml index 81ce818a8a..8f43a4f46b 100644 --- a/kubernetes/sniro-emulator/values.yaml +++ b/kubernetes/sniro-emulator/values.yaml @@ -50,7 +50,7 @@ service: internalPort: 9999 externalPort: 80 nodePort: 88 - portName: httpd + portName: http ingress: enabled: false