From: Fiachra Corcoran Date: Mon, 6 Mar 2023 13:24:09 +0000 (+0000) Subject: Merge "[MULTICLOUD] Move multicloud k8s to use strimzi kafka user template" X-Git-Tag: 12.0.0~102 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=1e11f68db4b75dff8d281358fcd837ddbc6cdff0;hp=2886a111f3296d0c783193e6ba3f190fa2325225;p=oom.git Merge "[MULTICLOUD] Move multicloud k8s to use strimzi kafka user template" --- diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml index 0e9e66dc47..85d62019d4 100644 --- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml @@ -72,8 +72,7 @@ spec: - mountPath: /quorumclient/auth name: {{ include "common.fullname" . }}-data {{- end }} - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml index 994e1555d3..f92847f7f2 100644 --- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml @@ -67,8 +67,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.consul }} name: {{ include "common.name" . }}-backend imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -87,8 +86,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} volumes: - name: {{ include "common.fullname" . }}-consulconfiguration configMap: diff --git a/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml index cfe54cf07b..b019dbfa4b 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml @@ -116,8 +116,7 @@ spec: subPath: smsconfig.json - mountPath: /sms/auth name: {{ include "common.fullname" . }}-auth - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml index 2370cf60de..5aaea57450 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml @@ -191,8 +191,7 @@ spec: readOnly: true - mountPath: /preload/config name: {{ include "common.name" . }}-preload - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl index c0614b255e..1fb7240e11 100644 --- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl +++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl @@ -58,7 +58,7 @@ spec: port: {{ .Values.readiness.port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml index e52ac7a6d1..5a9618c5b7 100644 --- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml @@ -106,8 +106,7 @@ spec: - mountPath: /opt/app/babel/config/logback.xml name: config subPath: logback.xml - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml index 3e1479e335..a8564b0766 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml @@ -202,8 +202,7 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index 33aa97179e..f4e56c24b6 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -231,7 +231,7 @@ spec: value: application/json initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end }} diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml index 8a7c43f0b9..fbb67ad35b 100644 --- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml @@ -129,8 +129,7 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index 31ea946d9b..8f696007a6 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -162,8 +162,7 @@ spec: port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml index 093277169a..9f77d1d686 100644 --- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml @@ -252,7 +252,7 @@ spec: value: application/json initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/aai/components/aai-traversal/templates/job.yaml b/kubernetes/aai/components/aai-traversal/templates/job.yaml index ddd325d7a0..f37610b217 100644 --- a/kubernetes/aai/components/aai-traversal/templates/job.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/job.yaml @@ -84,8 +84,7 @@ spec: value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index f1d10e2c81..03663454d7 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -123,8 +123,7 @@ spec: value: application/json initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index 1e4f5e10a0..520516d7c9 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -187,8 +187,7 @@ spec: - mountPath: {{ .Values.persistence.deployedBlueprint }} name: {{ include "common.fullname" . }}-blueprints - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml index da835162e7..003707a52b 100755 --- a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml @@ -82,8 +82,7 @@ spec: readOnly: true - mountPath: {{ .Values.persistence.deployedBlueprint }} name: {{ include "common.fullname" . }}-blueprints - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml index d08390bc12..4d01b4bcfb 100644 --- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml @@ -88,8 +88,7 @@ spec: - mountPath: {{ .Values.config.appConfigDir }}/logback.xml name: {{ include "common.fullname" . }}-config subPath: logback.xml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/cds/components/cds-ui/templates/deployment.yaml b/kubernetes/cds/components/cds-ui/templates/deployment.yaml index 6457ce3736..637347bfc1 100644 --- a/kubernetes/cds/components/cds-ui/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-ui/templates/deployment.yaml @@ -89,8 +89,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/cli/templates/deployment.yaml b/kubernetes/cli/templates/deployment.yaml index 06a5168bcc..e28fb459ac 100644 --- a/kubernetes/cli/templates/deployment.yaml +++ b/kubernetes/cli/templates/deployment.yaml @@ -50,8 +50,7 @@ spec: env: - name: OPEN_CLI_MODE value: "{{ .Values.config.climode }}" - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl index 8b3f19f5ef..fae16ff7eb 100644 --- a/kubernetes/common/common/templates/_dmaapProvisioning.tpl +++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl @@ -118,7 +118,7 @@ {{- end }} volumeMounts: {{- include "common.dmaap.provisioning._volumeMounts" $dot | trim | nindent 2 }} - resources: {{ include "common.resources" $dot | nindent 1 }} + resources: {{ include "common.resources" $dot | nindent 4 }} - name: {{ include "common.name" $dot }}-init-merge-config image: {{ include "repositoryGenerator.image.envsubst" $dot }} imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} diff --git a/kubernetes/common/common/templates/_resources.tpl b/kubernetes/common/common/templates/_resources.tpl index fae77435a3..cd60b996ce 100644 --- a/kubernetes/common/common/templates/_resources.tpl +++ b/kubernetes/common/common/templates/_resources.tpl @@ -55,5 +55,5 @@ */ -}} {{- define "common.resources" -}} {{- $flavor := include "common.flavor" . -}} -{{- toYaml (pluck $flavor .Values.resources | first) | indent 12 -}} +{{- toYaml (pluck $flavor .Values.resources | first) -}} {{- end -}} diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index 6538ad0836..9581f72acb 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -118,8 +118,7 @@ spec: - name: config mountPath: /opt/onap/ccsdk/dgbuilder/releases/sdnc1.0/customSettings.js subPath: customSettings.js - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml index 9d7dcc26da..4b8e2e5fdd 100644 --- a/kubernetes/common/etcd-init/templates/job.yaml +++ b/kubernetes/common/etcd-init/templates/job.yaml @@ -90,7 +90,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index ff11da309a..e228e6de43 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -67,8 +67,7 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end -}} - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: INITIAL_CLUSTER_SIZE value: {{ .Values.replicaCount | quote }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 4248cfe85c..e2a9ca64cf 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -77,7 +77,7 @@ spec: env: - name: DB_PASS {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 16 }} volumeMounts: - name: backup-dir mountPath: /backup @@ -148,7 +148,7 @@ spec: ls -tr | grep backup | head -$filestoDelete | xargs rm -rf fi fi - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 16 }} volumeMounts: - mountPath: /bitnami/mariadb/data name: tmp-data diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index e911d46d12..e638415548 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -91,8 +91,7 @@ spec: - name: mariadb-conf mountPath: /db_config/ {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: diff --git a/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml index d80e70b5fb..7162926e80 100644 --- a/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml @@ -118,8 +118,7 @@ spec: - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/cassandra {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} volumes: - name: localtime hostPath: diff --git a/kubernetes/common/music/templates/deployment.yaml b/kubernetes/common/music/templates/deployment.yaml index 53d5a366f7..6ded511607 100644 --- a/kubernetes/common/music/templates/deployment.yaml +++ b/kubernetes/common/music/templates/deployment.yaml @@ -79,8 +79,7 @@ spec: port: {{ .Values.readiness.port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} env: - name: SPRING_OPTS value: "{{ .Values.springOpts }}" diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 97fece8a54..47f76a375f 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -108,8 +108,7 @@ spec: mountPath: /opt/etc/config/aai_keystore subPath: aai_keystore readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml index d9a7386f83..fa4a990d06 100644 --- a/kubernetes/common/postgres-init/templates/job.yaml +++ b/kubernetes/common/postgres-init/templates/job.yaml @@ -98,8 +98,7 @@ spec: subPath: setup.sql - mountPath: /config name: pgconf - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl index 1051aaff0b..e0a0ffdef0 100644 --- a/kubernetes/common/postgres/templates/_deployment.tpl +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -158,7 +158,7 @@ spec: - mountPath: /backup name: {{ include "common.fullname" $dot }}-backup readOnly: true - resources: {{ include "common.resources" $dot | nindent 12 }} + resources: {{ include "common.resources" $dot | nindent 10 }} {{- if $dot.Values.nodeSelector }} nodeSelector: {{ toYaml $dot.Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml index 2e83c5b1b0..653326be5f 100644 --- a/kubernetes/common/timescaledb/templates/statefulset.yaml +++ b/kubernetes/common/timescaledb/templates/statefulset.yaml @@ -74,8 +74,7 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-creds" "key" "password") | indent 14 }} - name: PGDATA value: /var/lib/postgresql/data/pgdata - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} volumeMounts: - name: {{ include "common.fullname" . }}-init mountPath: /docker-entrypoint-initdb.d diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml index 3b4dad55ec..61c0457712 100755 --- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml @@ -64,8 +64,7 @@ spec: readOnly: true - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/postgresql/ - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml index 302166fcd6..04abfc26ae 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml @@ -128,8 +128,7 @@ spec: name: {{ include "common.fullname" . }}-configuration-config - name: {{ include "common.fullname" . }} mountPath: /opt/netbox/netbox/static - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml index 2d115f74bf..252ba685b6 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml @@ -51,8 +51,7 @@ spec: mountPath: /opt/netbox/netbox/static - name: {{ include "common.fullname" . }}-config mountPath: /etc/netbox-nginx - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml index 8e05524fd1..ce789306ff 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml @@ -54,8 +54,7 @@ spec: readOnly: true - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/postgresql/ - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 93efe98846..3b68ad52de 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -294,7 +294,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - resources: {{ include "common.resources" . | nindent 2 }} + resources: {{ include "common.resources" . | nindent 10 }} volumeMounts: - mountPath: /opt/app/osaaf name: tls-info @@ -348,7 +348,7 @@ spec: {{- end }} {{- end }} {{- end }} - resources: {{ include "common.resources" . | nindent 2 }} + resources: {{ include "common.resources" . | nindent 10 }} volumeMounts: - mountPath: /app-config name: {{ ternary "app-config-input" "app-config" (not $drFeedConfig) }} @@ -411,7 +411,7 @@ spec: - name: POLICY_SYNC_DURATION value: "{{ $policy.duration }}" {{- end }} - resources: {{ include "common.resources" . | nindent 2 }} + resources: {{ include "common.resources" . | nindent 10 }} volumeMounts: - mountPath: /etc/policies name: policy-shared diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml index 4a51c7f9d8..7963b76cfc 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml @@ -31,8 +31,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} ports: {{ include "common.containerPorts" . | nindent 12 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index e7887cc332..a7362f23e6 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -90,8 +90,7 @@ spec: - mountPath: /opt/app/dmaapbc/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml index 0f6c8f9dc0..e2ef7bdf3b 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml @@ -76,8 +76,7 @@ spec: mountPath: /opt/app/config/mr_clusters/ - name: {{ include "common.fullname" . }}-topics mountPath: /opt/app/config/topics/ - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index f4167afe2f..994e7cb97d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -67,8 +67,7 @@ spec: - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index f44dd7bfd0..b8c32b33ed 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -57,8 +57,7 @@ spec: - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index bb42561cbe..f3658309bf 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -79,8 +79,7 @@ spec: - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml subPath: logback.xml name: logback - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} - name: {{ .Values.zkTunnelService.name }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zkTunnelService.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} diff --git a/kubernetes/helm/starters/onap-app/templates/deployment.yaml b/kubernetes/helm/starters/onap-app/templates/deployment.yaml index fc76c1ff6d..2fe95c09e0 100644 --- a/kubernetes/helm/starters/onap-app/templates/deployment.yaml +++ b/kubernetes/helm/starters/onap-app/templates/deployment.yaml @@ -78,8 +78,7 @@ spec: # - mountPath: /opt/app/application.properties # name: {{ include "common.name" . }}-config # subPath: application.properties - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml index 1aa4726253..5160145d86 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml @@ -27,7 +27,7 @@ dependencies: - name: repositoryGenerator version: ~12.x-0 repository: '@local' - - name: certInitializer + - name: readinessCheck version: ~12.x-0 repository: '@local' - name: serviceAccount diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml index f818dfd3b0..34c4024059 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml @@ -2,11 +2,6 @@ server: port: 9102 servlet: context-path: /api/holmes-engine-mgmt/v1 - ssl: - key-store: /opt/onap/conf/holmes.keystore - key-store-password: holmes - #PKCS12 - key-store-type: JKS logging: config: classpath:logback-spring.xml diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml index 9e62ccf2f7..9a16390856 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml @@ -19,10 +19,8 @@ server: applicationContextPath: / adminContextPath: /admin connector: - type: https + type: http port: 9102 - keyStorePath: /opt/onap/conf/holmes.keystore - keyStorePassword: holmes validateCerts: false validatePeers: false diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml index dd7bb4552e..9bf6f39f08 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml @@ -33,7 +33,10 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{- include "common.certInitializer.initContainer" . | nindent 6 }} + initContainers: + {{- if not .Values.global.postgres.localCluster }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} + {{- end }} - name: {{ include "common.name" . }}-env-config image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -64,7 +67,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | nindent 10 }} ports: {{ include "common.containerPorts" . | nindent 10 }} - volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 8 }} + volumeMounts: - name: {{ include "common.fullname" . }}-env-config mountPath: /opt/hemconfig - name: {{ include "common.fullname" . }}-config @@ -119,7 +122,7 @@ spec: - name: DB_PORT value: "{{ .Values.config.pgConfig.dbPort }}" serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} + volumes: - name: {{ include "common.fullname" . }}-config configMap: defaultMode: 422 diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index ce3035e5da..d2ad0d4771 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -20,9 +20,11 @@ ################################################################# global: nodePortPrefixExt: 302 - msbProtocol: https + msbProtocol: http msbServiceName: msb-iag - msbPort: 443 + msbPort: 80 + postgres: + localCluster: false ################################################################# # Application configuration defaults. @@ -31,39 +33,6 @@ global: image: onap/holmes/engine-management:11.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 -################################################################# -# AAF part -################################################################# -certInitializer: - nameOverride: holmes-engine-mgmt-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: holmes-engine-mgmt - fqi: holmes-engine-mgmt@holmes-engine-mgmt.onap.org - fqi_namespace: org.onap.holmes-engine-mgmt - public_fqdn: holmes-engine-mgmt.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "*** changing them into shell safe ones" - export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ - -storepass "${cadi_keystore_password_p12}" \ - -keystore {{ .Values.fqi_namespace }}.p12 - keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** save the generated passwords" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop - echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R 1000 . - ################################################################# # Secrets metaconfig ################################################################# @@ -95,7 +64,7 @@ service: type: ClusterIP name: holmes-engine-mgmt ports: - - name: https-rest + - name: http-rest port: &svc_port 9102 # probe configuration parameters @@ -103,7 +72,7 @@ liveness: initialDelaySeconds: 10 periodSeconds: 10 path: /api/holmes-engine-mgmt/v1/healthcheck - scheme: HTTPS + scheme: HTTP port: *svc_port enabled: true @@ -111,7 +80,7 @@ readiness: initialDelaySeconds: 30 periodSeconds: 30 path: /api/holmes-engine-mgmt/v1/healthcheck - scheme: HTTPS + scheme: HTTP port: *svc_port # Segregation for Different environment (Small and Large) @@ -132,6 +101,11 @@ resources: memory: 1Gi unlimited: {} +readinessCheck: + wait_for: + jobs: + - '{{ include "common.release" . }}-holmes-postgres-init-config-job' + #Pods Service Account serviceAccount: nameOverride: holmes-engine-mgmt diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml index 628f5c6828..09b24908e3 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml @@ -27,7 +27,7 @@ dependencies: - name: repositoryGenerator version: ~12.x-0 repository: '@local' - - name: certInitializer + - name: readinessCheck version: ~12.x-0 repository: '@local' - name: serviceAccount diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml index 18cf3b4966..2ff0fa6d52 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml @@ -2,11 +2,6 @@ server: port: 9101 servlet: context-path: /api/holmes-rule-mgmt/v1 - ssl: - key-store: /opt/onap/conf/holmes.keystore - key-store-password: holmes - #PKCS12 - key-store-type: JKS logging: config: classpath:logback-spring.xml diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml index 89269dede8..3b7218855a 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml @@ -13,10 +13,8 @@ server: applicationContextPath: / adminContextPath: /admin connector: - type: https + type: http port: 9101 - keyStorePath: /opt/onap/conf/holmes.keystore - keyStorePassword: holmes validateCerts: false validatePeers: false diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml index 21a96568cb..8b0cd8406a 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml @@ -32,7 +32,10 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{- include "common.certInitializer.initContainer" . | nindent 6 }} + initContainers: + {{- if not .Values.global.postgres.localCluster }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} + {{- end }} - name: {{ include "common.name" . }}-env-config image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -62,7 +65,7 @@ spec: image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: {{ include "common.containerPorts" . | nindent 8 }} - volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 8 }} + volumeMounts: - name: {{ include "common.fullname" . }}-env-config mountPath: /opt/hrmconfig - name: {{ include "common.fullname" . }}-rule-config @@ -117,7 +120,7 @@ spec: - name: DB_PORT value: "{{ .Values.config.pgConfig.dbPort }}" serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} + volumes: - name: {{ include "common.fullname" . }}-general-config configMap: defaultMode: 422 diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index bd84c249c9..0a2552719f 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -20,9 +20,11 @@ ################################################################# global: nodePortPrefixExt: 302 - msbProtocol: https + msbProtocol: http msbServiceName: msb-iag - msbPort: 443 + msbPort: 80 + postgres: + localCluster: false ################################################################# # Application configuration defaults. @@ -31,39 +33,6 @@ global: image: onap/holmes/rule-management:11.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 -################################################################# -# AAF part -################################################################# -certInitializer: - nameOverride: holmes-rule-mgmt-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: holmes-rule-mgmt - fqi: holmes-rule-mgmt@holmes-rule-mgmt.onap.org - fqi_namespace: org.onap.holmes-rule-mgmt - public_fqdn: holmes-rule-mgmt.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "*** changing them into shell safe ones" - export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ - -storepass "${cadi_keystore_password_p12}" \ - -keystore {{ .Values.fqi_namespace }}.p12 - keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** save the generated passwords" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop - echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R 1000 . - ################################################################# # Secrets metaconfig ################################################################# @@ -95,10 +64,10 @@ service: type: NodePort name: holmes-rule-mgmt ports: - - name: https-rest + - name: http-rest port: &svc_port 9101 nodePort: 92 - - name: https-ui + - name: http-ui port: 9104 nodePort: 93 @@ -109,14 +78,14 @@ liveness: periodSeconds: 10 path: /api/holmes-rule-mgmt/v1/healthcheck enabled: true - scheme: HTTPS + scheme: HTTP readiness: initialDelaySeconds: 30 port: *svc_port periodSeconds: 30 path: /api/holmes-rule-mgmt/v1/healthcheck - scheme: HTTPS + scheme: HTTP # Segregation for Different environment (Small and Large) resources: @@ -136,6 +105,11 @@ resources: memory: 512Mi unlimited: {} +readinessCheck: + wait_for: + jobs: + - '{{ include "common.release" . }}-holmes-postgres-init-config-job' + #Pods Service Account serviceAccount: nameOverride: holmes-rule-mgmt diff --git a/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml b/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml index b778af8564..3e815ca860 100644 --- a/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml +++ b/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml @@ -64,8 +64,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.name }} diff --git a/kubernetes/log/components/log-kibana/templates/deployment.yaml b/kubernetes/log/components/log-kibana/templates/deployment.yaml index 5e3dc98f84..604b0383a8 100644 --- a/kubernetes/log/components/log-kibana/templates/deployment.yaml +++ b/kubernetes/log/components/log-kibana/templates/deployment.yaml @@ -71,8 +71,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.name }} diff --git a/kubernetes/log/components/log-logstash/templates/deployment.yaml b/kubernetes/log/components/log-logstash/templates/deployment.yaml index 92817fac88..5d359dcd80 100644 --- a/kubernetes/log/components/log-logstash/templates/deployment.yaml +++ b/kubernetes/log/components/log-logstash/templates/deployment.yaml @@ -55,8 +55,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.name }} diff --git a/kubernetes/modeling/components/modeling-etsicatalog/templates/deployment.yaml b/kubernetes/modeling/components/modeling-etsicatalog/templates/deployment.yaml index 72eced7710..dd9c020c22 100644 --- a/kubernetes/modeling/components/modeling-etsicatalog/templates/deployment.yaml +++ b/kubernetes/modeling/components/modeling-etsicatalog/templates/deployment.yaml @@ -129,8 +129,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/modeling/etsicatalog/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/msb/components/kube2msb/templates/deployment.yaml b/kubernetes/msb/components/kube2msb/templates/deployment.yaml index ed99deea43..d03b67bc79 100644 --- a/kubernetes/msb/components/kube2msb/templates/deployment.yaml +++ b/kubernetes/msb/components/kube2msb/templates/deployment.yaml @@ -65,8 +65,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/msb/components/msb-consul/templates/deployment.yaml b/kubernetes/msb/components/msb-consul/templates/deployment.yaml index d03829d89d..5209bb57eb 100644 --- a/kubernetes/msb/components/msb-consul/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-consul/templates/deployment.yaml @@ -74,8 +74,7 @@ spec: - mountPath: /usr/local/bin/docker-entrypoint.sh name: entrypoint subPath: docker-entrypoint.sh - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/msb/components/msb-discovery/templates/deployment.yaml b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml index d9f902be4d..646189acfa 100644 --- a/kubernetes/msb/components/msb-discovery/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml @@ -80,8 +80,7 @@ spec: readOnly: true - mountPath: /usr/local/discover-works/logs name: {{ include "common.fullname" . }}-logs - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/msb/components/msb-eag/templates/deployment.yaml b/kubernetes/msb/components/msb-eag/templates/deployment.yaml index c6cf2d150d..cbab98b9fa 100644 --- a/kubernetes/msb/components/msb-eag/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-eag/templates/deployment.yaml @@ -77,8 +77,7 @@ spec: name: {{ include "common.fullname" . }}-nginx-conf subPath: msbhttps.conf {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/msb/components/msb-iag/templates/deployment.yaml b/kubernetes/msb/components/msb-iag/templates/deployment.yaml index c6cf2d150d..cbab98b9fa 100644 --- a/kubernetes/msb/components/msb-iag/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-iag/templates/deployment.yaml @@ -77,8 +77,7 @@ spec: name: {{ include "common.fullname" . }}-nginx-conf subPath: msbhttps.conf {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml index 2750f5f145..7a19fcfc0b 100644 --- a/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml @@ -65,8 +65,7 @@ spec: - mountPath: /opt/fcaps/fcaps/pub/config/log.yml name: fcaps-logconfig subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 9 }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: diff --git a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml index 117f6faac7..ed6b64c198 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml @@ -62,8 +62,7 @@ spec: - mountPath: /opt/multicloud/k8splugin/k8sconfig.json name: {{ include "common.name" .}} subPath: k8sconfig.json - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml index 3174dae242..a8d876a73f 100644 --- a/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml @@ -65,8 +65,7 @@ spec: - mountPath: /opt/pike/pike/pub/config/log.yml name: pike-logconfig subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 9 }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/sh"] diff --git a/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml index c5c368c8b5..d00d78b004 100644 --- a/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml @@ -64,8 +64,7 @@ spec: - mountPath: /opt/vio/vio/pub/config/log.yml name: vio-logconfig subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 9 }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: diff --git a/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml index 8eadcf689d..dc9ef23aaa 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml @@ -76,7 +76,7 @@ spec: subPath: log.yml - mountPath: /opt/artifacts/ name: artifact-data - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: diff --git a/kubernetes/multicloud/templates/deployment.yaml b/kubernetes/multicloud/templates/deployment.yaml index 5e1090798e..2cfba3f257 100644 --- a/kubernetes/multicloud/templates/deployment.yaml +++ b/kubernetes/multicloud/templates/deployment.yaml @@ -59,8 +59,7 @@ spec: value: "{{- if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: SSL_ENABLED value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}" - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 9 }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index fb60be2586..9bab15f30c 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -122,8 +122,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml index 10793cafc6..9c695b8b82 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml @@ -60,8 +60,7 @@ spec: - mountPath: /usr/local/bin/log.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: log.conf - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} - name: {{ include "common.name" . }}-nginx image: {{ include "repositoryGenerator.image.nginx" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -93,8 +92,7 @@ spec: - mountPath: /opt/bitnami/nginx/conf/nginx.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: nginx.conf - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml index ba7d462f6c..a7be1ba73f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml @@ -67,8 +67,7 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml index 6319c99b25..e5d448e3f5 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml @@ -67,8 +67,7 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml index e7c5d7c9fa..334936c8aa 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml @@ -67,8 +67,7 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml index 3cf0450c06..7f3945b7f3 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml @@ -67,8 +67,7 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index 2d07cc1f51..e67bdc1499 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -71,8 +71,7 @@ spec: - mountPath: /opt/osdf/config/slicing_config.yaml name: {{ include "common.fullname" . }}-config subPath: slicing_config.yaml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml index 71320dc3eb..dd1c047aad 100755 --- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml @@ -110,8 +110,7 @@ spec: name: policy-logs - mountPath: /home/apexuser/config name: apexconfig - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 178d8ee41b..10e4da4a99 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -57,7 +57,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.8.2 +image: onap/policy-apex-pdp:2.9.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml index bcee4d35d1..53ab355332 100644 --- a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml +++ b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml @@ -21,6 +21,8 @@ server: port: {{ .Values.service.internalPort }} ssl: enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} + servlet: + context-path: /policy/api/v1 spring: security.user: diff --git a/kubernetes/policy/components/policy-api/templates/deployment.yaml b/kubernetes/policy/components/policy-api/templates/deployment.yaml index c4946a8263..b791614b92 100755 --- a/kubernetes/policy/components/policy-api/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-api/templates/deployment.yaml @@ -105,8 +105,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/api/etc/mounted name: apiconfig-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 5dee4d07eb..429e9eaf2b 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.7.2 +image: onap/policy-api:2.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml index 918f9af6cd..40c07d4ad1 100755 --- a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml @@ -33,12 +33,7 @@ participant: intermediaryParameters: reportingTimeIntervalMs: 120000 description: Participant Description - participantId: - name: A1PMSParticipant0 - version: 1.0.0 - participantType: - name: org.onap.policy.clamp.acm.A1PMSParticipant - version: 2.3.4 + participantId: 101c62b3-8918-41b9-a747-d21eb79c6c00 clampAutomationCompositionTopics: topicSources: - topic: POLICY-ACRUNTIME-PARTICIPANT @@ -52,6 +47,10 @@ participant: servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap + participantSupportedElementTypes: + - + typeName: org.onap.policy.clamp.acm.A1PMSAutomationCompositionElement + typeVersion: 1.0.1 management: diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml index f7b6dbecd9..4590046a1e 100755 --- a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml @@ -98,8 +98,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted name: ac-a1pms-ppnt-config-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml index 7d8ff23433..6799635776 100755 --- a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml @@ -59,7 +59,7 @@ certStores: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-a1pms-ppnt:6.4.0 +image: onap/policy-clamp-ac-a1pms-ppnt:6.4.1 pullPolicy: Always # application configuration diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index d26ad6c70d..0d879af6fe 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -46,12 +46,7 @@ participant: intermediaryParameters: reportingTimeIntervalMs: 120000 description: Participant Description - participantId: - name: HttpParticipant0 - version: 1.0.0 - participantType: - name: org.onap.policy.clamp.acm.HttpParticipant - version: 2.3.4 + participantId: 101c62b3-8918-41b9-a747-d21eb79c6c01 clampAutomationCompositionTopics: topicSources: - topic: POLICY-ACRUNTIME-PARTICIPANT @@ -66,6 +61,11 @@ participant: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: "false" + participantSupportedElementTypes: + - + typeName: org.onap.policy.clamp.acm.HttpAutomationCompositionElement + typeVersion: 1.0.0 + # If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below # clampAutomationCompositionTopics: # topicSources: diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml index 044be0ff70..23ef33b79b 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml @@ -28,6 +28,22 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: +{{- if .Values.config.useStrimziKafka }} + - command: + - /app/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness +{{- end }} - command: - sh args: @@ -90,8 +106,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted name: ac-http-ppnt-config-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 4878345723..e445c9f562 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.3.2 +image: onap/policy-clamp-ac-http-ppnt:6.4.1 pullPolicy: Always # application configuration diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index a3b82e70fb..ee73ed583d 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -48,12 +48,7 @@ participant: intermediaryParameters: reportingTimeIntervalMs: 120000 description: Participant Description - participantId: - name: K8sParticipant0 - version: 1.0.0 - participantType: - name: org.onap.policy.clamp.acm.KubernetesParticipant - version: 2.3.4 + participantId: 101c62b3-8918-41b9-a747-d21eb79c6c02 clampAutomationCompositionTopics: topicSources: - @@ -70,6 +65,10 @@ participant: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: "false" + participantSupportedElementTypes: + - + typeName: org.onap.policy.clamp.acm.K8SMicroserviceAutomationCompositionElement + typeVersion: 1.0.0 # If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below # clampAutomationCompositionTopics: diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml index e8650fe350..f511723b9c 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml @@ -28,6 +28,22 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: +{{- if .Values.config.useStrimziKafka }} + - command: + - /app/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness +{{- end }} - command: - sh args: @@ -90,8 +106,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted name: ac-k8s-ppnt-config-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index 85b62dece0..c76c934441 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.3.2 +image: onap/policy-clamp-ac-k8s-ppnt:6.4.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index 3ea4ac21b3..4f7e0047f6 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -64,12 +64,7 @@ participant: intermediaryParameters: reportingTimeIntervalMs: 120000 description: Participant Description - participantId: - name: org.onap.PM_Policy - version: 1.0.0 - participantType: - name: org.onap.policy.clamp.acm.PolicyParticipant - version: 2.3.1 + participantId: 101c62b3-8918-41b9-a747-d21eb79c6c03 clampAutomationCompositionTopics: topicSources: - @@ -86,6 +81,10 @@ participant: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: "false" + participantSupportedElementTypes: + - + typeName: org.onap.policy.clamp.acm.PolicyAutomationCompositionElement + typeVersion: 1.0.0 # If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below # clampAutomationCompositionTopics: diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml index a127885cce..4cd73b35f9 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml @@ -28,6 +28,22 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: +{{- if .Values.config.useStrimziKafka }} + - command: + - /app/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness +{{- end }} - command: - sh args: @@ -98,8 +114,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted name: ac-pf-ppnt-config-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index 27f7022535..fd0b2ae730 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -90,7 +90,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.3.2 +image: onap/policy-clamp-ac-pf-ppnt:6.4.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml index 361045af94..bc11e38fe1 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml @@ -108,8 +108,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted name: ac-runtime-config-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index ddb372633a..cefe3651f1 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -85,7 +85,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.3.2 +image: onap/policy-clamp-runtime-acm:6.4.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml index 082593d06f..7a3f6d78a3 100755 --- a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml @@ -116,8 +116,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/distribution/etc/mounted name: distributionconfig - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index f341c97307..457f5b3c77 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -68,7 +68,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.9.0 +image: onap/policy-distribution:2.9.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml index 7dee453771..b11dedf201 100755 --- a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml @@ -117,8 +117,7 @@ spec: name: drools-config subPath: {{ base $path }} {{- end }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 6b2d9a14eb..ec31bfb7d9 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.11.2 +image: onap/policy-pdpd-cl:1.12.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-gui/templates/deployment.yaml b/kubernetes/policy/components/policy-gui/templates/deployment.yaml index 5a43fc71b0..8513943150 100644 --- a/kubernetes/policy/components/policy-gui/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-gui/templates/deployment.yaml @@ -125,8 +125,7 @@ spec: - mountPath: /opt/app/policy/gui/etc/logback.xml name: policy-gui-config-processed subPath: logback.xml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 7502d198cc..178aa4e67c 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -75,7 +75,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.3.2 +image: onap/policy-gui:2.4.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml index fdcbf92745..3063136540 100644 --- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml +++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml @@ -58,10 +58,16 @@ server: port: 6969 ssl: enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} + servlet: + context-path: /policy/pap/v1 pap: name: PapGroup aaf: false + topic: + pdp-pap.name: POLICY-PDP-PAP + notification.name: POLICY-NOTIFICATION + heartbeat.name: POLICY-HEARTBEAT pdpParameters: heartBeatMs: 120000 updateParameters: diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml index e05204249e..f29ab865f1 100755 --- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml @@ -125,8 +125,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/pap/etc/mounted name: papconfig-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index fb7972a5b5..665ef789f9 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -100,7 +100,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.7.2 +image: onap/policy-pap:2.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml index 2da0035fa0..30500428bf 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml @@ -121,8 +121,7 @@ spec: readOnly: true - mountPath: /opt/app/policy/pdpx/etc/mounted name: pdpxconfig-processed - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 551ad2b109..74be6f3b88 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.7.2 +image: onap/policy-xacml-pdp:2.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml index eb5968a7ff..968ca32d42 100755 --- a/kubernetes/policy/templates/job.yaml +++ b/kubernetes/policy/templates/job.yaml @@ -72,8 +72,7 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: MYSQL_PORT value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if (include "common.onServiceMesh" .) }} - name: policy-service-mesh-wait-for-job-container image: {{ include "repositoryGenerator.image.quitQuit" . }} @@ -149,8 +148,7 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }} - name: PG_PORT value: "{{ .Values.postgres.service.internalPort }}" - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if (include "common.onServiceMesh" .) }} - name: policy-service-mesh-wait-for-job-container image: {{ include "repositoryGenerator.image.quitQuit" . }} @@ -242,8 +240,7 @@ spec: value: {{ .Values.dbmigrator.policy_home }} - name: SCRIPT_DIRECTORY value: "sql" - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if (include "common.onServiceMesh" .) }} - name: policy-service-mesh-wait-for-job-container image: {{ include "repositoryGenerator.image.quitQuit" . }} @@ -337,8 +334,7 @@ spec: value: "postgres" - name: PGPASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if (include "common.onServiceMesh" .) }} - name: policy-service-mesh-wait-for-job-container image: {{ include "repositoryGenerator.image.quitQuit" . }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 727051563a..2fa3d0cbe6 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -166,7 +166,7 @@ policy-gui: ################################################################# dbmigrator: - image: onap/policy-db-migrator:2.5.1 + image: onap/policy-db-migrator:2.6.1 schema: policyadmin policy_home: "/opt/app/policy" diff --git a/kubernetes/portal/components/portal-app/templates/deployment.yaml b/kubernetes/portal/components/portal-app/templates/deployment.yaml index 02926f59d6..243d5ef5d0 100644 --- a/kubernetes/portal/components/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-app/templates/deployment.yaml @@ -159,8 +159,7 @@ spec: mountPath: "{{ .Values.global.env.tomcatDir }}/temp" - name: var-log-onap mountPath: "{{ .Values.log.path }}" - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml index 9becdaa707..e0bf941f54 100644 --- a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml @@ -129,8 +129,7 @@ spec: subPath: portal.cql - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/cassandra/data - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml index 1d0d5bc5e5..469a0b5329 100644 --- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml @@ -92,8 +92,7 @@ spec: - mountPath: /usr/local/bin/docker-entrypoint.sh subPath: docker-entrypoint.sh name: docker-entry - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml index 66e80651c3..3b94a99286 100644 --- a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml @@ -150,8 +150,7 @@ spec: mountPath: "{{ .Values.global.env.tomcatDir }}/logs" - name: var-log-onap mountPath: "{{ .Values.log.path }}" - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/components/portal-widget/templates/deployment.yaml b/kubernetes/portal/components/portal-widget/templates/deployment.yaml index e9ecece41e..f0ea980e4b 100644 --- a/kubernetes/portal/components/portal-widget/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-widget/templates/deployment.yaml @@ -115,8 +115,7 @@ spec: - name: properties-onapwidgetms mountPath: "/application.yml" subPath: application.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/robot/templates/deployment.yaml b/kubernetes/robot/templates/deployment.yaml index 7d588e4de4..0db47f9133 100644 --- a/kubernetes/robot/templates/deployment.yaml +++ b/kubernetes/robot/templates/deployment.yaml @@ -77,8 +77,7 @@ spec: mountPath: /etc/lighttpd/ssl - name: robot-logs mountPath: /share/logs - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml index 2e5826d229..4184063f73 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml @@ -83,7 +83,7 @@ spec: valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}} - name: CS_PASSWORD valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{ include "common.waitForJobContainer" . | indent 6 | trim }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml index 665e16c9f8..9b69481c58 100755 --- a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml +++ b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml @@ -78,7 +78,7 @@ spec: - name: SDNRDBPARAMETER value: "-k" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if include "common.onServiceMesh" . }} - name: sdnrdb-service-mesh-wait-for-job-container image: {{ include "repositoryGenerator.image.quitQuit" . }} diff --git a/kubernetes/sniro-emulator/templates/deployment.yaml b/kubernetes/sniro-emulator/templates/deployment.yaml index 0dff4eb7be..50b3c5b780 100644 --- a/kubernetes/sniro-emulator/templates/deployment.yaml +++ b/kubernetes/sniro-emulator/templates/deployment.yaml @@ -54,8 +54,7 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml index b9c54d47ef..3d5c0c44c5 100755 --- a/kubernetes/so/Chart.yaml +++ b/kubernetes/so/Chart.yaml @@ -25,10 +25,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - - name: certInitializer - version: ~12.x-0 - repository: '@local' - condition: global.aafEnabled - name: readinessCheck version: ~12.x-0 repository: '@local' @@ -46,10 +42,6 @@ dependencies: version: ~12.x-0 repository: 'file://components/so-admin-cockpit' condition: so-admin-cockpit.enabled - - name: so-appc-orchestrator - version: ~12.x-0 - repository: 'file://components/so-appc-orchestrator' - condition: so-appc-orchestrator.enabled - name: so-bpmn-infra version: ~12.x-0 repository: 'file://components/so-bpmn-infra' diff --git a/kubernetes/so/components/so-admin-cockpit/Chart.yaml b/kubernetes/so/components/so-admin-cockpit/Chart.yaml index 89534e746c..31974724ae 100644 --- a/kubernetes/so/components/so-admin-cockpit/Chart.yaml +++ b/kubernetes/so/components/so-admin-cockpit/Chart.yaml @@ -33,9 +33,6 @@ dependencies: - name: repositoryGenerator version: ~12.x-0 repository: '@local' - - name: soHelpers - version: ~12.x-0 - repository: 'file://../soHelpers' - name: serviceAccount version: ~12.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml index dc9a4f2dad..7657415f98 100644 --- a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml @@ -3,21 +3,11 @@ server: forward-headers-strategy: none {{- end }} port: {{ index .Values.containerPort }} - {{- if .Values.global.aafEnabled }} - ssl: - keyStore: ${KEYSTORE} - keyStorePassword: ${KEYSTORE_PASSWORD} - trustStore: ${TRUSTSTORE} - trustStorePassword: ${TRUSTSTORE_PASSWORD} - {{- else }} ssl: enabled: false - {{- end }} tomcat: max-threads: 50 - {{- if not .Values.global.aafEnabled }} ssl-enable: false - {{- end }} camunda: rest: api: diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml index 808c439181..f5fa5ce6b3 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml @@ -21,18 +21,10 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ index .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: type: {{ index .Values.updateStrategy.type }} @@ -40,12 +32,9 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + initContainers: - name: so-chown image: {{ include "repositoryGenerator.image.busybox" . }} volumeMounts: @@ -57,21 +46,13 @@ spec: containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} command: - /bin/sh args: - -c - | export SO_COCKPIT_PASSWORD=`htpasswd -bnBC 10 "" $SO_COCKPIT_PASS | tr -d ':\n' | sed 's/\$2y/\$2a/'` - {{- if .Values.global.aafEnabled }} - export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.cred.props | xargs -0) - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - export KEYSTORE=file://$cadi_keystore - export KEYSTORE_PASSWORD=$cadi_keystore_password_p12 - export TRUSTSTORE=file://$cadi_truststore - export TRUSTSTORE_PASSWORD=$cadi_truststore_password - {{- end }} /app/start-app.sh env: - name: DB_HOST @@ -95,7 +76,7 @@ spec: - configMapRef: name: {{ include "common.fullname" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -114,12 +95,9 @@ spec: successThreshold: {{ index .Values.livenessProbe.successThreshold}} failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{ include "common.containerPorts" . | nindent 10 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml b/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml index 8f87c68f1e..65f46c48c1 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml @@ -1 +1,17 @@ +{{/* +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + {{ include "common.ingress" . }} diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml index b23e5ab99e..03b8df3e10 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml @@ -19,32 +19,5 @@ # ============LICENSE_END========================================================= # @author: gareth.roper@ericsson.com */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - {{if .Values.global.aafEnabled -}} - type: {{ .Values.service.type }} - {{- else -}} - type: ClusterIP - {{- end }} - ports: - {{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + +{{ include "common.service" . }} diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml index 7e4a654acb..a825e16d49 100644 --- a/kubernetes/so/components/so-admin-cockpit/values.yaml +++ b/kubernetes/so/components/so-admin-cockpit/values.yaml @@ -27,17 +27,9 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessImage: onap/oom/readiness:3.0.1 - aafAgentImage: onap/aaf/aaf_agent:2.1.20 envsubstImage: dibi/envsubst - aafEnabled: true persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: true - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -93,12 +85,6 @@ app: so-admin-cockpit # soHelpers part ################################################################# soHelpers: - nameOverride: so-cockpit-cert-init - certInitializer: - nameOverride: so-cockpit-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.monitoringPerm containerPort: *containerPort server: @@ -108,54 +94,55 @@ server: # soMonitoringCredsExternalSecret: some secret service: -#Since this is a feature for monitoring the service type is changed to internal, users can change it to NodePort on need basis... - type: NodePort - nodePort: 24 - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: NodePort + ports: + - port: *containerPort + name: http + nodePort: 24 + updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 # Resource Limit flavor -By Default using small flavor: small #Segregation for different environment (Small or large) resources: - small: - requests: - memory: 1Gi - cpu: 10m - limits: - memory: 4Gi - cpu: 1 - large: - requests: - memory: 2Gi - cpu: 20m - limits: - memory: 8Gi - cpu: 2 + small: + requests: + memory: 1Gi + cpu: 10m + limits: + memory: 4Gi + cpu: 1 + large: + requests: + memory: 2Gi + cpu: 20m + limits: + memory: 8Gi + cpu: 2 + unlimited: {} readinessProbe: - port: 9091 - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 10 + port: 9091 + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 10 livenessProbe: - port: 9091 - initialDelaySeconds: 40 - periodSeconds: 10 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + port: 9091 + initialDelaySeconds: 40 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: - enabled: false - service: - - baseaddr: "so-admin-cockpit-ui" - name: "so-admin-cockpit" - port: 9091 - config: - ssl: "none" + enabled: false + service: + - baseaddr: "so-admin-cockpit-ui" + name: "so-admin-cockpit" + port: 9091 + config: + ssl: "none" nodeSelector: {} tolerations: [] affinity: {} diff --git a/kubernetes/so/components/so-appc-orchestrator/Chart.yaml b/kubernetes/so/components/so-appc-orchestrator/Chart.yaml deleted file mode 100644 index 51a80959d0..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/Chart.yaml +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2020 AT&T USA -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: A Helm chart for so appc orchestrator -name: so-appc-orchestrator -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: soHelpers - version: ~12.x-0 - repository: 'file://../soHelpers' - - name: serviceAccount - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml deleted file mode 100644 index 061d8f0847..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -# Copyright © 2020 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -server: - {{- if include "common.onServiceMesh" . }} - forward-headers-strategy: none - {{- end }} - port: {{ index .Values.containerPort }} - tomcat: - max-threads: 50 - ssl-enable: false -mso: - logPath: ./logs/soappcorch - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.auth.rest.aafEncrypted "value2" .Values.mso.auth )}} - msoKey: {{ .Values.global.app.msoKey }} - config: - {{ if .Values.global.security.aaf.enabled }} - cadi: {{ include "so.cadi.keys" . | nindent 8}} - {{- else }} - cadi: - aafId: {{ .Values.mso.basicUser }} - {{- end }} - workflow: - endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine - topics: - retryMultiplier: 1000 -appc: - client: - topic: - read: - name: {{ .Values.appc.client.topic.read.name }} - timeout: {{ .Values.appc.client.topic.read.timeout }} - write: {{ .Values.appc.client.topic.write }} - sdnc: - read: {{ .Values.appc.client.topic.sdnc.read }} - write: {{ .Values.appc.client.topic.sdnc.write }} - response: - timeout: {{ .Values.appc.client.response.timeout }} - key: {{ .Values.appc.client.key }} - secret: {{ .Values.appc.client.secret }} - service: ueb - poolMembers: message-router.{{ include "common.namespace" . }}:3904,message-router.{{ include "common.namespace" . }}:3904 -spring: - security: - usercredentials: - - - username: ${ACTUATOR_USERNAME} - password: ${ACTUATOR_PASSWORD} - role: ACTUATOR diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml deleted file mode 100644 index 6abb1673d5..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2020 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-app-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml deleted file mode 100644 index d6584250e2..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml +++ /dev/null @@ -1,95 +0,0 @@ -{{/* -# Copyright © 2020 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -spec: - selector: {{- include "common.selectors" . | nindent 4 }} - replicas: {{ index .Values.replicaCount }} - minReadySeconds: {{ index .Values.minReadySeconds }} - strategy: - type: {{ index .Values.updateStrategy.type }} - rollingUpdate: - maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} - maxSurge: {{ index .Values.updateStrategy.maxSurge }} - template: - metadata: - labels: {{- include "common.labels" . | nindent 8 }} - spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - name: {{ include "common.name" . }}-pass-encoder - command: - - sh - args: - {{/* bcrypt plain text and convert to OpenBSD variant using sed */}} - - -c - - htpasswd -bnBC 10 "" "${ACTUATOR_PASSWORD}" | tr -d ':\n' | sed 's/\$2y/\$2a/' 1>/tmp/app/encoded; - env: - - name: ACTUATOR_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 10 }} - image: {{ include "repositoryGenerator.image.htpasswd" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: encoder - mountPath: /tmp/app - containers: - - name: {{ include "common.name" . }} - command: - - sh - args: - - -c - - | - export ACTUATOR_PASSWORD="$(cat /tmp/app/encoded)" - {{- if .Values.global.aafEnabled }} - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - {{- end }} - /app/start-app.sh - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - env: - - name: ACTUATOR_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} - envFrom: - - configMapRef: - name: {{ include "common.fullname" . }}-configmap - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: {{- include "common.containerPorts" . | nindent 10 }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} - - name: logs - mountPath: /app/logs - - name: encoder - mountPath: /tmp/app - - name: config - mountPath: /app/config - readOnly: true -{{ include "so.helpers.livenessProbe" .| indent 8 }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - - name: logs - emptyDir: {} - - name: encoder - emptyDir: - medium: Memory - - name: config - configMap: - name: {{ include "common.fullname" . }}-app-configmap - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/secret.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/secret.yaml deleted file mode 100644 index 34932b713d..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/templates/secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/service.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/service.yaml deleted file mode 100644 index 7f004cc050..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.service" . }} diff --git a/kubernetes/so/components/so-appc-orchestrator/values.yaml b/kubernetes/so/components/so-appc-orchestrator/values.yaml deleted file mode 100644 index 724fcbd032..0000000000 --- a/kubernetes/so/components/so-appc-orchestrator/values.yaml +++ /dev/null @@ -1,166 +0,0 @@ -# Copyright © 2020 AT&T USA -# Copyright © 2020 Huawei -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -################################################################# -# Global configuration defaults. -################################################################# - -global: - nodePortPrefix: 302 - nodePortPrefixExt: 304 - persistence: - mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - app: - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: db-user-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' - login: '{{ .Values.db.userName }}' - password: '{{ .Values.db.userPassword }}' - passwordPolicy: required - - uid: db-admin-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' - login: '{{ .Values.db.adminName }}' - password: '{{ .Values.db.adminPassword }}' - passwordPolicy: required - - uid: server-actuator-creds - name: '{{ include "common.release" . }}-so-appc-actuator-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' - login: '{{ .Values.server.actuator.username }}' - password: '{{ .Values.server.actuator.password }}' - passwordPolicy: required - -#secretsFilePaths: | -# - 'my file 1' -# - '{{ include "templateThatGeneratesFileName" . }}' - -################################################################# -# Application configuration defaults. -################################################################# -image: onap/so/so-appc-orchestrator:1.6.4 -pullPolicy: Always - -db: - userName: so_user - userPassword: so_User123 - # userCredsExternalSecret: some secret - adminName: so_admin - adminPassword: so_Admin123 - # adminCredsExternalSecret: some secret -server: - actuator: - username: mso_admin - password: password1$ -replicaCount: 1 -minReadySeconds: 10 -containerPort: &containerPort 8080 -logPath: ./logs/soappcorch -app: appc-orchestrator -service: - name: so-appc-orchestrator - type: ClusterIP - ports: - - port: *containerPort - name: http -updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 -# Resource Limit flavor -By Default using small -flavor: small - - -################################################################# -# soHelper part -################################################################# - -soHelpers: - nameOverride: so-appc-cert-init - certInitializer: - nameOverride: so-appc-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.openStackAdapterPerm - containerPort: *containerPort - -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - memory: 4Gi - cpu: 2000m - requests: - memory: 1Gi - cpu: 500m - large: - limits: - memory: 8Gi - cpu: 4000m - requests: - memory: 2Gi - cpu: 1000m - unlimited: {} -livenessProbe: - path: /manage/health - port: 8083 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 -ingress: - enabled: false -nodeSelector: {} -tolerations: [] -affinity: {} - -auth: - rest: - encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 - -mso: - auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4 - basicUser: poBpmn - -appc: - client: - topic: - read: - name: APPC-LCM-WRITE - timeout: 360000 - write: APPC-LCM-READ - sdnc: - read: SDNC-LCM-WRITE - write: SDNC-LCM-READ - response: - timeout: 3600000 - key: VIlbtVl6YLhNUrtU - secret: 64AG2hF4pYeG2pq7CT6XwUOT - service: ueb - -#Pods Service Account -serviceAccount: - nameOverride: so-appc-orchestrator - roles: - - read diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml index 77e553bd67..8e002e14a5 100755 --- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -14,14 +14,10 @@ # limitations under the License. */}} aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} + auth: {{ .Values.aai.auth }} dme2: timeout: '30000' - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} workflowAaiDistributionDelay: PT30S pnfEntryNotificationTimeout: P14D cds: @@ -65,8 +61,6 @@ mso: correlation: timeout: 60 logPath: logs - config: - cadi: {{ include "so.cadi.keys" . | nindent 8}} async: core-pool-size: 50 max-pool-size: 50 @@ -79,7 +73,7 @@ mso: endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/CompleteMsoProcess requestDb: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} db: auth: {{ .Values.mso.adapters.db.auth }} password: {{ .Values.mso.adapters.db.password }} @@ -131,7 +125,7 @@ mso: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} default: adapter: namespace: http://org.onap.mso @@ -165,11 +159,7 @@ mso: oof: auth: {{ .Values.mso.oof.auth }} callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage - {{ if (include "common.needTLS" .) }} - endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 - {{ else }} endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698 - {{ end }} timeout: PT30M workflow: CreateGenericVNFV1: diff --git a/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml b/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml index 58ac6d9ab8..954f8e8b0f 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml @@ -14,10 +14,6 @@ # limitations under the License. */}} apiVersion: v1 -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap @@ -27,6 +23,10 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml index 2b8b827f91..5937e39678 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -15,18 +15,10 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ index .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: type: {{ index .Values.updateStrategy.type }} @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -71,12 +47,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -85,14 +60,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: {{ .Values.log.path }} {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{ include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml index 5b8dee0774..739cb279c1 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml @@ -13,28 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index b120d0c23f..2fc9646c1d 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -22,12 +22,6 @@ global: #This configuration specifies Service and port for SDNC OAM interface sdncOamService: sdnc-oam sdncOamPort: 8282 - security: - aaf: - enabled: false - aaf: - auth: - encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -121,24 +115,18 @@ logPath: ./logs/bpmn/ app: so-bpmn-infra service: type: ClusterIP - internalPort: *containerPort - externalPort: 8081 - portName: http + ports: + - port: *containerPort + name: http updateStrategy: type: RollingUpdate maxUnavailable: 1 maxSurge: 1 ################################################################# -# soHelper part +# soHelpers part ################################################################# soHelpers: - nameOverride: so-bpmn-cert-init - certInitializer: - nameOverride: so-bpmn-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.bpmnPerm containerPort: *containerPort # Resource Limit flavor -By Default using small diff --git a/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml index c82a0d29d4..d5a3aeff44 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -24,14 +24,12 @@ ssl-enable: false mso: logPath: logs site-name: onapheat - config: - cadi: {{ include "so.cadi.keys" . | nindent 8}} catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.db.auth )}} + auth: {{ .Values.mso.adapters.db.auth }} spring: datasource: hikari: diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/configmap.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/configmap.yaml index 6331656fce..c334fd7699 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/configmap.yaml @@ -17,7 +17,7 @@ apiVersion: v1 data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml index fa9d3a6a4b..887efd2cf2 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml @@ -15,18 +15,10 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ index .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: type: {{ index .Values.updateStrategy.type }} @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -71,24 +47,20 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config mountPath: /app/config readOnly: true {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{ include "common.containerPorts" . | nindent 10 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml index 5b8dee0774..739cb279c1 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml @@ -13,28 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index 060ac7f82f..83e23d0e84 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= app: msoKey: 07a7159d3bf51a0e53be7a8f89699be7 mariadbGalera: @@ -84,25 +78,19 @@ containerPort: &containerPort 8082 logPath: ./logs/catdb/ app: catalog-db-adapter service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - port: *containerPort + name: http updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# -# soHelper part +# soHelpers part ################################################################# soHelpers: - nameOverride: so-catalogdb-cert-init - certInitializer: - nameOverride: so-catalogdb-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.catalogDbAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -125,14 +113,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8082 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8082 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false config: @@ -154,4 +142,3 @@ serviceAccount: nameOverride: so-catalog-db-adapter roles: - read - diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml index d667cb5c60..a1a25be146 100755 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml @@ -15,12 +15,8 @@ */}} aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }} - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} + auth: {{ .Values.server.aai.auth }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} enabled: {{ .Values.global.aai.enabled }} logging: path: logs diff --git a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml index c5ebec0b15..786dd83f59 100755 --- a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml @@ -20,7 +20,7 @@ metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml index 340571a59b..6ce459a95d 100755 --- a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml @@ -30,7 +30,7 @@ spec: metadata: labels: {{- include "common.labels" . | nindent 8 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} + initContainers: - name: {{ include "common.name" . }}-encrypter command: - sh @@ -59,33 +59,20 @@ spec: args: - -c - | - export AAF_BASE64=$(echo -n "${AAF_USERNAME}:${AAF_PASSWORD}" | base64) - export AAF_AUTH=$(echo "Basic ${AAF_BASE64}") export AAI_AUTH=$(cat /input/.aai_creds) - {{- if .Values.global.aafEnabled }} - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" - {{- end }} - {{- end }} ./start-app.sh resources: {{ include "common.resources" . | nindent 12 }} ports: {{- include "common.containerPorts" . | nindent 12 }} env: - - name: AAF_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "login") | indent 14 }} - - name: AAF_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "password") | indent 14 }} - name: ACTUATOR_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }} - name: ACTUATOR_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }} - {{ include "so.certificates.env" . | indent 12 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-env imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -105,7 +92,7 @@ spec: successThreshold: {{ index .Values.livenessProbe.successThreshold}} failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 8 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml index 6d7eec4a64..509925e17b 100755 --- a/kubernetes/so/components/so-cnf-adapter/values.yaml +++ b/kubernetes/so/components/so-cnf-adapter/values.yaml @@ -20,12 +20,6 @@ global: soCryptoImage: sdesbure/so_crypto:latest persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: ${AAF_AUTH} aai: enabled: true ################################################################# @@ -51,13 +45,6 @@ secrets: login: '{{ .Values.server.actuator.username }}' password: '{{ .Values.server.actuator.password }}' passwordPolicy: required - - uid: so-aaf-creds - name: '{{ include "common.release" . }}-so-cnf-aaf-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' - login: '{{ .Values.server.aaf.username }}' - password: '{{ .Values.server.aaf.password }}' - passwordPolicy: required - uid: so-aai-creds name: '{{ include "common.release" . }}-so-cnf-aai-creds' type: basicAuth @@ -92,10 +79,6 @@ db: adminPassword: so_Admin123 # adminCredsExternalSecret: some secret server: - aaf: - username: so@so.onap.org - password: demo123456 - # aafCredsExternalSecret: some secret aai: username: aai@aai.onap.org password: demo123456! @@ -125,14 +108,13 @@ updateStrategy: type: RollingUpdate maxUnavailable: 1 maxSurge: 1 + +################################################################# +# soHelpers part +################################################################# soHelpers: - nameOverride: so-cnf-cert-init - certInitializer: - nameOverride: so-cnf-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.openStackAdapterPerm containerPort: *containerPort + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index cc668fbd70..40f97ad69f 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -15,13 +15,9 @@ */}} aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} + auth: {{ .Values.aai.auth }} version: v19 - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} spring: datasource: hikari: @@ -61,16 +57,7 @@ so: etsi-catalog-manager: base: {{- if .Values.global.msbEnabled }} - {{ if (include "common.needTLS" .) }} - endpoint: https://msb-iag:443/api - http: - client: - ssl: - trust-store: file:${TRUSTSTORE} - trust-store-password: ${TRUSTSTORE_PASSWORD} - {{ else }} endpoint: http://msb-iag:80/api - {{ end }} {{- else }} endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api {{- end }} diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/configmap.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/configmap.yaml index add9a02cf6..6bf005c051 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/configmap.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/configmap.yaml @@ -27,7 +27,7 @@ metadata: data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml index 6465af4e4a..e2925f6b61 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml @@ -29,7 +29,6 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} containers: - name: {{ include "common.name" . }} command: @@ -38,12 +37,6 @@ spec: - -c - | export ETSI_NFVO_PASSWORD=`htpasswd -bnBC 10 "" $ETSI_NFVO_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'` - {{- if .Values.global.aafEnabled }} - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - {{- end }} ./start-app.sh image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} resources: {{ include "common.resources" . | nindent 12 }} @@ -64,12 +57,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }} - {{ include "so.certificates.env" . | indent 12 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -84,7 +76,7 @@ spec: failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} ports: {{ include "common.containerPorts" . | nindent 12 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 8 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml index 6aaa367310..8790877492 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -85,7 +79,6 @@ logPath: ./logs/so-etsi-nfvo-ns-lcm/ app: so-etsi-nfvo-ns-lcm service: type: ClusterIP - name: so-etsi-nfvo-ns-lcm annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' msb.onap.org/service-info: | @@ -111,12 +104,6 @@ updateStrategy: # soHelpers part ################################################################# soHelpers: - nameOverride: so-nfvo-cert-init - certInitializer: - nameOverride: so-nfvo-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.nfvoAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml index e6a3d7c8ac..04d973a6fc 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml @@ -14,13 +14,9 @@ # limitations under the License. */}} aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} + auth: {{ .Values.aai.auth }} version: v15 - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} spring: security: usercredentials: @@ -41,34 +37,19 @@ mso: key: {{ .Values.mso.key }} site-name: localSite logPath: ./logs/etsi-sol003-adapter - config: - cadi: {{ include "so.cadi.keys" . | nindent 8}} msb-ip: msb-iag msb-port: 80 sdc: - username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}} - password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}} + username: {{ .Values.sdc.username }} + password: {{ .Values.sdc.password }} key: {{ .Values.sdc.key }} - {{ if (include "common.needTLS" .) }} - endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080 - {{ end }} vnfmadapter: endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092 etsi-catalog-manager: vnfpkgm: {{- if .Values.global.msbEnabled }} - {{ if (include "common.needTLS" .) }} - endpoint: https://msb-iag:443/api/vnfpkgm/v1 - http: - client: - ssl: - trust-store: file:${TRUSTSTORE} - trust-store-password: ${TRUSTSTORE_PASSWORD} - {{ else }} endpoint: http://msb-iag:80/api - {{ end }} {{- else }} endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1 {{- end }} diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/configmap.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/configmap.yaml index 6331656fce..c334fd7699 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/configmap.yaml @@ -17,7 +17,7 @@ apiVersion: v1 data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml index 7751bf4631..785416517a 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml @@ -15,18 +15,10 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ .Values.minReadySeconds }} strategy: type: {{ .Values.updateStrategy.type }} @@ -34,34 +26,17 @@ spec: maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} maxSurge: {{ .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - export KEYSTORE="{{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.p12" - /app/start-app.sh - {{- end }} - env: - {{ include "so.certificates.env" . | indent 8 | trim }} + resources: {{ include "common.resources" . | nindent 10 }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -74,12 +49,9 @@ spec: periodSeconds: {{ .Values.livenessProbe.periodSeconds}} successThreshold: {{ .Values.livenessProbe.successThreshold}} failureThreshold: {{ .Values.livenessProbe.failureThreshold}} - ports: - - containerPort: {{ .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{ include "common.containerPorts" . | nindent 10 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/ingress.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/ingress.yaml index 8f87c68f1e..f298193924 100644 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/ingress.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/ingress.yaml @@ -1 +1,17 @@ +{{/* +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + {{ include "common.ingress" . }} diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml index 96a2acd3a6..3da38759a8 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml @@ -13,39 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "{{ include "common.servicename" . }}", - "version": "v1", - "url": "/so/vnfm-adapter/v1", - "protocol": "REST", - "port": "{{.Values.service.externalPort}}", - "visualRange":"1" - } - ]' -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml index 170cfdd0d7..98edcebb29 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml @@ -50,26 +50,34 @@ containerPort: &containerPort 9092 logPath: ./logs/etsi-sol003-adapter/ app: etsi-sol003-adapter service: - type: NodePort - internalPort: *containerPort - externalPort: *containerPort - nodePort: "06" - portName: http + type: NodePort + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' + msb.onap.org/service-info: | + {{ if .Values.global.msbEnabled -}}[ + { + "serviceName": "{{ include "common.servicename" . }}", + "version": "v1", + "url": "/so/vnfm-adapter/v1", + "protocol": "REST", + "port": "{{.Values.containerPort}}", + "visualRange":"1" + } + ]{{ end }} + ports: + - name: http + port: *containerPort + nodePort: "06" + updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-etsi-sol003-cert-init - certInitializer: - nameOverride: so-etsi-sol003-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.vnfmAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -92,18 +100,18 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - port: 9092 - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + port: 9092 + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false service: - - baseaddr: "so-etsi-sol003-adapter-api" - name: "so-etsi-sol003-adapter" - port: 9092 + - baseaddr: "so-etsi-sol003-adapter-api" + name: "so-etsi-sol003-adapter" + port: 9092 config: ssl: "redirect" nodeSelector: {} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml index 189a02bf73..c4d28c4ce9 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml @@ -42,18 +42,12 @@ server: mso: site-name: localSite logPath: ./logs/etsi-sol005-adapter - config: - cadi: {{ include "so.cadi.keys" . | nindent 8}} msb-ip: msb-iag msb-port: 80 adapters: requestDb: - {{ if (include "common.needTLS" .) }} - endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - {{ else }} endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - {{ end }} - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} #Actuator management: security: diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/configmap.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/configmap.yaml index 6331656fce..c334fd7699 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/configmap.yaml @@ -17,7 +17,7 @@ apiVersion: v1 data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml index 1abf21816b..3e63b45408 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml @@ -15,18 +15,10 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ .Values.minReadySeconds }} strategy: type: {{ .Values.updateStrategy.type }} @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} maxSurge: {{ .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -71,12 +47,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -92,12 +67,9 @@ spec: timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds}} successThreshold: {{ .Values.livenessProbe.successThreshold}} failureThreshold: {{ .Values.livenessProbe.failureThreshold}} - ports: - - containerPort: {{ .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{ include "common.containerPorts" . | nindent 10 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml index 5b8dee0774..21a6a77e27 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml @@ -13,28 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + +{{ include "common.service" . }} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml index b20f318658..c571029de7 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -80,26 +74,19 @@ containerPort: &containerPort 8084 logPath: ./logs/etsi-sol005-adapter/ app: etsi-sol005-adapter service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - port: *containerPort + name: http updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 - + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-etsi-sol005-cert-init - certInitializer: - nameOverride: so-etsi-sol005-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.vfcAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -122,14 +109,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8084 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8084 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index 60c40b67d1..155814d604 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -166,8 +166,7 @@ spec: - name: backup-storage mountPath: /var/data/mariadb {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml index 016b3f534f..633ac7dcc1 100755 --- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml @@ -14,12 +14,8 @@ # limitations under the License. */}} aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} + auth: {{ .Values.aai.auth }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} logging: path: logs spring: @@ -58,12 +54,8 @@ mso: msb-port: 80 adapters: requestDb: - {{ if (include "common.needTLS" .) }} - endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - {{ else }} endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - {{ end }} - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} #Actuator management: endpoints: diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml index 03a3df4163..35baef1759 100755 --- a/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml @@ -19,7 +19,7 @@ metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml index f41352e63f..32a9eff67d 100755 --- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml @@ -26,11 +26,9 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: {{- include "common.labels" . | nindent 8 }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} @@ -41,12 +39,6 @@ spec: - | export BPEL_PASSWORD=`htpasswd -bnBC 10 "" $BPEL_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'` export ACTUATOR_PASSWORD=`htpasswd -bnBC 10 "" $ACTUATOR_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'` - {{- if .Values.global.aafEnabled }} - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - {{- end }} ./start-app.sh image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} resources: {{ include "common.resources" . | nindent 12 }} @@ -72,12 +64,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }} - name: ACTUATOR_PASSWORD_INPUT {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }} - {{ include "so.certificates.env" . | nindent 12 }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-env imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -94,7 +85,7 @@ spec: successThreshold: {{ index .Values.livenessProbe.successThreshold}} failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 8 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index 29f9f4e24d..ecf9b04dc9 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -110,17 +104,14 @@ service: - name: http port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +################################################################# +# soHelpers part +################################################################# soHelpers: - nameOverride: so-nssmf-cert-init - certInitializer: - nameOverride: so-nssmf-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.nssmfAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -143,14 +134,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8088 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8088 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml index 2d645bebf2..c58ba9196f 100755 --- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml @@ -39,17 +39,13 @@ mso: msb-port: 80 msoKey: ${MSO_KEY} camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081 - camundaAuth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.camundaAuth )}} + camundaAuth: {{ .Values.mso.camundaAuth }} workflow: message: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage oof: auth: ${OOF_LOGIN}:${OOF_PASSWORD} - {{ if (include "common.needTLS" .) }} - endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 - {{ else }} endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698 - {{ end }} #Actuator management: endpoints: diff --git a/kubernetes/so/components/so-oof-adapter/templates/configmap.yaml b/kubernetes/so/components/so-oof-adapter/templates/configmap.yaml index da5fda9c42..62ad76709f 100755 --- a/kubernetes/so/components/so-oof-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-oof-adapter/templates/configmap.yaml @@ -26,7 +26,7 @@ metadata: data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml index f5307992d1..100371b9c1 100755 --- a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml @@ -26,15 +26,12 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: {{- include "common.labels" . | nindent 8 }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -54,12 +51,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-auth" "key" "login") | indent 10 }} - name: OOF_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-auth" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -68,11 +64,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: {{- include "common.containerPorts" . | nindent 12 }} + ports: {{- include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml index 530c35afdd..c8a12690d0 100755 --- a/kubernetes/so/components/so-oof-adapter/values.yaml +++ b/kubernetes/so/components/so-oof-adapter/values.yaml @@ -20,12 +20,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -87,23 +81,19 @@ containerPort: *containerPort logPath: ./logs/oof-adapter/ app: so-oof-adapter service: - type: ClusterIP - ports: - - name: http - port: *containerPort + type: ClusterIP + ports: + - name: http + port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 - + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +################################################################# +# soHelpers part +################################################################# soHelpers: - nameOverride: so-oof-adapter-cert-init - certInitializer: - nameOverride: so-oof-adapter-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.oofadapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -126,14 +116,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: *containerPort - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: *containerPort + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml index 7dc22c3536..55d9ca2b1d 100755 --- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml @@ -14,12 +14,8 @@ # limitations under the License. */}} aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} + auth: {{ .Values.aai.auth }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} server: {{- if include "common.onServiceMesh" . }} forward-headers-strategy: none @@ -72,7 +68,7 @@ org: {{- end }} default_keystone_reg_ex: "/[vV][0-9]" vnf: - bpelauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.bpelauth )}} + bpelauth: {{ .Values.org.onap.so.adapters.bpelauth }} checkRequiredParameters: true addGetFilesOnVolumeReq: false sockettimeout: 30 @@ -83,7 +79,7 @@ org: valet_enabled: false fail_requests_on_valet_failure: false network: - bpelauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.bpelauth )}} + bpelauth: {{ .Values.org.onap.so.adapters.bpelauth }} sockettimeout: 5 connecttimeout: 5 retrycount: 5 @@ -117,8 +113,8 @@ mso: adapters: requestDb: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.db.auth )}} - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}} + auth: {{ .Values.mso.db.auth }} + auth: {{ .Values.mso.auth }} logPath: ./logs/openstack msb-ip: msb-iag msb-port: 80 @@ -127,18 +123,14 @@ mso: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine msoKey: {{ .Values.mso.msoKey }} config: - {{ if eq .Values.global.security.aaf.enabled true }} - cadi: {{ include "so.cadi.keys" . | nindent 8}} - {{- else }} cadi: aafId: {{ .Values.mso.basicUser }} - {{- end }} catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.db.auth )}} + auth: {{ .Values.mso.db.auth }} site-name: localDevEnv async: core-pool-size: 50 diff --git a/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml b/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml index 050aab9732..eeab0f72cd 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml @@ -17,7 +17,7 @@ apiVersion: v1 data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml index 55493f7c42..c2db839bd7 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml @@ -15,17 +15,9 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -71,12 +47,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -85,14 +60,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{- include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml index 5b8dee0774..495f828bfb 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml @@ -13,28 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index e25f4b3498..205bc9a342 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -71,9 +65,6 @@ db: aai: auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 -aaf: - auth: - encrypted: 7F182B0C05D58A23A1C4966B9CDC9E0B8BC5CD53BC8C7B4083D869F8D53E9BDC3EFD55C94B1D3F org: onap: so: @@ -92,25 +83,19 @@ containerPort: &containerPort 8087 logPath: ./logs/openstack/ app: openstack-adapter service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - name: http + port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# -# soHelper part +# soHelpers part ################################################################# soHelpers: - nameOverride: so-openstack-cert-init - certInitializer: - nameOverride: so-openstack-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.openStackAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -133,14 +118,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8087 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8087 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false config: diff --git a/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml index 86e02d638a..7ea77493d7 100755 --- a/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml @@ -25,11 +25,9 @@ ssl-enable: false mso: logPath: logs site-name: localSite - config: - cadi: {{- include "so.cadi.keys" . | nindent 8}} adapters: requestDb: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 spring: datasource: diff --git a/kubernetes/so/components/so-request-db-adapter/templates/configmap.yaml b/kubernetes/so/components/so-request-db-adapter/templates/configmap.yaml index 6331656fce..3be605edf2 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/configmap.yaml @@ -14,10 +14,6 @@ # limitations under the License. */}} apiVersion: v1 -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap @@ -27,6 +23,10 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml index fa9d3a6a4b..f6678a416d 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml @@ -15,17 +15,9 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -71,28 +47,24 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config mountPath: /app/config readOnly: true {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{- include "common.containerPorts" . | nindent 10 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config configMap: - name: {{ include "common.fullname" . }}-app-configmap + name: {{ include "common.fullname" . }}-app-configmap imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml index 5b8dee0774..495f828bfb 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml @@ -13,28 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index 6d24563dcf..5e49316a36 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -80,25 +74,19 @@ containerPort: &containerPort 8083 logPath: ./logs/reqdb/ app: request-db-adapter service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - name: http + port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-requestdb-cert-init - certInitializer: - nameOverride: so-requestdb-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.requestDbAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -121,14 +109,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8083 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8083 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml index 50cf231a20..0630497bdb 100755 --- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml @@ -51,42 +51,32 @@ request: mso: msoKey: {{ index .Values.mso.msoKey }} logPath: ./logs/sdc - config: - cadi: {{ include "so.cadi.keys" . | nindent 8}} catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}} + auth: {{ .Values.mso.requestDb.auth }} site-name: onapheat camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/ adapters: requestDb: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}} + auth: {{ .Values.mso.requestDb.auth }} aai: - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} asdc-connections: asdc-controller1: user: mso consumerGroup: {{ .Values.config.kafka.sdcTopic.consumerGroup }} consumerId: {{ .Values.config.kafka.sdcTopic.clientId }} environmentName: AUTO - {{ if (include "common.needTLS" .) }} - sdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 - {{ else }} sdcAddress: sdc-be.{{ include "common.namespace" . }}:8080 - {{ end }} password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }} pollingInterval: 60 pollingTimeout: 60 relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL - useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} + useHttpsWithSdc: false activateServerTLSAuth: false keyStorePassword: keyStorePath: diff --git a/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml b/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml index 050aab9732..cb40c08f77 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml @@ -14,10 +14,6 @@ # limitations under the License. */}} apiVersion: v1 -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap @@ -27,6 +23,10 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index 0d1977beff..4becf41897 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -15,17 +15,9 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -77,12 +53,11 @@ spec: value: {{ .Values.config.kafka.saslMechanism }} - name: SASL_JAAS_CONFIG {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-sdc-kafka-secret" "key" "sasl.jaas.config") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -91,14 +66,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{- include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml index 5b8dee0774..495f828bfb 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml @@ -13,28 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 63a641c359..dbde74808b 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -106,25 +100,19 @@ containerPort: &containerPort 8085 logPath: ./logs/sdc/ app: sdc-controller service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - name: http + port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-sdc-cert-init - certInitializer: - nameOverride: so-sdc-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.sdcControllerPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -147,14 +135,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8085 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8085 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml index 119236b1b2..55dc11526d 100755 --- a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -20,20 +20,21 @@ server: port: {{ index .Values.containerPort }} mso: msoKey: ${MSO_KEY} - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "${AAF_AUTH}" "value2" "${MSO_AUTH}" )}} + auth: ${MSO_AUTH} async: core-pool-size: 50 max-pool-size: 50 queue-capacity: 500 logPath: ./logs/sdnc config: - cadi: {{ include "so.cadi.keys" . | nindent 14}} + cadi: + aafId: so@so.onap.org catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} site-name: onapheat #needs to be confirmed TODO workflow: @@ -112,7 +113,7 @@ org: changedelete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf delete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf - bpelauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.sdnc.bpelauth )}} + bpelauth: {{ .Values.org.onap.so.adapters.sdnc.bpelauth }} bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService opticalservice: optical-service-create: @@ -157,7 +158,7 @@ org: myurl: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify rest: bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage - sdncauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.sdnc.sdncauth )}} + sdncauth: {{ .Values.org.onap.so.adapters.sdnc.sdncauth }} sdncconnecttime: 5000 sdncurl10: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/GENERIC-RESOURCE-API:' sdncurl11: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/VNFTOPOLOGYAIC-API:' diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/configmap.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/configmap.yaml index 050aab9732..eeab0f72cd 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/configmap.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/configmap.yaml @@ -17,7 +17,7 @@ apiVersion: v1 data: LOG_PATH: {{ index .Values.logPath }} APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} + ACTIVE_PROFILE: "basic" kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml index b95e0b58a3..141b5ab1c9 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml @@ -15,17 +15,9 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: @@ -34,28 +26,12 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -73,14 +49,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-adapter-mso-key" "key" "password") | indent 10 }} - name: MSO_AUTH {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-adapter-mso-auth" "key" "password") | indent 10 }} - - name: AAF_AUTH - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-adapter-aaf-auth" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -89,14 +62,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{- include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml index 5b8dee0774..495f828bfb 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml @@ -13,28 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml index 1562a37ddd..60c1f9b285 100755 --- a/kubernetes/so/components/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml @@ -22,14 +22,6 @@ global: #This configuration specifies Service and port for SDNC OAM interface sdncOamService: sdnc-oam sdncOamPort: 8282 - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= - encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 - #encryptedSecret: some secret mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -55,11 +47,6 @@ secrets: type: password externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}' password: '{{ .Values.mso.msoKey }}' - - uid: sdnc-adapter-aaf-auth - name: '{{ include "common.release" . }}-so-sdnc-aaf-auth' - type: password - externalSecret: '{{ tpl (default "" .Values.global.aaf.auth.encryptedSecret) . }}' - password: '{{ .Values.global.aaf.auth.encrypted }}' - uid: sdnc-adapter-mso-auth name: '{{ include "common.release" . }}-so-sdnc-mso-auth' type: password @@ -107,26 +94,19 @@ containerPort: &containerPort 8086 logPath: ./logs/sdnc/ app: sdnc-adapter service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - name: http + port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 - + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-sdnc-cert-init - certInitializer: - nameOverride: so-sdnc-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.sdncAdapterPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -149,14 +129,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8086 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8086 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml index 1b4294af2f..387303b4fb 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml @@ -32,9 +32,6 @@ dependencies: - name: repositoryGenerator version: ~12.x-0 repository: '@local' - - name: soHelpers - version: ~12.x-0 - repository: 'file://../soHelpers' - name: serviceAccount version: ~12.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml index 1a96abf9cb..606ceb4fcc 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml @@ -21,18 +21,10 @@ server: port: {{ include "common.getPort" (dict "global" . "name" "http") }} vevnfmadapter: - {{ if (include "common.needTLS" .) }} - endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 - {{ else }} - endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 - {{ end }} + endpoint: http://msb-iag:80/api/{{ include "common.servicename" . }}/v1 aai: - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} dmaap: endpoint: http://message-router.{{ include "common.namespace" . }}:3904 diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml index 9a6b79c440..e322b60e48 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml @@ -24,7 +24,7 @@ spec: metadata: labels: {{- include "common.labels" . | nindent 8 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + initContainers: {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} @@ -34,7 +34,7 @@ spec: image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} resources: {{ include "common.resources" . | nindent 12 }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -47,9 +47,9 @@ spec: periodSeconds: {{ .Values.livenessProbe.periodSeconds}} successThreshold: {{ .Values.livenessProbe.successThreshold}} failureThreshold: {{ .Values.livenessProbe.failureThreshold}} - ports: {{- include "common.containerPorts" . | nindent 10 }} + ports: {{- include "common.containerPorts" . | nindent 12 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 8 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml index 8e8236cfb4..08911aae76 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml @@ -48,15 +48,6 @@ service: - name: http port: 9098 -################################################################# -# soHelpers part -################################################################# -soHelpers: - nameOverride: so-vevnfm-cert-init - certInitializer: - nameOverride: so-vevnfm-cert-init - credsPath: /opt/app/osaaf/local - flavor: small resources: small: diff --git a/kubernetes/so/components/soHelpers/Chart.yaml b/kubernetes/so/components/soHelpers/Chart.yaml index bf300e3f3b..caada54b79 100755 --- a/kubernetes/so/components/soHelpers/Chart.yaml +++ b/kubernetes/so/components/soHelpers/Chart.yaml @@ -25,6 +25,3 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - - name: certInitializer - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/so/components/soHelpers/templates/_cadiValues.tpl b/kubernetes/so/components/soHelpers/templates/_cadiValues.tpl deleted file mode 100644 index 7e04706d4a..0000000000 --- a/kubernetes/so/components/soHelpers/templates/_cadiValues.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "so.cadi.keys" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} -cadiLoglevel: {{ $initRoot.cadi.logLevel }} -cadiKeyFile: {{ $initRoot.certInitializer.credsPath }}/{{ $initRoot.certInitializer.fqi_namespace }}.keyfile -cadiTrustStore: {{ $initRoot.certInitializer.credsPath }}/truststoreONAPall.jks -cadiTruststorePassword: ${TRUSTSTORE_PASSWORD} -cadiLatitude: {{ $initRoot.cadi.latitude }} -cadiLongitude: {{ $initRoot.cadi.longitude }} -aafEnv: {{ $initRoot.cadi.aafEnv }} -aafApiVersion: {{ $initRoot.cadi.aafApiVersion }} -aafRootNs: {{ $initRoot.cadi.aafRootNs }} -aafId: {{ $initRoot.cadi.aafId }} -aafPassword: {{ $initRoot.cadi.aafPassword }} -aafLocateUrl: {{ $initRoot.cadi.aafLocateUrl }} -aafUrl: {{ $initRoot.cadi.aafUrl }} -apiEnforcement: {{ $initRoot.cadi.apiEnforcement }} -{{- if ($initRoot.cadi.noAuthn) }} -noAuthn: {{ $initRoot.cadi.noAuthn }} -{{- end }} -{{- end }} diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl deleted file mode 100644 index cda61b2cfa..0000000000 --- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{- define "so.certificate.container_importer" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} -{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} -{{ include "common.certInitializer.initContainer" $subchartDot }} -{{- end -}} - -{{- define "so.certificate.volumes" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} -{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} -{{ include "common.certInitializer.volumes" $subchartDot }} -{{- end -}} - -{{- define "so.certificate.volumeMount" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} -{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} -{{ include "common.certInitializer.volumeMount" $subchartDot }} -{{- end -}} - -{{- define "so.certificates.env" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} -{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} -{{- if $dot.Values.global.aafEnabled }} -- name: TRUSTSTORE - value: {{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks -{{- if $dot.Values.global.security.aaf.enabled }} -- name: KEYSTORE - value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.certInitializer.fqi_namespace }}.p12 -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl b/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl index cde94742c6..e596b806ed 100644 --- a/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl +++ b/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl @@ -7,11 +7,6 @@ livenessProbe: path: {{ $subchartDot.Values.livenessProbe.path }} port: {{ $subchartDot.Values.containerPort }} scheme: {{ $subchartDot.Values.livenessProbe.scheme }} - {{- if $subchartDot.Values.global.security.aaf.enabled }} - httpHeaders: - - name: Authorization - value: {{ $subchartDot.Values.global.aaf.auth.header }} - {{- end }} initialDelaySeconds: {{ $subchartDot.Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ $subchartDot.Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ $subchartDot.Values.livenessProbe.timeoutSeconds }} diff --git a/kubernetes/so/components/soHelpers/templates/_profileProperty.tpl b/kubernetes/so/components/soHelpers/templates/_profileProperty.tpl deleted file mode 100644 index 56910ebebd..0000000000 --- a/kubernetes/so/components/soHelpers/templates/_profileProperty.tpl +++ /dev/null @@ -1,3 +0,0 @@ -{{- define "so.helpers.profileProperty" -}} - {{ if .condition }}{{ .value1 }}{{ else }}{{ .value2 }}{{ end }} -{{- end -}} diff --git a/kubernetes/so/components/soHelpers/values.yaml b/kubernetes/so/components/soHelpers/values.yaml index 2417d2553c..ec3fef2d81 100755 --- a/kubernetes/so/components/soHelpers/values.yaml +++ b/kubernetes/so/components/soHelpers/values.yaml @@ -16,38 +16,10 @@ # Global configuration defaults. ################################################################# global: - aafAgentImage: onap/aaf/aaf_agent:2.1.20 msbEnabled: true - security: - aaf: - enabled: false app: msoKey: 07a7159d3bf51a0e53be7a8f89699be7 -################################################################# -# AAF part -################################################################# -certInitializer: - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: so - fqi: so@so.onap.org - public_fqdn: so.onap.org - fqi_namespace: org.onap.so - cadi_longitude: '0.0' - cadi_latitude: '0.0' - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "cadi_truststore_password=$cadi_truststore_password" > {{ .Values.credsPath }}/mycreds.prop - echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" >> {{ .Values.credsPath }}/mycreds.prop - echo "TRUSTSTORE_PASSWORD={{ .Values.truststorePassword }}" >> {{ .Values.credsPath }}/mycreds.prop - -aafConfig: - permission_user: 1000 - permission_group: 999 - ################################################################# # Application configuration defaults. ################################################################# @@ -60,17 +32,3 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 - -cadi: - logLevel: DEBUG - latitude: 38.4329 - longitude: -90.43248 - aafEnv: IST - aafApiVersion: 2.1 - aafRootNs: org.onap.so - aafLocateUrl: https://aaf-locate.onap:8095 - aafUrl: https://aaf-locate.onap:8095/locate/org.osaaf.aaf.service:2.1 - aafId: so@so.onap.org - aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9 - apiEnforcement: org.onap.so.apihPerm - noAuthn: /manage/health diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 48b75c72e9..47fc6d3d5d 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -1,10 +1,6 @@ aai: - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} + auth: {{ .Values.mso.aai.auth }} server: port: {{ index .Values.containerPort }} tomcat: @@ -17,16 +13,15 @@ mso: adapters: requestDb: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} + auth: {{ .Values.mso.adapters.requestDb.auth }} config: path: /src/main/resources/ - cadi: {{ include "so.cadi.keys" . | nindent 10}} infra: default: alacarte: @@ -38,33 +33,25 @@ mso: default: testApi: GR_API camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/ - camundaAuth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.camundaAuth )}} + camundaAuth: {{ .Values.mso.camundaAuth }} async: core-pool-size: 50 max-pool-size: 50 queue-capacity: 500 sdc: client: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.sdc.client.auth )}} + auth: {{ .Values.mso.sdc.client.auth }} activate: instanceid: test userid: cs0008 - {{ if (include "common.needTLS" .) }} - endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080 - {{ end }} tenant: isolation: retry: count: 3 aai: - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} + auth: {{ .Values.mso.aai.auth }} extApi: endpoint: http://nbi.onap:8080/nbi/api/v3 @@ -74,11 +61,11 @@ mso: username: testuser password: VjR5NDcxSzA= host: http://dmaap-bc.{{ include "common.namespace" . }}:8080 - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.so.operationalEnv.dmaap.auth )}} + auth: {{ .Values.mso.so.operationalEnv.dmaap.auth }} publisher: topic: com.att.ecomp.mso.operationalEnvironmentEvent health: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.health.auth )}} + auth: {{ .Values.mso.health.auth }} endpoints: - subsystem: apih uri: http://so-bpmn-infra:8081 diff --git a/kubernetes/so/templates/configmap.yaml b/kubernetes/so/templates/configmap.yaml index c55bf573f1..052a985387 100755 --- a/kubernetes/so/templates/configmap.yaml +++ b/kubernetes/so/templates/configmap.yaml @@ -14,10 +14,6 @@ # limitations under the License. */}} apiVersion: v1 -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap @@ -27,6 +23,10 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index 99a5eff0e7..3110802fa0 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -15,18 +15,10 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ index .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: type: {{ index .Values.updateStrategy.type }} @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -71,12 +47,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -85,19 +60,16 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: {{ .Values.log.path }} {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{ include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config configMap: - name: {{ include "common.fullname" . }}-app-configmap + name: {{ include "common.fullname" . }}-app-configmap - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log diff --git a/kubernetes/so/templates/ingress.yaml b/kubernetes/so/templates/ingress.yaml index 8f87c68f1e..9bef773eda 100644 --- a/kubernetes/so/templates/ingress.yaml +++ b/kubernetes/so/templates/ingress.yaml @@ -1 +1,17 @@ +{{/* +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + {{ include "common.ingress" . }} diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml index 5a83d566ac..21a6a77e27 100755 --- a/kubernetes/so/templates/service.yaml +++ b/kubernetes/so/templates/service.yaml @@ -13,391 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/activate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/deactivate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}/{requestId}/unlock", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}/unlock", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/activate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/deactivate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][7]}/serviceInstances/assign", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/unassign", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/enablePort", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/disablePort", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/activate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/deactivate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/addRelationships", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/removeRelationships", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/replace", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/applyUpdatedConfig", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/replace", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/inPlaceSoftwareUpdate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/deactivateAndCloudDelete", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/scaleOut", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - } - ]' -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + +{{ include "common.service" . }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 32e6e4776d..ce7ee71032 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -18,7 +18,6 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 - aafAgentImage: onap/aaf/aaf_agent:2.1.20 centralizedLoggingEnabled: true mariadbGalera: nameOverride: mariadb-galera @@ -46,22 +45,11 @@ global: dbPassword: secretpassword # dbCredsExternalSecret: some secret msbEnabled: true - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= - encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 app: siteName: onapheat auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap - certificates: - path: /etc/ssl/certs - share_path: /usr/local/share/ca-certificates/ - soSdcListenerKafkaUser: so-sdc-list-user readinessCheck: @@ -131,13 +119,6 @@ secrets: login: '{{ .Values.server.bpel.username }}' password: '{{ .Values.server.bpel.password }}' passwordPolicy: required - - uid: so-aaf-creds - name: &aaf-secrets '{{ include "common.release" . }}-so-server-aaf-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' - login: '{{ .Values.server.aaf.username }}' - password: '{{ .Values.server.aaf.password }}' - passwordPolicy: required - uid: so-aai-creds name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds' type: basicAuth @@ -146,32 +127,7 @@ secrets: password: '{{ .Values.server.aai.password }}' passwordPolicy: required -aafConfig: - permission_user: 1000 - permission_group: 999 - -aaf: - trustore: org.onap.so.trust.jks - -################################################################# -# AAF part for Ingress -################################################################# -certInitializer: - nameOverride: so-tls-cert - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: so - fqi: so@so.onap.org - public_fqdn: so.onap.org - fqi_namespace: org.onap.so - cadi_longitude: '0.0' - cadi_latitude: '0.0' - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - ingressTlsSecret: '{{ include "common.release" . }}-so-ingress-certs' - -################################################################# +################################################################## # Application configuration defaults. ################################################################# @@ -187,10 +143,6 @@ dbCreds: image: onap/so/api-handler-infra:1.11.0 server: - aaf: - username: so@so.onap.org - password: demo123456 - # aafCredsExternalSecret: some secret aai: username: aai@aai.onap.org password: demo123456! @@ -212,30 +164,390 @@ logPath: ./logs/apih/ app: api-handler-infra service: type: NodePort - nodePort: 77 internalPort: *containerPort - externalPort: *containerPort - portName: http + ports: + - name: http + port: *containerPort + nodePort: '77' + annotations: + msb.onap.org/service-info: | + {{ if .Values.global.msbEnabled -}}[ + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/activate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/deactivate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}/{requestId}/unlock", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}/unlock", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/activate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/deactivate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][7]}/serviceInstances/assign", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/unassign", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/enablePort", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/disablePort", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/activate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/deactivate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/addRelationships", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/removeRelationships", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/replace", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/applyUpdatedConfig", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/replace", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/inPlaceSoftwareUpdate", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/deactivateAndCloudDelete", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/scaleOut", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.internalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + } + ]{{ end }} + updateStrategy: type: RollingUpdate maxUnavailable: 1 maxSurge: 1 -################################################################# +################################################################ # soHelpers part ################################################################# soHelpers: - nameOverride: so-apih-cert-init - certInitializer: - nameOverride: so-apih-cert-init - credsPath: /opt/app/osaaf/local containerPort: *containerPort # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) -persistence: - certificatesPath: /certificates resources: small: limits: @@ -285,9 +597,6 @@ ingress: - baseaddr: 'so-api' name: 'so' port: 8080 - config: - tls: - secret: '{{ include "common.release" . }}-so-ingress-certs' mso: adapters: @@ -310,13 +619,6 @@ mso: health: auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ= -so-appc-orchestrator: - enabled: false - server: - actuatorCredsExternalSecret: *actuator-secrets - db: - <<: *dbSecrets - so-bpmn-infra: db: <<: *dbSecrets @@ -332,7 +634,6 @@ so-cnf-adapter: db: <<: *dbSecrets server: - aafCredsExternalSecret: *aaf-secrets aaiCredsExternalSecret: *aai-secrets actuatorCredsExternalSecret: *actuator-secrets mso: diff --git a/kubernetes/uui/components/uui-intent-analysis/templates/deployment.yaml b/kubernetes/uui/components/uui-intent-analysis/templates/deployment.yaml index 91d96c232f..3c3f60efa4 100644 --- a/kubernetes/uui/components/uui-intent-analysis/templates/deployment.yaml +++ b/kubernetes/uui/components/uui-intent-analysis/templates/deployment.yaml @@ -54,8 +54,7 @@ spec: port: {{ .Values.readiness.port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end }} diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml index b5ab1fb93c..47a74b7ed1 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml @@ -78,8 +78,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/gvnfmdriver/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml index f96d4d664b..a6da5e3a79 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml @@ -81,8 +81,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/hwvnfmdriver/config/log4j.properties subPath: log4j.properties - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml index f9faa7e845..ebfacf52c0 100644 --- a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml @@ -108,8 +108,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/nslcm/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-redis/templates/deployment.yaml b/kubernetes/vfc/components/vfc-redis/templates/deployment.yaml index 787c62c3c5..2739bd62bc 100644 --- a/kubernetes/vfc/components/vfc-redis/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-redis/templates/deployment.yaml @@ -55,8 +55,7 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml index 8c414ffc59..870541d2f2 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml @@ -108,8 +108,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/gvnfm-vnflcm/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml index 9fcf9b923d..a690a9d08d 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml @@ -108,8 +108,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/gvnfm-vnfmgr/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml index 5723b0f322..7994294cd1 100644 --- a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml @@ -108,8 +108,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/gvnfm-vnfres/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml index 855532ddf3..2a07ed6106 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml @@ -78,8 +78,7 @@ spec: - name: {{ include "common.fullname" . }}-logconfig mountPath: /opt/vfc/ztevnfmdriver/config/log.yml subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }}