From: Ramesh Parthasarathy Date: Wed, 5 Sep 2018 01:47:29 +0000 (+0000) Subject: helm chart for so containers X-Git-Tag: 3.0.0-ONAP~402^2 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=3cd3fb1cad83f58f995e7c6045b558b982338217;p=oom.git helm chart for so containers This check-in is an updated version of helm charts for so containers based on review comments Change-Id: I690430622ecbdcaf099a6165844142841db436dd Issue-ID: SO-709 Signed-off-by: Ramesh Parthasarathy(rp6768) --- diff --git a/kubernetes/so/.helmignore b/kubernetes/so/.helmignore old mode 100644 new mode 100755 diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml old mode 100644 new mode 100755 index 27e9161940..dcd4eb5c43 --- a/kubernetes/so/Chart.yaml +++ b/kubernetes/so/Chart.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 description: ONAP Service Orchestrator name: so diff --git a/kubernetes/so/charts/mariadb/.helmignore b/kubernetes/so/charts/mariadb/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/so/charts/mariadb/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/so/charts/so-bpmn-infra/Chart.yaml b/kubernetes/so/charts/so-bpmn-infra/Chart.yaml new file mode 100755 index 0000000000..6feed26418 --- /dev/null +++ b/kubernetes/so/charts/so-bpmn-infra/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: so-bpmn-infra +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..01f836ae80 --- /dev/null +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -0,0 +1,274 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +aai: + auth: 2630606608347B7124C244AB0FE34F6F + dme2: + timeout: '30000' + endpoint: https://aai.api.simpledemo.onap.org:8443 +camunda: + bpm: + admin-user: + id: admin + password: admin + history-level: full + job-execution: + max-pool-size: 30 + core-pool-size: 3 +entitymanager: + packagesToScan: com +mso: + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 + correlation: + timeout: 60 + logPath: logs + async: + core-pool-size: 50 + max-pool-size: 50 + queue-capacity: 500 + adapters: + requestDb: + auth: Basic YnBlbDptc28tZGItMTUwNyE= + endpoint: https://c1.vm1.mso.simpledemo.onap.org:8081 + completemsoprocess: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8081/CompleteMsoProcess + db: + auth: 26AFB797A6A57960D5D718491925C50F77CDC22AC394B3DBA09950D8FD1C0764 + password: wLg4sjrAFUS8rfVfdvTXeQ== + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8083/services/RequestsDbAdapter + spring: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8083 + network: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/NetworkAdapter + rest: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/rest/v1/networks + openecomp: + db: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8083/services/RequestsDbAdapter + po: + auth: 757A94191D685FD2092AC1490730A4FC + password: 3141634BF7E070AA289CF2892C986C0B + sdnc: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8086/adapters/SDNCAdapter + rest: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8086/adapters/rest/v1/sdnc + timeout: PT60S + tenant: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/TenantAdapter + vnf: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/VnfAdapter + rest: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/rest/vnfs/v1/vnfs + volume-groups: + rest: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/rest/v1/volume-groups + vnf-async: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8087/services/VnfAdapterAsync + bpmn: + process: + historyTimeToLive: '30' + callbackRetryAttempts: '5' + catalog: + db: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8082/ecomp/mso/catalog + spring: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8082 + db: + auth: Basic YnBlbDptc28tZGItMTUwNyE= + default: + adapter: + namespace: http://org.onap.mso + healthcheck: + log: + debug: 'false' + infra: + customer: + id: testCustIdInfra + po: + timeout: PT60S + request: + db: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8083/ + rollback: 'true' + sdnc: + password: 3141634BF7E070AA289CF2892C986C0B + service: + agnostic: + sniro: + endpoint: /sniro/api/v2/placement + host: http://c1.vm1.mso.simpledemo.onap.org:30253 + site-name: CamundaEngine + sniro: + auth: test:testpwd + callback: http://c1.vm1.mso.simpledemo.onap.org:8086/adapters/rest/SDNCNotify + endpoint: http://replaceme:28090/optimizationInstance/V1/create + timeout: PT30M + workflow: + CreateGenericVNFV1: + aai: + volume-group: + uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group + default: + aai: + version: '8' + cloud-region: + version: '9' + generic-vnf: + version: '9' + v11: + customer: + uri: /aai/v11/business/customers/customer + generic-query: + uri: /aai/v11/search/generic-query + generic-vnf: + uri: /aai/v11/network/generic-vnfs/generic-vnf + l3-network: + uri: /aai/v11/network/l3-networks/l3-network + network-policy: + uri: /aai/v11/network/network-policies/network-policy + nodes-query: + uri: /aai/v11/search/nodes-query + route-table-reference: + uri: /aai/v11/network/route-table-references/route-table-reference + tenant: + uri: /aai/v11/cloud-infrastructure/cloud-regions/cloud-region/att-aic/AAIAIC25/tenants/tenant + vce: + uri: /aai/v11/network/vces/vce + vpn-binding: + uri: /aai/v11/network/vpn-bindings/vpn-binding + v8: + configuration: + uri: /aai/v11/network/configurations/configuration + customer: + uri: /aai/v8/business/customers/customer + generic-query: + uri: /aai/v8/search/generic-query + l3-network: + uri: /aai/v8/network/l3-networks/l3-network + network-policy: + uri: /aai/v8/network/network-policies/network-policy + nodes-query: + uri: /aai/v8/search/nodes-query + route-table-reference: + uri: /aai/v8/network/route-table-references/route-table-reference + tenant: + uri: /aai/v8/cloud-infrastructure/cloud-regions/cloud-region/att-aic/AAIAIC25/tenants/tenant + vce: + uri: /aai/v8/network/vces/vce + vpn-binding: + uri: /aai/v8/network/vpn-bindings/vpn-binding + v9: + cloud-region: + uri: /aai/v9/cloud-infrastructure/cloud-regions/cloud-region/att-aic + generic-vnf: + uri: /aai/v9/network/generic-vnfs/generic-vnf + retry: + attempts: '1' + deleteCinderVolumeV1: + aai: + volume-group: + uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group + global: + default: + aai: + namespace: http://org.onap.aai.inventory/ + message: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8081/mso/WorkflowMessage + notification: + name: GenericNotificationServiceATT + sdncadapter: + callback: http://c1.vm1.mso.simpledemo.onap.org:8086/mso/SDNCAdapterCallbackService + vnfadapter: + create: + callback: http://c1.vm1.mso.simpledemo.onap.org:8087/mso/vnfAdapterNotify + delete: + callback: http://c1.vm1.mso.simpledemo.onap.org:8087/mso/vnfAdapterNotify + query: + callback: http://c1.vm1.mso.simpledemo.onap.org:8087/mso/vnfAdapterNotify + rollback: + callback: http://c1.vm1.mso.simpledemo.onap.org:8087/mso/vnfAdapterNotify + global: + dmaap: + username: testuser + password: alRyMzJ3NUNeakxl + host: http://10.42.111.36:904 + publisher: + topic: replaceme +policy: + auth: Basic dGVzdHBkcDphbHBoYTEyMw== + client: + auth: Basic bTAzNzQzOnBvbGljeVIwY2sk + endpoint: https://localhost:8081/pdp/api/ + environment: TEST +sdnc: + auth: Basic YWRtaW46YWRtaW4= + host: https://localhost:8443 + path: /restconf/operations/GENERIC-RESOURCE-API +appc: + client: + topic: + read: + name: APPC-LCM-WRITE + timeout: 360000 + write: APPC-LCM-READ + sdnc: + read: + name: SDNC-LCM-WRITE + write: SDNC-LCM-READ + response: + timeout: 360000 + key: VIlbtVl6YLhNUrtU + secret: 64AG2hF4pYeG2pq7CT6XwUOT + service: ueb + poolMembers: ueb1.simpledemo.onap.org:3904,ueb2.simpledemo.onap.org:3904 +server: + port: 8081 + tomcat: + max-threads: 50 +spring: + datasource: + driver-class-name: org.mariadb.jdbc.Driver + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + security: + usercredentials: + - + username: apihBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: sdncaBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: poBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: wmaBpmn + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPMN-Client + - + username: sniro + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SNIRO-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR \ No newline at end of file diff --git a/kubernetes/so/templates/log-configmap.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/configmap.yaml old mode 100644 new mode 100755 similarity index 63% rename from kubernetes/so/templates/log-configmap.yaml rename to kubernetes/so/charts/so-bpmn-infra/templates/configmap.yaml index ed55ec07a4..48d9ef8820 --- a/kubernetes/so/templates/log-configmap.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T USA # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,19 +11,23 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} kind: ConfigMap metadata: - name: so-log-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: so-filebeat-configmap + name: {{ include "common.fullname" . }}-app-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/so-bpmn-infra/templates/service.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/service.yaml new file mode 100755 index 0000000000..1ad478667c --- /dev/null +++ b/kubernetes/so/charts/so-bpmn-infra/templates/service.yaml @@ -0,0 +1,59 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "so/bpmn", + "version": "v1", + "url": "/VNFAdaptercallback/", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1" , + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/bpmn", + "version": "v1", + "url": "/SDNCAdapterCallbackService", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml new file mode 100755 index 0000000000..4f6e1093b1 --- /dev/null +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +repository: nexus3.onap.org:10001 +image: onap/so/bpmn-infra:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8081 +logPath: ./logs/bpmn/ +app: so-bpmn-infra +service: + type: ClusterIP + internalPort: 8081 + externalPort: 10200 + portName: so-bpmn-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 8Gi + cpu: 4000m +livenessProbe: + path: /manage/health + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml b/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml new file mode 100755 index 0000000000..75a61264ed --- /dev/null +++ b/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: A Helm chart for so-catalog-db-adapter +name: so-catalog-db-adapter +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..65f22b73b8 --- /dev/null +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,66 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +server: + port: 8082 + tomcat: + max-threads: 50 +ssl-enable: false +mso: + logPath: logs + site-name: onapheat + catalog: + db: + spring: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8082 + db: + auth: Basic YnBlbDpwYXNzd29yZDEk +spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + initialize: false + initialization-mode: never + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + jpa: + generate-ddl: false + show-sql: false + hibernate: + ddl-auto: validate + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + enable-lazy-load-no-trans: true + database-platform: org.hibernate.dialect.MySQL5InnoDBDialect + security: + usercredentials: + - + username: bpel + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +#Actuator +management: + context-path: /manage +flyway: + base-on-migrate: true + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + user: ${DB_USERNAME} + password: ${DB_PASSWORD} \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/templates/configmap.yaml b/kubernetes/so/charts/so-catalog-db-adapter/templates/configmap.yaml new file mode 100755 index 0000000000..48d9ef8820 --- /dev/null +++ b/kubernetes/so/charts/so-catalog-db-adapter/templates/configmap.yaml @@ -0,0 +1,33 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} +data: + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/charts/so-catalog-db-adapter/templates/service.yaml new file mode 100755 index 0000000000..db3bb7848b --- /dev/null +++ b/kubernetes/so/charts/so-catalog-db-adapter/templates/service.yaml @@ -0,0 +1,140 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/services", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1" , + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/vnfResources/{vnfModelCustomizationUuid}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/serviceVnfs", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/networkResources/{networkModelCustomizationUuid}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/serviceNetworks", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/serviceResources", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/allottedResources/{arModelCustomizationUuid}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/serviceAllottedResources", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/vfModules", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/serviceToscaCsar", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/catdb", + "version": "v1", + "url": "/{version: v[0-9]+}/resourceRecipe", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml new file mode 100755 index 0000000000..7e49057cc0 --- /dev/null +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -0,0 +1,51 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +repository: nexus3.onap.org:10001 +image: onap/so/catalog-db-adapter:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8082 +logPath: ./logs/catdb/ +app: catalog-db-adapter +service: + type: ClusterIP + internalPort: 8082 + externalPort: 10800 + portName: so-catdb-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + port: 8082 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/charts/so-db-secrets/Chart.yaml b/kubernetes/so/charts/so-db-secrets/Chart.yaml new file mode 100755 index 0000000000..f9470e23a1 --- /dev/null +++ b/kubernetes/so/charts/so-db-secrets/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: A Helm chart for DB secrets +name: so-db-secrets +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml new file mode 100755 index 0000000000..f1910d2738 --- /dev/null +++ b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml @@ -0,0 +1,31 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-so-db-secrets + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + mariadb.readwrite.host : {{"so-mariadb"| b64enc | quote}} + mariadb.readwrite.port : {{"3306"| b64enc }} + mariadb.readwrite.rolename: {{"root"| b64enc | quote}} + mariadb.readwrite.password: {{"password"| b64enc | quote}} + mariadb.admin.rolename: {{"root"| b64enc | quote}} + mariadb.admin.password: {{"password"| b64enc | quote}} +type: Opaque \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/Chart.yaml b/kubernetes/so/charts/so-mariadb/Chart.yaml old mode 100644 new mode 100755 similarity index 95% rename from kubernetes/so/charts/mariadb/Chart.yaml rename to kubernetes/so/charts/so-mariadb/Chart.yaml index 6b4471ac55..789280a92d --- a/kubernetes/so/charts/mariadb/Chart.yaml +++ b/kubernetes/so/charts/so-mariadb/Chart.yaml @@ -11,8 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 description: MariaDB Service -name: mariadb -version: 2.0.0 +name: so-mariadb +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/resources/config/mariadb/conf.d/mariadb1.cnf b/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf old mode 100644 new mode 100755 similarity index 100% rename from kubernetes/so/charts/mariadb/resources/config/mariadb/conf.d/mariadb1.cnf rename to kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf diff --git a/kubernetes/so/charts/mariadb/templates/NOTES.txt b/kubernetes/so/charts/so-mariadb/templates/NOTES.txt old mode 100644 new mode 100755 similarity index 100% rename from kubernetes/so/charts/mariadb/templates/NOTES.txt rename to kubernetes/so/charts/so-mariadb/templates/NOTES.txt diff --git a/kubernetes/so/charts/mariadb/templates/configmap.yaml b/kubernetes/so/charts/so-mariadb/templates/configmap.yaml old mode 100644 new mode 100755 similarity index 97% rename from kubernetes/so/charts/mariadb/templates/configmap.yaml rename to kubernetes/so/charts/so-mariadb/templates/configmap.yaml index 3c71619fe7..1ea1987685 --- a/kubernetes/so/charts/mariadb/templates/configmap.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/configmap.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/so/charts/mariadb/templates/deployment.yaml b/kubernetes/so/charts/so-mariadb/templates/deployment.yaml old mode 100644 new mode 100755 similarity index 98% rename from kubernetes/so/charts/mariadb/templates/deployment.yaml rename to kubernetes/so/charts/so-mariadb/templates/deployment.yaml index c85fe79103..a72d10851b --- a/kubernetes/so/charts/mariadb/templates/deployment.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/deployment.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -40,6 +39,7 @@ spec: git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; + chmod -R 755 /docker-entrypoint-initdb.d; echo "Done."; image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -107,4 +107,4 @@ spec: - name: docker-entrypoint-initdb-d emptyDir: {} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/templates/pv.yaml b/kubernetes/so/charts/so-mariadb/templates/pv.yaml old mode 100644 new mode 100755 similarity index 99% rename from kubernetes/so/charts/mariadb/templates/pv.yaml rename to kubernetes/so/charts/so-mariadb/templates/pv.yaml index 184728f8ad..d1e1b04121 --- a/kubernetes/so/charts/mariadb/templates/pv.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pv.yaml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolume apiVersion: v1 @@ -34,4 +33,4 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/templates/pvc.yaml b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml old mode 100644 new mode 100755 similarity index 99% rename from kubernetes/so/charts/mariadb/templates/pvc.yaml rename to kubernetes/so/charts/so-mariadb/templates/pvc.yaml index e27c3311e9..74ba690fa6 --- a/kubernetes/so/charts/mariadb/templates/pvc.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -45,4 +44,4 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/templates/secrets.yaml b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml old mode 100644 new mode 100755 similarity index 98% rename from kubernetes/so/charts/mariadb/templates/secrets.yaml rename to kubernetes/so/charts/so-mariadb/templates/secrets.yaml index 4d65c078c9..24f7139ee0 --- a/kubernetes/so/charts/mariadb/templates/secrets.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Secret metadata: @@ -24,4 +23,4 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} + db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-mariadb/templates/service.yaml b/kubernetes/so/charts/so-mariadb/templates/service.yaml new file mode 100755 index 0000000000..c9a3f564ab --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/templates/service.yaml @@ -0,0 +1,37 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.portName }} + {{- if eq .Values.service.type "NodePort" }} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/values.yaml b/kubernetes/so/charts/so-mariadb/values.yaml old mode 100644 new mode 100755 similarity index 93% rename from kubernetes/so/charts/mariadb/values.yaml rename to kubernetes/so/charts/so-mariadb/values.yaml index 693e3dd689..81370c7205 --- a/kubernetes/so/charts/mariadb/values.yaml +++ b/kubernetes/so/charts/so-mariadb/values.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # Default values for mariadb. # This is a YAML-formatted file. # Declare variables to be passed into your templates. @@ -20,30 +19,22 @@ global: # global defaults persistence: {} readinessRepository: oomk8s ubuntuInitRepository: registry.hub.docker.com - - # application image repository: nexus3.onap.org:10001 image: mariadb:10.1.11 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # application configuration config: mariadbRootPassword: password # gerrit branch where the latest heat code is checked in - gerritBranch: 2.0.0-ONAP + gerritBranch: master # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git - - # default number of instances replicaCount: 1 - nodeSelector: {} - affinity: {} - # probe configuration parameters liveness: initialDelaySeconds: 450 @@ -51,21 +42,17 @@ liveness: # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true - readiness: initialDelaySeconds: 450 periodSeconds: 10 - ## Persist data to a persitent volume persistence: enabled: true - ## A manually managed Persistent Volume and Claim ## Requires persistence.enabled: true ## If defined, PVC must be created manually before volume will be bound # existingClaim: volumeReclaimPolicy: Retain - ## database data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning @@ -78,31 +65,28 @@ persistence: size: 2Gi mountPath: /dockerdata-nfs mountSubPath: mso/mariadb/data - service: type: NodePort portName: mariadb internalPort: 3306 nodePort: 52 - ingress: enabled: false - resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # s, adjust them as necessary, and remove the curly braces after 'resources:'. # # Example: # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory #resources: # limits: # cpu: 2 # memory: 4Gi # requests: # cpu: 2 -# memory: 4Gi +# memory: 4Gi \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/Chart.yaml b/kubernetes/so/charts/so-openstack-adapter/Chart.yaml new file mode 100755 index 0000000000..5ebc0f7b7b --- /dev/null +++ b/kubernetes/so/charts/so-openstack-adapter/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: so-openstack-adapter +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..f964364225 --- /dev/null +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,140 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +server: + port: 8087 +spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + security: + usercredentials: + - + username: sdnc + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SDNC-Client + - + username: sitecontrol + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SiteControl-Client + - + username: bpel + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - + username: sniro + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SNIRO-Client + - + username: apih + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: MSO-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +org: + onap: + so: + adapters: + default_keystone_url_version: /v2.0 + default_keystone_reg_ex: "/[vV][0-9]" + vnf: + bpelauth: 5119D1AF37F671FC01FFAD2151D93EFB2BBB503E879FD07104D024EDDF118FD1 + checkRequiredParameters: true + addGetFilesOnVolumeReq: false + sockettimeout: 30 + connecttimeout: 30 + retrycount: 5 + retryinterval: -15 + retrylist: 408,429,500,502,503,504,900 + valet_enabled: false + fail_requests_on_valet_failure: false + network: + bpelauth: 5119D1AF37F671FC01FFAD2151D93EFB2BBB503E879FD07104D024EDDF118FD1 + sockettimeout: 5 + connecttimeout: 5 + retrycount: 5 + retryinterval: -15 + retrylist: 408,429,500,502,503,504,900 + tenant: + default_keystone_url_version: /v2.0 + default_keystone_reg_ex: "/[vV][0-9]" + default_tenant_description: Tenant + default_region_type: single + default_user_role: admin + default_success_status_string: Success + default_no_regions_status_string: no regions + default_quota_value: 10 + set_default_quota: false +ecomp: + mso: + adapters: + po: + retryCodes: 504 + retryDelay: 5 + retryCount: 3 + pollTimeout: 7500 + pollInterval: 15 +mso: + logPath: ./logs/openstack + catalog: + db: + spring: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8082 + db: + auth: Basic YnBlbDptc28tZGItMTUwNyE= + site-name: localDevEnv + async: + core-pool-size: 50 + max-pool-size: 50 + queue-capacity: 500 +cloud_config: + identity_services: + RAX_KEYSTONE: + identity_url: "https://identity.api.rackspacecloud.com/v2.0" + mso_id: "RACKSPACE_ACCOUNT_ID" + mso_pass: "RACKSPACE_ACCOUNT_APIKEY" + admin_tenant: "service" + member_role: "admin" + tenant_metadata: true + identity_server_type: "KEYSTONE" + identity_authentication_type: "RACKSPACE_APIKEY" + cloud_sites: + Dallas: + region_id: "DFW" + clli: "DFW" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" + Northern Virginia: + region_id: "IAD" + clli: "IAD" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" + Chicago: + region_id: "ORD" + clli: "ORD" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" + DEFAULT: + region_id: "DFW" + clli: "DFW" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/templates/configmap.yaml b/kubernetes/so/charts/so-openstack-adapter/templates/configmap.yaml new file mode 100755 index 0000000000..48d9ef8820 --- /dev/null +++ b/kubernetes/so/charts/so-openstack-adapter/templates/configmap.yaml @@ -0,0 +1,33 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} +data: + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/templates/service.yaml b/kubernetes/so/charts/so-openstack-adapter/templates/service.yaml new file mode 100755 index 0000000000..031616a4f3 --- /dev/null +++ b/kubernetes/so/charts/so-openstack-adapter/templates/service.yaml @@ -0,0 +1,86 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "so/openstack", + "version": "v1", + "url": "/NetworkAdapter", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/openstack", + "version": "v1", + "url": "/NetworkAdapterAsync", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/openstack", + "version": "v1", + "url": "/TenantAdapter", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/openstack", + "version": "v1", + "url": "/VnfAdapter", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/openstack", + "version": "v1", + "url": "/VnfCloudifyAdapterImpl", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml new file mode 100755 index 0000000000..abd12c76dc --- /dev/null +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +image: onap/so/openstack-adapter:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8087 +logPath: ./logs/openstack/ +app: openstack-adapter +service: + type: ClusterIP + internalPort: 8087 + externalPort: 10300 + portName: so-optack-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + port: 8087 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/kubernetes/so/charts/so-request-db-adapter/Chart.yaml b/kubernetes/so/charts/so-request-db-adapter/Chart.yaml new file mode 100755 index 0000000000..9e7dd05e2a --- /dev/null +++ b/kubernetes/so/charts/so-request-db-adapter/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: A Helm chart for request-db-adapter +name: so-request-db-adapter +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..82117b03d5 --- /dev/null +++ b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,65 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# will be used as entry in DB to say SITE OFF/ON for healthcheck +server: + port: 8083 + tomcat: + max-threads: 50 +ssl-enable: false +mso: + logPath: logs + site-name: localSite + adapters: + requestDb: + auth: Basic YnBlbDptc28tZGItMTUwNyE= + endpoint: https://c1.vm1.mso.simpledemo.onap.org:8081 +spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + initialize: false + initialization-mode: never + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + jpa: + generate-ddl: false + show-sql: false + hibernate: + ddl-auto: validate + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + enable-lazy-load-no-trans: true + database-platform: org.hibernate.dialect.MySQL5InnoDBDialect + security: + usercredentials: + - + username: bpel + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +#Actuator +management: + context-path: /manage +flyway: + base-on-migrate: true + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} \ No newline at end of file diff --git a/kubernetes/so/charts/so-request-db-adapter/templates/configmap.yaml b/kubernetes/so/charts/so-request-db-adapter/templates/configmap.yaml new file mode 100755 index 0000000000..48d9ef8820 --- /dev/null +++ b/kubernetes/so/charts/so-request-db-adapter/templates/configmap.yaml @@ -0,0 +1,33 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} +data: + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/so-request-db-adapter/templates/service.yaml b/kubernetes/so/charts/so-request-db-adapter/templates/service.yaml new file mode 100755 index 0000000000..085d986eb4 --- /dev/null +++ b/kubernetes/so/charts/so-request-db-adapter/templates/service.yaml @@ -0,0 +1,149 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/services", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1" , + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/updateInfraRequest", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/getInfraRequest", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/getSiteStatus", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/updateServiceOperationStatus", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/initResourceOperationStatus", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/getResourceOperationStatus", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/updateResourceOperationStatus", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/infraActiveRequests/getCloudOrchestrationFiltersFromInfraActive", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/infraActiveRequests/getOrchestrationFiltersFromInfraActive", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/infraActiveRequests/checkVnfIdStatus/{operationalEnvironmentId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/reqdb", + "version": "v1", + "url": "/RequestsDbAdapter/infraActiveRequests/checkInstanceNameDuplicate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml new file mode 100755 index 0000000000..46ac09e8ee --- /dev/null +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +image: onap/so/request-db-adapter:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8083 +logPath: ./logs/reqdb/ +app: request-db-adapter +service: + type: ClusterIP + internalPort: 8083 + externalPort: 10700 + portName: so-reqdb-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + port: 8083 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/Chart.yaml b/kubernetes/so/charts/so-sdc-controller/Chart.yaml new file mode 100755 index 0000000000..5c9b234dc4 --- /dev/null +++ b/kubernetes/so/charts/so-sdc-controller/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: so-sdc-controller +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..f33737ddc2 --- /dev/null +++ b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml @@ -0,0 +1,86 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +aai: + auth: 2630606608347B7124C244AB0FE34F6F +server: + port: 8085 +spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + security: + usercredentials: + - + username: asdc + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: Asdc-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +request: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true +mso: + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 + logPath: ./logs/sdc + catalog: + db: + spring: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8082 + db: + auth: Basic YnBlbDpwYXNzd29yZDEk + site-name: onapheat + aai: + endpoint: https://aai.api.simpledemo.onap.org:8443 + asdc-connections: + asdc-controller1: + user: mso + consumerGroup: sdc-OpenSource-Env1 + consumerId: sdc-COpenSource-Env11 + environmentName: AUTO + asdcAddress: c2.vm1.sdc.simpledemo.onap.org:8443 + password: 613AF3483E695524F9857643B697FA51C7A9A0951094F53791485BF3458F9EADA37DBACCCEBD0CB242B85B4062745247 + pollingInterval: 60 + pollingTimeout: 60 + relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL + activateServerTLSAuth: false + keyStorePassword: + keyStorePath: + watchDogTimeout: 60 + isFitlerInEmptyResources: true + messageBusAddress: vm1.mr.simpledemo.onap.org,vm1.mr.simpledemo.onap.org + asdc: + config: + key: 566B754875657232314F5548556D3665 + components: + count: 3, + componentNames: SO,AAI,SDNC + scheduling: + enabled: false \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/templates/configmap.yaml b/kubernetes/so/charts/so-sdc-controller/templates/configmap.yaml new file mode 100755 index 0000000000..48d9ef8820 --- /dev/null +++ b/kubernetes/so/charts/so-sdc-controller/templates/configmap.yaml @@ -0,0 +1,33 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} +data: + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/templates/service.yaml b/kubernetes/so/charts/so-sdc-controller/templates/service.yaml new file mode 100755 index 0000000000..9746e3f151 --- /dev/null +++ b/kubernetes/so/charts/so-sdc-controller/templates/service.yaml @@ -0,0 +1,59 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "so/sdc", + "version": "v1", + "url": "/treatNotification/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/sdc", + "version": "v1", + "url": "/statusData/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml new file mode 100755 index 0000000000..903b490612 --- /dev/null +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +image: onap/so/asdc-controller:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8085 +logPath: ./logs/sdc/ +app: sdc-controller +service: + type: ClusterIP + internalPort: 8085 + externalPort: 10500 + portName: so-sdc-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + port: 8085 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml b/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml new file mode 100755 index 0000000000..b437fd337b --- /dev/null +++ b/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: so-sdnc-adapter +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..4479206ed3 --- /dev/null +++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,165 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +server: + port: 8086 +mso: + async: + core-pool-size: 50 + max-pool-size: 50 + queue-capacity: 500 + logPath: ./logs/sdnc + catalog: + db: + spring: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8082 + db: + auth: Basic cGFzc3dvcmQxJA== + site-name: onapheat +org: + onap: + so: + adapters: + sdnc: + '.': + put: PUT|60000|sdncurl5| + query: GET|60000|sdncurl2| + restdelete: DELETE|60000|sdncurl5| + '': + contrail-route-topology-operation: + activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + create: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + delete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + network-topology-operation: + activate: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + assign: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + changeassign: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + changedelete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + delete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + reserve: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + port-mirror-topology-operation: + activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + disable: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + enable: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + security-zone-topology-operation: + activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + create: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + delete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + service-homing-operation: + homing: POST|60000|sdncurl3|sdnc-homing-header|com:att:sdnctl:aicHoming + service-topology-operation: + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + delete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + rollback: POST|270000|sdncur10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + svc-topology-operation: + activate: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi + assign: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi + delete: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi + vnf-topology-operation: + activate: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + assign: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + changeassign: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + changedelete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + delete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf + bpelauth: cGFzc3dvcmQxJA== + bpelurl: http://c1.vm1.mso.simpledemo.onap.org:8081/mso/SDNCAdapterCallbackService + generic-resource: + network-topology-operation: + activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + vf-module-topology-operation: + activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + changeassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + changedelete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + delete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + rollback: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + vnf-topology-operation: + activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + changeassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + changedelete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + deactivate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + delete: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + rollback: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + infra: + '': + query: GET|60000|sdncurl5| + mobility: + '': + query: GET|60000|sdncurl5| + myurl: http://c1.vm1.mso.simpledemo.onap.org:8081/adapters/rest/SDNCNotify + rest: + bpelurl: http://c1.vm1.mso.simpledemo.onap.org:8081/mso/WorkflowMessage + sdncauth: 406B2AE613211B6FB52466DE6E1769AC + sdncconnecttime: 5000 + sdncurl10: 'http://c1.vm1.sdnc.simpledemo.onap.org:8282/restconf/operations/GENERIC-RESOURCE-API:' + sdncurl11: 'http://c1.vm1.sdnc.simpledemo.onap.org:8282/restconf/operations/VNFTOPOLOGYAIC-API:' + sdncurl12: http://c1.vm1.sdnc.simpledemo.onap.org:8282/ + sdncurl5: http://c1.vm1.sdnc.simpledemo.onap.org:8282/restconf/config + sdncurl6: 'http://c1.vm1.sdnc.simpledemo.onap.org:8282/restconf/operations/VNF-API:' + sdncurl8: 'http://c1.vm1.sdnc.simpledemo.onap.org:8282/restconf/operations/NBNC-API:' + sdncurl9: http://c1.vm1.sdnc.simpledemo.onap.org:8282/restconf/operations/NORTHBOUND-API:service-topology-operation + service: + infra: + service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1 + service-topology-infra-assign-operation: POST|120000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1 + service-topology-infra-delete-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1 + service-topology-infra-release-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1 + vfmodule: + '': + query: GET|60000|sdncurl12| +spring: + security: + usercredentials: + - + username: sdnc + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SDNC-Client + - + username: sitecontrol + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SiteControl-Client + - + username: bpel + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - + username: sniro + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SNIRO-Client + - + username: apih + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: MSO-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/templates/configmap.yaml b/kubernetes/so/charts/so-sdnc-adapter/templates/configmap.yaml new file mode 100755 index 0000000000..48d9ef8820 --- /dev/null +++ b/kubernetes/so/charts/so-sdnc-adapter/templates/configmap.yaml @@ -0,0 +1,33 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} +data: + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/charts/so-sdnc-adapter/templates/service.yaml new file mode 100755 index 0000000000..39f96a7ffa --- /dev/null +++ b/kubernetes/so/charts/so-sdnc-adapter/templates/service.yaml @@ -0,0 +1,59 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "so/sdnc", + "version": "v1", + "url": "/SDNCAdapter", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/sdnc", + "version": "v1", + "url": "/SDNCNotify/SNIROResponse/{correlator}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1", + "lb_policy":"ip_hash" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml new file mode 100755 index 0000000000..0402e6fc7d --- /dev/null +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +image: onap/so/sdnc-adapter:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8086 +logPath: ./logs/sdnc/ +app: sdnc-adapter +service: + type: ClusterIP + internalPort: 8086 + externalPort: 10400 + portName: so-sdnc-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + port: 8086 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/charts/so-ssl-certs/Chart.yaml b/kubernetes/so/charts/so-ssl-certs/Chart.yaml new file mode 100755 index 0000000000..02cf08f191 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: A Helm chart for SSL certs secrets +name: so-ssl-certs +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/keystore_password b/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/keystore_password new file mode 100755 index 0000000000..41c04e7f86 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/keystore_password @@ -0,0 +1 @@ +bXNvNHlvdQ== diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/readme.txt b/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/readme.txt new file mode 100755 index 0000000000..4a8a4275f4 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/readme.txt @@ -0,0 +1 @@ +kubectl create -f create_secret.yaml diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/truststore_password b/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/truststore_password new file mode 100755 index 0000000000..d2a72132ae --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/client-certs/truststore_password @@ -0,0 +1 @@ +bXNvX0RvbWFpbjIuMF80eW91 diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/cadi_keystore_password b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/cadi_keystore_password new file mode 100755 index 0000000000..4c48983d35 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/cadi_keystore_password @@ -0,0 +1 @@ +QT9kUmF3S0F6Z3RjbSZKZ1RoSDBAZ2Fi \ No newline at end of file diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/cadi_truststore_password b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/cadi_truststore_password new file mode 100755 index 0000000000..8df3b708b4 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/cadi_truststore_password @@ -0,0 +1 @@ +NDRDLGVJYV4wZ1U7NyxlME5SZnpPRUJL \ No newline at end of file diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/mso-server-key-store.jks b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/mso-server-key-store.jks new file mode 100755 index 0000000000..cdb7ff9d3d --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/mso-server-key-store.jks @@ -0,0 +1 @@ +/u3+7QAAAAIAAAABAAAAAQAWbTE5MzIwQGRldi5tc28uYXR0LmNvbQAAAWTrzumRAAAFATCCBP0wDgYKKwYBBAEqAhEBAQUABIIE6eDdUV9yjx02khFU1J5CPji8WbtA6j5R8qi3XpoRaaap7dFGLE69CL895XzZV+ngWbyYFvl2hdKTwuyQY8MESb53gttlGRHQ1gD2pS/TseNsZA/X4YMdcaB0n7JrPOG+qHedV128iL4HY3C63xLvi+YnwInmafiYRdFM//UZJzWbGiVwP96aUb5ZSg3yFVKBkNP6l9IIHQKQr66DN5kPxJ5D5tScBcxgePP08MO9ec+Pfgyc9yJawnFCbEL3gncePanYY6rU/KsMQ2DLhaHV+c8GAs1IrRjUTxiCJr8c/bC6Omp8BnSzhmPcNWHcov92adCDJI2xRfo1/CJZuCAw5XVLbPwjcGQr6x1Z8UiYi6hx1b9O+3hh6UyIqXrD+Q47J9mNrFm9vDPOJwRWtYbbQFra3S8ogyUfS2gqd+O9GnXLbRzJbju3Bz4FbiLdBfN/ubI5QkePDLbTXi5AawMLlJ6MndXhKKwhaEUgz36qJJhJ4c+enw3ktcingE6L6Vdmxw9/5OIQJgP8IRJ3zM2OBfVBGbeNeS2zQJuCORMUvJg1/mE5Q0WepyOIs0CSLaUsuwt+0wcwda1sa5jjRjmgoJwnadL3Isb1THkcCvBxBBszAVSqODDDj4zzSeLEc7Fr7ikrJcTFTrNZ7/z2W4SlUfIkCo+llnXVYUeY6OpGgdLm3Lndb1yJ3NJCnFtr9xRbY6Ph+cE6ON1VwrTn+ZrlBvzkZC4qp6PU59w+ZI4BuY2SraknOgZeKRLpGnS6hqAaonwV/O6lsQVuptrKSa7blYwLeC+eDqApvM8lzUb2DHj7REMjcTqqCIWhjZsLBKsnozSmhTHHUsjFO0L8lgV1tR7ZE8uYHJyRROyerXChAmWv8WUgdAIbLZM48HyXFxXjOjfyVd3z1GMgDVq25uKxmCudr9fVC4TWAynIqV1ngUiTLrkX7jaHBBJSozI4ybuUhFhcUAp97hC/Xes9bPkcPM0J/WKcwm+KgiS4/nHvsdS0AOxUCgzQSzE/JHDgraxJUe49p4wREjaVpqbgWC4gLBGsVRR0dbN4pEQc76q6fx87TriUOxy/aNBA2x7r0/MKqKewmIRgHrQ85L/iayYf33Hkfemix5Ir0pczPlkc6J5olzliSpUAT9/Z+P1L6gTmlg9yvlrqAbA+0BP1AiwRmIr2DePqzJ4JhOWcnSaXXVUWW7YJoPZXKxMnXhNkrISc5lAeOGtleUxLzL1qv/DqJbaAsP4yImT/81owXTdTvpvqDPgi0/HAET40QCHNMGlddT201/sLTxaRl0Jw2nkqB9trO4Q1orqVWRvaxIrT/B0Henql8qlBFZydn+oaTh93g5Mb4od11kbLWgGPkCsnaM44tSTw6olOz51dnSPT/W4EnUgxsbnoSIZTh7GBl+/6V9Idxl3eKOj3mIrHl+5TcTudoAO37iNf2jeyN5Sgma5GbvlWqScESBj4b+X39yCtJrXzcyUlfPkzm+JY/aPdzuOs5JFwEp55+/V+aIc91joiv4qo8OvIsq82X/+CM6P1v/RlVOLhuUcGl2MkwtGJW0pCoxCu4CHIHdVZsDY7lqRJoxHAKamGi/Xxkyh2J9U5AJjk5lLekXd/xeSlW2w+lPURrCLxEVllMgbraWz7o0TK4Ujz9qFkuQwc8ZZFeh0T+2EZZYUs1H954AAAAAMABVguNTA5AAAJkDCCCYwwggh0oAMCAQICE1IAAAn6oIn4H22KmpAAAAAACfowDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA0FUVDEMMAoGA1UECxMDQ1NPMSgwJgYDVQQDEx9BVFQgQUFGIENBREkgVGVzdCBJc3N1aW5nIENBIDAyMB4XDTE4MDczMDE1MTkyM1oXDTE5MDEzMDE1MjkyM1owgcgxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNaXNzb3VyaTERMA8GA1UEBxMIU3QgTG91aXMxGjAYBgNVBAoTEUFUVCBTZXJ2aWNlcyxJbmMuMSMwIQYDVQQLDBptMTkzMjBAZGV2Lm1zby5hdHQuY29tOklTVDEwMC4GA1UEAxMnbXNvLWhvdGZpeDEtaGEwMS5lY29tcC5pZG5zLmNpcC5hdHQuY29tMSAwHgYJKoZIhvcNAQkBFhFycDY3NjhAdXMuYXR0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPKfFcl3UYXKPzt+Qd9C8atkPH2U4wk+LUE0HiXE9ei6wykYB1/ajV47gerU+iBSlb1TPOsTXD6Be+2ybXUVui2D6RKCbiQXAsukbwYb/0Br2TML6EXZLPeaDtivDUYscs3nngB640mEV5CXISQ7zliYwa4LpCLRC7kgNK8n1tUmrXRkn7UcwFRNnzJgHwY5Q7oBHIt/bkMsjwLFA4wRM3ZkzoJY3M5J3TGlVRP0AgnNjSEixOCKxErSlDVdVtKkrQGF6i3iSdiBeUJHc/uWPwzBsNJmM7V8foBIbs+4yhUZfSOsCrpIre5PuwoOPSZQpJ2hKL2nw8GFHsmgfHtAVwcCAwEAAaOCBeEwggXdMIIEwQYDVR0RBIIEuDCCBLSCJ21zby1ob3RmaXgxLWhhMDEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIZbXNvLWFwaS1oYW5kbGVyLWluZnJhLXN2Y4InbXNvLWFwaWgtZGV2MS1zMS5lY29tcC5pZG5zLmNpcC5hdHQuY29tgidtc28tYXBpaC1kZXYxLXMyLmVjb21wLmlkbnMuY2lwLmF0dC5jb22CJ21zby1hcGloLWRldjItczEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYInbXNvLWFwaWgtZGV2Mi1zMi5lY29tcC5pZG5zLmNpcC5hdHQuY29tgiptc28tYXBpaC1ob3RmaXgxLXMxLmVjb21wLmlkbnMuY2lwLmF0dC5jb22CF21zby1hc2RjLWNvbnRyb2xsZXItc3Zjgidtc28tYnBtbi1kZXYxLXMxLmVjb21wLmlkbnMuY2lwLmF0dC5jb22CJ21zby1icG1uLWRldjEtczIuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYInbXNvLWJwbW4tZGV2Mi1zMS5lY29tcC5pZG5zLmNpcC5hdHQuY29tgidtc28tYnBtbi1kZXYyLXMyLmVjb21wLmlkbnMuY2lwLmF0dC5jb22CKm1zby1icG1uLWhvdGZpeDEtczEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYISbXNvLWJwbW4taW5mcmEtc3Zjghptc28tY2F0YWxvZy1kYi1hZGFwdGVyLXN2Y4IobXNvLWNhdGRiLWRldjEtczEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIobXNvLWNhdGRiLWRldjEtczIuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIobXNvLWNhdGRiLWRldjItczEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIobXNvLWNhdGRiLWRldjItczIuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIrbXNvLWNhdGRiLWhvdGZpeDEtczEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIkbXNvLWRldjEtaGEwMS5lY29tcC5pZG5zLmNpcC5hdHQuY29tgiRtc28tZGV2MS1oYTAyLmVjb21wLmlkbnMuY2lwLmF0dC5jb22CJ21zby1ob3RmaXgxLWhhMDIuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIZbXNvLW9wZW5zdGFjay1hZGFwdGVyLXN2Y4IebXNvLXJlcXVlc3QtZGItYWRhcHRlci1hdHQtc3Zjghptc28tcmVxdWVzdC1kYi1hZGFwdGVyLXN2Y4IUbXNvLXNkbmMtYWRhcHRlci1zdmOCJ21zby1zZG5jLWRldjEtczEuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYInbXNvLXNkbmMtZGV2MS1zMi5lY29tcC5pZG5zLmNpcC5hdHQuY29tgidtc28tc2RuYy1kZXYyLXMxLmVjb21wLmlkbnMuY2lwLmF0dC5jb22CJ21zby1zZG5jLWRldjItczIuZWNvbXAuaWRucy5jaXAuYXR0LmNvbYIqbXNvLXNkbmMtaG90Zml4MS1zMS5lY29tcC5pZG5zLmNpcC5hdHQuY29tMB0GA1UdDgQWBBR2DMIWdySIoXCIDC8av43NdNTujzAfBgNVHSMEGDAWgBQoDqF6xyzICzN6SMENsBQadLIADzBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vYWFmY3JsLml0LmF0dC5jb20vYWFmY2FkaS10ZXN0LXNlcnZlcnMwMi5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vYWFmY3JsLml0LmF0dC5jb20vYWFmY2FkaS10ZXN0LXNlcnZlcnMwMi5jcnQwPwYJKwYBBAGCNxQCBDIeMABJAFAAUwBFAEMASQBuAHQAZQByAG0AZQBkAGkAYQB0AGUATwBmAGYAbABpAG4AZTANBgkqhkiG9w0BAQsFAAOCAQEArDNdMdFZ/fP2qPV2A3mg+tuEGcWO1g8pMNisG5Qc2dX1jjQcYdLyLCzDzsMNaCSOtbHUHA6iqze3ID43gp6faYKPSSr+NK22KSoHXVoadYvnIy3zTky/+E2wJ7XqxLf3U2yDWVwki4Dz+zdpvoy99wPCoatLZmxhs3lto88d44jN4Djhqo7xD4FzpybvH7hBpdrKMILUZKx33WiE0L/ymMP9JMSmPKJ4hvs9MNuwLTSR/6L6TSKeMq8GEJSR9ob/ZoA7Tj77oNwV4abizEd6165l0Rcu+wLshJDbe5bCZVFQCBli1AjA17DsMl5kC97ez/IlQlyy9R2bhdhk/xFfhgAFWC41MDkAAAR8MIIEeDCCA2CgAwIBAgIKYQRT6QAAAAAACjANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJVUzEMMAoGA1UEChMDQVRUMQwwCgYDVQQLEwNDU08xHTAbBgNVBAMTFEFUVCBBQUYgQ0FESSBURVNUIENBMB4XDTE2MTAwNDEyNTQ0OVoXDTIxMTAwNDEzMDQ0OVowUzELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA0FUVDEMMAoGA1UECxMDQ1NPMSgwJgYDVQQDEx9BVFQgQUFGIENBREkgVGVzdCBJc3N1aW5nIENBIDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9je7y3hwb/d0ISYTZK1cdDyCdjAIyZorPnQxwp2dNOhoHsd+JMsUn8DtDu+f+PFFQ+szCOU64+Z2sRRhCOjw47ulmmFQvJ7aRDlMcHuKhsF6uZV/IckATP6bWlZl5DxBNzEWj9d/cSNX06VDl+6FngaGqGApvUrxBY13nOACd2ofBN7KTaZT3bpIh6k66RkVUOmTXLl18AeKpn7uj/COqGWDUkI0aEtUoqwlPQoAoERU/AlncYW4wtf/bCaapWvSs9uASSOzmw9SZ+Z21IU1H9xw7PjwRZtcQAiLayinMOepeAslkm74nmsjX+88XxxrZs4IkolWut6DMvDj88enwIDAQABo4IBVzCCAVMwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFCgOoXrHLMgLM3pIwQ2wFBp0sgAPMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFBZRX9l5slicubTi/gOljxKxiy+FMEcGA1UdHwRAMD4wPKA6oDiGNmh0dHA6Ly9hYWZjcmwuaXQuYXR0LmNvbS9hYWZjYWRpLXRlc3QtaW50ZXJtZWRpYXRlLmNybDBSBggrBgEFBQcBAQRGMEQwQgYIKwYBBQUHMAKGNmh0dHA6Ly9hYWZjcmwuaXQuYXR0LmNvbS9hYWZjYWRpLXRlc3QtaW50ZXJtZWRpYXRlLmNydDApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwEGCisGAQQBgjcUAgEwDQYJKoZIhvcNAQELBQADggEBAJMrFqAzVkpbKTZ7NT8uEU94EJKs2FqsfSAtVUtAdJoiwKaSqMdvwMVBNQNcDBf7XF0bDPbUbMKJiEAZGWg9ZNtoXD4YokvAgae0Lh2RPu1GxoBpzxhGeyuNRXoUSsHbs/5UgJyWDj8fi9aJRuT3zSSrEENnKUJn1sXRAXvZWz8wVZI7EB1xaW6W6MYzg5eXpMd+AKGxDnHbMhgGdrMZMqhY5s7XxQmB/9T2oFtsduor374rDgJheMEELhiI1mA8TBDx5HnQVOn+C+fKFhc8TA584ZdRwN+DzBRuuaDZa9OZhUm/G+Hi1km8CRzcsYf35f6PNa5TxIkShRBDRIQU/s8ABVguNTA5AAAEVTCCBFEwggM5oAMCAQICCmECXqIAAAAAAA0wDQYJKoZIhvcNAQEFBQAwUzELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA0FUVDEMMAoGA1UECxMDQ1NPMSgwJgYDVQQDEx9BVFQgRW50ZXJwcmlzZSBJbnRlcm5hbCBSb290IENBMB4XDTE2MDgzMTEyMDUzNloXDTI2MDgzMTEyMTUzNlowSDELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA0FUVDEMMAoGA1UECxMDQ1NPMR0wGwYDVQQDExRBVFQgQUFGIENBREkgVEVTVCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL1G8yB2Cd0bIajD+9CNUmOdTB0YQHS9NetWoHI9pKz+jLyIYEZyqZ1540vr2LITC3vWiWBhnZelbLvqbK/46zTEp8d7xQaD7y52xCQpamTNRaOLYE8hwvB2YuqbRAFNVMgJxIK24HBOHRdTzneVmYYVPJwR2TW2YDAWY/v0wKAZuT0Im0fikqojyi/3cGpoYweI5TQppNKBEnB180fFOMfwL6Xf7HD748NLDUnrvhBQgoKvEQZpzalwhFnh5zB6RyYnrwKftfyRZDYt0mb0kmJ4ubVyQNXs+vTDdI1yTGEO4/4/Jm0Tv0h9RqiuO+XyaTGuN9E1YoDbvXnJ58J4pJkCAwEAAaOCATAwggEsMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBQWUV/ZebJYnLm04v4DpY8SsYsvhTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBSZHo0oHLdK+j4K6CCoCpuk2wBs5TBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vdXZlcnNlbWVkaWEuY3NvLmF0dC5jb20vY3JsL2F0dF9pbnRlcm5hbF9yb290LmNybDBUBggrBgEFBQcBAQRIMEYwRAYIKwYBBQUHMAKGOGh0dHA6Ly91dmVyc2VtZWRpYS5jc28uYXR0LmNvbS9haWEvYXR0X2ludGVybmFsX3Jvb3QuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQB4a6ReGBnTGKaN1R4oEUVd2fJk91PA1lNCsaTRz93wa8Ooyk/IKBR05ymGD1lAUNet1y6/bSNt01TQHGx+SHFjCCLZ7tapSknEnYN//urqQ9hw3/IOfByWyRy2apTLp8TLG33b/pZ3bEn43Za/6GKsaZzXmx3F65t5NA1TOKogUa3ZTsknJjR4tYWrxuCLRF+ggZRGmcV1e+pbFtGlZ18t9sF89crxRg3WY/q/MK3ND6rKH/xk03FfmPO4/r3U9Gc4IqqD58lxE8z7faftyNaSCPL60+2NpO+npHDawvakyQrw+ZTafElCWVfx8smObi2wmwOUqSu3fHZPWJVgZrDCgSJjtpgAxwJZjgWqqGWm38+cNXM= \ No newline at end of file diff --git a/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/mso-trust-store.jks b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/mso-trust-store.jks new file mode 100755 index 0000000000..d659ed8294 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/resources/config/server-certs/mso-trust-store.jks @@ -0,0 +1 @@ +/u3+7QAAAAIAAAAHAAAAAgAIY2FfYWFmXzIAAAFk687pkgAFWC41MDkAAASYMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLzAAAAAgAIY2FfYWFmXzEAAAFk687pkgAFWC41MDkAAAOzMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4AAAACAAhjYV9hYWZfMAAAAWTrzumSAAVYLjUwOQAAA4UwggOBMIICaaADAgECAhBWXvBYii7isEvy+S294wIkMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNBVFQxDDAKBgNVBAsTA0NTTzEoMCYGA1UEAxMfQVRUIEVudGVycHJpc2UgSW50ZXJuYWwgUm9vdCBDQTAeFw0xMzExMjEwMzU4MjVaFw0zODExMjEwNDA4MjVaMFMxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNBVFQxDDAKBgNVBAsTA0NTTzEoMCYGA1UEAxMfQVRUIEVudGVycHJpc2UgSW50ZXJuYWwgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJqOhgyilRJEGMVM5+Bk3hjSflwhY0dNCxXWkAmHuTWY6alP1oQhfMC1RsXh6kWn9glZrHv157E4Oo0cARvb0hwcwZcg1hTUWb4WSZkVH8g7QScbnWPaDbeVUhci43LKPv0Sch8F6GkTfyUtdxTY3l8hAEHkYjElT6ICY3WrNnVo+DmnAo/Dask91Nkvyld4R/msXDueMQCgDHDDIWo5qvHkz0sK9mJfD2EYO/Ylzb/3hxo/+u5avJqxXbBZgfmh90LnvbPwDjiggMwa8AhwpgYeVEDhWOuw4rnoTk/NtqQFjEO1il0vzUfcV6CS4OmkILRe2W1q12cVpaHEwCIEeFUCAwEAAaNRME8wCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJkejSgct0r6PgroIKgKm6TbAGzlMBAGCSsGAQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQCG9iOwv3JRJDDIUxI45eu+3s/TmBN0lMEvoJm+1X8GEIrI3qGgmdeutJAr3E1GiYrZ9IL2ittF4xLNAF5zXDS7bxP0rR1X3HlJ7PZR/pklVSyW9/mD2NIb35ov+nbGrHrtEY1vA7rEu3rdZ3knVKRRsxiG1MUvTlP9z3CNAxQLTLZ5Dixc8WgY1SkUY5KVnR8bui7l46Bb4ON3V9ZyI+9Zhqng+2aHe0It5NyWiB/Jd5vw/9m5XxH964zab5lmppwuaxrpri7A8Z8M3YaQV5vFz1+y41epMkzao+WQuHvLos8MORya3MHIOYYco1w29u5mNDVY0vBwjhRyD9TJZ8LVAAAAAgAIY2FfYWFmXzYAAAFk687pkgAFWC41MDkAAATXMIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNqAAAAAgAIY2FfYWFmXzUAAAFk687pkgAFWC41MDkAAAU8MIIFODCCBCCgAwIBAgIQUT+5dDhwtzRAQY0wkwaZ/zANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJbA3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzus3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8TL9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVKFpd6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBYzCCAV8wEgYDVR0TAQH/BAgwBgEB/wIBADAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vczEuc3ltY2IuY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wawYDVR0gBGQwYjBgBgpghkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vY3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBhMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTUzNDAdBgNVHQ4EFgQUX2DPYZBV34RDFIpgKrL1evRDGO8wHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQELBQADggEBAF6UVkndji1l9cE2UbYD49qecxnyH1mrWH5sJgUs+oHXXCMXIiw3k/eG7IXmsKP9H+IyqEVv4dn7ua/ScKAyQmW/hP4WKo8/xabWo5N9Q+l0IZE1KPRj6S7t9/Vcf0uatSDpCr3gRRAMFJSaXaXjS5HoJJtGQGX0InLNmfiIEfXzf+YzguaoxX7+0AjiJVgIcWjmzaLmFN5OUiQt/eV5E1PnXi8tTRttQBVSK/eHiXgSgW7ZTaoteNTCLD0IX4eRnh8OsN4wUmSGiaqdZpwOdgyA8nTYKvi4Os7X1g8RvmurFPW9QaAiY4nxug9vKWNmLT+sjHLF+8fk1A/yO0+MKccAAAACAAhjYV9hYWZfNAAAAWTrzumSAAVYLjUwOQAABfAwggXsMIIE1KADAgECAhBuzHqlpwMgCbjOvPTpUtSRMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA2IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNTAeFw0xMDAyMDgwMDAwMDBaFw0yMDAyMDcyMzU5NTlaMIG1MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGHhB/CDEX1vKsll6etoj6cuvbBObiLysKsVsblu2WORE9Nzm/tCUrUr04QnGiLLpV7iZsTyuI0NMHzW/NJe2KDSIF00Yh4bAJT+bx/QyZXWDODOzMKF7DQTpEkrYZ9ZBLcdEo0oR0K6pYdCxX8o0s7zmOI0PgtDJSGEMq2mj3K6zecAEg1hilQeOhFY80ZQU/1lex7mNTEcbNQviizj6C5U5z1yiwjqf0UBugYtJroPG6B/eTNNTazUdNp7BK6Vm5vm1fFixTnDsec7UpUaslNxb8Rsa4cZ4HLRFUzmX8kmz9TRX+GGvM8+m1/gfW4StP1hTcctabQCeQYezhO+g8CAwEAAaOCAd8wggHbMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AudmVyaXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwcAYDVR0gBGkwZzBlBgtghkgBhvhFAQcXAzBWMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vY3BzMCoGCCsGAQUFBwICMB4aHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy1nNS5jcmwwDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMCgGA1UdEQQhMB+kHTAbMRkwFwYDVQQDExBWZXJpU2lnbk1QS0ktMi02MB0GA1UdDgQWBBQNRFwWU0TBgn4dIKsl9AFj2L55pTAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkqhkiG9w0BAQUFAAOCAQEADIMk793DDNlYnP42tuuKgEvRo/ed88xT74Keo6Hml8FYnXVs4B0bTPrRwS0FwOpusiJwVdkgM0AzB8Jlg/qPQzeb6g6abHDu9pyAO9k39Hpt7NAYfUlKypnHGSiivth3JPeFJoZthwVAQWfRJzrt3EgdIs0LC4u89LF7/bSZqOl2KuEaLYdudNOI3R4ixt8WtiuCFAqUXPJQ7K/O/2I3Da1l0wZBU+0CFMi1WCihrOBb7LN/lUr7A8itJtvmZngSStmfQvvhmOZCg5uPj2ck6GEZtd3NtQsmBY7DbsTIdbhGz+IYBl6prqiBmkcW3gwobCUnud63hFjGHzgepMTLZgAAAAIACGNhX2FhZl8zAAABZOvO6ZIABVguNTA5AAADkjCCA44wggJ2oAMCAQICEAM68eanEamguyhksR0J+uUwDQYJKoZIhvcNAQELBQAwYTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4GA1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs3zTTce2vJsmiQrUp1/0a6IQoIjfUZVMn7iNvzrvI6iZE8euarBhprz6wt6F4JJES6Ypp+1qOofuBUdSAFrFC3nGMabDDc2h8Zsdce3v3X4MuUgzeu7B9DTt17LNK9LqUv5Km4rTrUmaS2JembawBgkmD/TyFJGPdnkKthBpyP8rrptOmSMmu181foXRvNjB2rlQSVSfM1LZbjSW3dd+P7SUu0rFUHqY+Vs7Qju0xtRfD2qbKVMLT9TFWMJ0pXFHyCnc1zktMWSgYMjFDRjx4Jvheh5iHK/YPlELyDpQrEZyj2cxQUPUZ2w4cUiSE0Ta8PRQymSaG6u5zFsTODKYUCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQBgZyiUbw5IY+sx3epnGNWJfTzFi0p/6b7bKxffsF9zdyoyEzmBZ0KEI/JFZzXsiL/4j7BhDDSkriBMhMbb+DXhdtnfpkK7x0QIhn82dCRa2mwNFFk1vfJJ3bYfybMNRyo9mS+7XLu11CDhmV9TRhXbaJvw8zDVPjHijYSe44ra2pY+NROlX/D5cFBwR0ERVxlOwI+uBsSVExcvGyWfdfKxjpmhbxOxQXH+iCrITxAgVdfzFEXl4ET06oeVMpMO/lNG+iyd/4siuUvZCUWk3qS4mljdG31Sn45ZQ4iBpJ4m1W+t3Q3GN33tA5Ib5Xdfdu48jcRdVlui2WZuszU35TK2KV9VX9oEme/cGMQIWiy/Rslxrl8= \ No newline at end of file diff --git a/kubernetes/so/charts/so-ssl-certs/templates/secrets.yaml b/kubernetes/so/charts/so-ssl-certs/templates/secrets.yaml new file mode 100755 index 0000000000..2dcd08b451 --- /dev/null +++ b/kubernetes/so/charts/so-ssl-certs/templates/secrets.yaml @@ -0,0 +1,45 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + {{- $psyamlpath := printf "resources/config/server-certs/cadi_keystore_password" }} + {{- $tsyamlpath := printf "resources/config/server-certs/cadi_truststore_password" }} + cadi_keystore_password: {{ .Files.Get $psyamlpath | trimSuffix "\n" }} + cadi_truststore_password: {{ .Files.Get $tsyamlpath | trimSuffix "\n" }} +metadata: + name: {{ .Release.Name}}-so-ssl-pwd-secret + namespace: {{ include "common.namespace" . }} +kind: Secret +--- +apiVersion: v1 +data: + {{- $csjksyamlpath := printf "resources/config/server-certs/mso-server-key-store.jks" }} + {{- $tsjksyamlpath := printf "resources/config/server-certs/mso-trust-store.jks" }} + mso-server-key-store.jks: {{ .Files.Get $csjksyamlpath | trimSuffix "\n" }} + mso-trust-store.jks: {{ .Files.Get $tsjksyamlpath | trimSuffix "\n" }} +metadata: + name: {{ .Release.Name}}-so-ssl-secret + namespace: {{ include "common.namespace" . }} +kind: Secret +--- +apiVersion: v1 +data: + {{- $kpyamlpath := printf "resources/config/client-certs/keystore_password" }} + {{- $tpyamlpath := printf "resources/config/client-certs/truststore_password" }} + keystore_password: {{ .Files.Get $kpyamlpath | trimSuffix "\n" }} + truststore_password: {{ .Files.Get $tpyamlpath | trimSuffix "\n" }} +metadata: + name: {{ .Release.Name}}-so-ssl-client-secret + namespace: {{ include "common.namespace" . }} +kind: Secret \ No newline at end of file diff --git a/kubernetes/so/charts/so-vfc-adapter/Chart.yaml b/kubernetes/so/charts/so-vfc-adapter/Chart.yaml new file mode 100755 index 0000000000..9a6f6a0a50 --- /dev/null +++ b/kubernetes/so/charts/so-vfc-adapter/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: so-vfc-adapter +version: 2.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..6c26671296 --- /dev/null +++ b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,43 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +logging: + path: logs +spring: + datasource: + driver-class-name: org.mariadb.jdbc.Driver + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true +server: + port: 8084 + tomcat: + max-threads: 50 +mso: + site-name: localSite + logPath: ./logs/vfc + adapters: + requestDb: + auth: Basic YnBlbDptc28tZGItMTUwNyE= + endpoint: https://c1.vm1.mso.simpledemo.onap.org:8081 +#Actuator +management: + security: + enabled: false + basic: + enabled: false \ No newline at end of file diff --git a/kubernetes/so/charts/so-vfc-adapter/templates/configmap.yaml b/kubernetes/so/charts/so-vfc-adapter/templates/configmap.yaml new file mode 100755 index 0000000000..48d9ef8820 --- /dev/null +++ b/kubernetes/so/charts/so-vfc-adapter/templates/configmap.yaml @@ -0,0 +1,33 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} +data: + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..d235545aa3 --- /dev/null +++ b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml @@ -0,0 +1,144 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/charts/mariadb/templates/service.yaml b/kubernetes/so/charts/so-vfc-adapter/templates/service.yaml old mode 100644 new mode 100755 similarity index 84% rename from kubernetes/so/charts/mariadb/templates/service.yaml rename to kubernetes/so/charts/so-vfc-adapter/templates/service.yaml index eeebdcbae2..bbe5f277eb --- a/kubernetes/so/charts/mariadb/templates/service.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T USA # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Service metadata: @@ -27,12 +26,13 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - {{- end}} name: {{ .Values.service.portName }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml new file mode 100755 index 0000000000..3007a2fc8b --- /dev/null +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2018 AT&T USA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +image: onap/so/vfc-adapter:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8084 +logPath: ./logs/vfc/ +app: vfc-adapter +service: + type: ClusterIP + internalPort: 8084 + externalPort: 10600 + portName: so-vfc-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + port: 8084 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml old mode 100644 new mode 100755 index 9b24f824d5..2b88f5f7c4 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - dependencies: - name: common version: ~2.0.0 diff --git a/kubernetes/so/resources/config/log/filebeat/filebeat.yml b/kubernetes/so/resources/config/log/filebeat/filebeat.yml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.apihandler-infra.xml b/kubernetes/so/resources/config/log/logback.apihandler-infra.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.appc.xml b/kubernetes/so/resources/config/log/logback.appc.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.asdc.xml b/kubernetes/so/resources/config/log/logback.asdc.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.bpmn.xml b/kubernetes/so/resources/config/log/logback.bpmn.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.msorequestsdbadapter.xml b/kubernetes/so/resources/config/log/logback.msorequestsdbadapter.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.network.xml b/kubernetes/so/resources/config/log/logback.network.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.sdnc.xml b/kubernetes/so/resources/config/log/logback.sdnc.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.tenant.xml b/kubernetes/so/resources/config/log/logback.tenant.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.vfc.xml b/kubernetes/so/resources/config/log/logback.vfc.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.vnf.xml b/kubernetes/so/resources/config/log/logback.vnf.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/log/logback.workflow-message-adapter.xml b/kubernetes/so/resources/config/log/logback.workflow-message-adapter.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/mso/encryption.key b/kubernetes/so/resources/config/mso/encryption.key old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/mso/onap-ca-new.crt b/kubernetes/so/resources/config/mso/onap-ca-new.crt old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/mso/onap-ca.crt b/kubernetes/so/resources/config/mso/onap-ca.crt old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/mso/standalone-full-ha-mso.xml b/kubernetes/so/resources/config/mso/standalone-full-ha-mso.xml old mode 100644 new mode 100755 diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..99c76cdbbd --- /dev/null +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -0,0 +1,123 @@ +server: + port: 8080 + tomcat: + max-threads: 50 +ssl-enable: false +mso: + msoKey: "07a7159d3bf51a0e53be7a8f89699be7" + logPath: logs + site-name: onapheat + adapters: + requestDb: + endpoint: http://c1.vm1.mso.simpledemo.onap.org:8083 + auth: YnBlbDptc28tZGItMTUwNyE= + catalog: + db: + spring: + endpoint: "http://c1.vm1.mso.simpledemo.onap.org:8082" + db: + auth: Basic cGFzc3dvcmQxJA== + config: + path: /src/main/resources/ + infra: + default: + alacarte: + orchestrationUri: /mso/async/services/ALaCarteOrchestrator + recipeTimeout: 180 + testApi: VNF_API + service: + macro: + default: + testApi: GR_API + apih: + homing: + sdna: + url: http://c1.vm1.mso.simpledemo.onap.org:8086/ + password: 4112B789E942B161228F7D5AFC654C0F + bpelURL: http://c1.vm1.mso.simpledemo.onap.org:8082/ + bpelAuth: 786864AA53D0DCD881AED1154230C0C3058D58B9339D2EFB6193A0F0D82530E1 + camundaURL: http://c1.vm1.mso.simpledemo.onap.org:8082/ + camundaAuth: 5119D1AF37F671FC01FFAD2151D93EFB2BBB503E879FD07104D024EDDF118FD1 + async: + core-pool-size: 50 + max-pool-size: 50 + queue-capacity: 500 + sdc: + client: + auth: F3473596C526938329DF877495B494DC374D1C4198ED3AD305EA3ADCBBDA1862 + activate: + instanceid: test + userid: cs0008 + endpoint: http://c1.vm1.mso.simpledemo.onap.org:28090 + tenant: + isolation: + retry: + count: 3 + aai: + endpoint: https://aai.api.simpledemo.onap.org:8443 + auth: 2630606608347B7124C244AB0FE34F6F + so: + operational-environment: + dmaap: + username: testuser + password: VjR5NDcxSzA= + host: http://c1.vm1.mso.simpledemo.onap.org:28090 + publisher: + topic: com.att.ecomp.mso.operationalEnvironmentEvent +spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + jpa: + show-sql: true + hibernate: + dialect: org.hibernate.dialect.MySQL5Dialect + ddl-auto: validate + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + enable-lazy-load-no-trans: true + jersey: + type: filter + security: + usercredentials: + - + username: sitecontrol + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: SiteControl-Client + - + username: gui + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: GUI-Client + - + username: infraportal + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: InfraPortal-Client + - + username: InfraPortalClient + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: InfraPortal-Client + - + username: bpel + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - + username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +request: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true \ No newline at end of file diff --git a/kubernetes/so/templates/NOTES.txt b/kubernetes/so/templates/NOTES.txt old mode 100644 new mode 100755 index 91d8ed42f1..5b970635fa --- a/kubernetes/so/templates/NOTES.txt +++ b/kubernetes/so/templates/NOTES.txt @@ -1,19 +1,14 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} +1. main components included in umbrella chart +-- api-handler-infra +-- asdc-controller +-- bpmn-infra +-- openstack-adapter +-- sdnc-adapter +-- vfc-adapter +2. dependencies included in charts sub directory +-- db-secrets +-- ssl-secrets +-- catalog-db-adapter +-- request-db-adapter +4. Run the following helm command to deploy chart(s), remove --dry-run option + helm upgrade -f ./helm/values.yaml --install --debug --dry-run so ./so diff --git a/kubernetes/so/templates/configmap.yaml b/kubernetes/so/templates/configmap.yaml old mode 100644 new mode 100755 index db83fbb4f6..48d9ef8820 --- a/kubernetes/so/templates/configmap.yaml +++ b/kubernetes/so/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T USA # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,19 +11,23 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} kind: ConfigMap metadata: - name: so-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/mso/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: so-docker-file-configmap + name: {{ include "common.fullname" . }}-app-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/docker-files/scripts/start-jboss-server.sh").AsConfig . | indent 2 }} + {{- $yamlpath := printf "resources/config/overrides/override.yaml" -}} + {{- $root := . }} + {{- range $path, $bytes := .Files.Glob $yamlpath }} + override.yaml: {{ $root.Files.Get $path | quote }} + {{- end }} \ No newline at end of file diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml old mode 100644 new mode 100755 index 0f907372a3..d235545aa3 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T USA # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,19 +11,23 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} - heritage: {{ .Release.Service }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: metadata: labels: @@ -31,164 +35,110 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: + requests: + memory: {{ index .Values.resources.requests.memory}} + cpu: {{ index .Values.resources.requests.cpu}} + limits: + memory: {{ index .Values.resources.limits.memory}} + cpu: {{ index .Values.resources.limits.cpu}} env: - - name: NAMESPACE + - name: DB_HOST valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - name: {{ .Chart.Name }} - command: - - /tmp/start-jboss-server.sh - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - - containerPort: {{ .Values.service.internalPort3 }} - - containerPort: {{ .Values.service.internalPort4 }} - - containerPort: {{ .Values.service.internalPort5 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: JBOSS_DEBUG - value: {{ .Values.global.debugEnabled | default .Values.debugEnabled | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /shared/ - name: so - - mountPath: /tmp/start-jboss-server.sh - name: so-docker-files - subPath: start-jboss-server.sh - - mountPath: /opt/jboss/standalone/configuration/standalone-full-ha-mso.xml - name: so-config - subPath: standalone-full-ha-mso.xml - - mountPath: /var/log/onap - name: so-logs - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.network.xml - name: so-logback - subPath: logback.network.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.tenant.xml - name: so-logback - subPath: logback.tenant.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.vnf.xml - name: so-logback - subPath: logback.vnf.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.vfc.xml - name: so-logback - subPath: logback.vfc.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-api-handler-infra-config/logback.apihandler-infra.xml - name: so-logback - subPath: logback.apihandler-infra.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-appc-adapter-config/logback.appc.xml - name: so-logback - subPath: logback.appc.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-requests-db-adapter-config/logback.msorequestsdbadapter.xml - name: so-logback - subPath: logback.msorequestsdbadapter.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-asdc-controller-config/logback.asdc.xml - name: so-logback - subPath: logback.asdc.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-sdnc-adapter-config/logback.sdnc.xml - name: so-logback - subPath: logback.sdnc.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-bpmn-config/logback.bpmn.xml - name: so-logback - subPath: logback.bpmn.xml - - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-workflow-message-adapter-config/logback.workflow-message-adapter.xml - name: so-logback - subPath: logback.workflow-message-adapter.xml - resources: -{{ toYaml .Values.resources | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: so-logs - - mountPath: /usr/share/filebeat/data - name: so-data-filebeat - + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + httpGet: + path: {{- index .Values.livenessProbe.path|indent 2}} + port: {{ index .Values.containerPort }} + scheme: {{- index .Values.livenessProbe.scheme| indent 2}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: so-logback - configMap: - name: so-log-configmap - - name: filebeat-conf - configMap: - name: so-filebeat-configmap - - name: so - configMap: - name: so-configmap - items: - - key: mso-docker.json - path: mso-docker.json - mode: 0755 - - key: onap-ca.crt - path: onap-ca.crt - mode: 0755 - - key: onap-ca-new.crt - path: onap-ca-new.crt - mode: 0755 - - key: encryption.key - path: encryption.key - mode: 0644 - - name: so-config - configMap: - name: so-configmap - items: - - key: standalone-full-ha-mso.xml - path: standalone-full-ha-mso.xml - mode: 0644 - - name: so-logs - emptyDir: {} - - name: so-data-filebeat - emptyDir: {} - - name: so-docker-files - configMap: - name: so-docker-file-configmap - items: - - key: start-jboss-server.sh - path: start-jboss-server.sh - mode: 0755 + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml old mode 100644 new mode 100755 index ac9d179628..a813a18030 --- a/kubernetes/so/templates/service.yaml +++ b/kubernetes/so/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T USA # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Service metadata: @@ -24,24 +23,367 @@ metadata: heritage: {{ .Release.Service }} annotations: msb.onap.org/service-info: '[ - { - "serviceName": "{{ include "common.servicename" . }}", - "version": "v1", - "url": "/ecomp/mso/infra", - "protocol": "REST" - "port": "8080", - "visualRange":"1" - }, - { - "serviceName": "so-deprecated", - "version": "v1", - "url": "/ecomp/mso/infra", - "protocol": "REST" - "port": "8080", - "visualRange":"1", - "path":"/ecomp/mso/infra" - } - ]' + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/activate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/deactivate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}/{requestId}/unlock", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}/unlock", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/activate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/deactivate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][7]}/serviceInstances/assign", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/unassign", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/enablePort", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/disablePort", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/activate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/deactivate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/addRelationships", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/removeRelationships", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/replace", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/applyUpdatedConfig", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/replace", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/inPlaceSoftwareUpdate", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/deactivateAndCloudDelete", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/scaleOut", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + }, + { + "serviceName": "so/apih", + "version": "v1", + "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange":"0", + "lb_policy":"ip_hash" + } + ]' spec: type: {{ .Values.service.type }} ports: @@ -49,36 +391,11 @@ spec: - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.internalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.internalPort4 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} - name: {{ .Values.service.portName }}4 - - port: {{ .Values.service.internalPort5 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort5 }} - name: {{ .Values.service.portName }}5 {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName }}4 - - port: {{ .Values.service.externalPort5 }} - targetPort: {{ .Values.service.internalPort5 }} - name: {{ .Values.service.portName }}5 {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} - + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml old mode 100644 new mode 100755 index d7a769a9d5..20cf8d209f --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T USA # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,118 +11,45 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -# Default values for so. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -subChartsOnly: - enabled: true - -# application image repository: nexus3.onap.org:10001 -image: openecomp/mso:1.2.2 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "vnf_user" - openStackRegion: "RegionOne" - openStackKeyStoneUrl: "http://1.2.3.4:5000" - openStackServiceTenantName: "service" - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - logstashServiceName: log-ls - logstashPort: 5044 - sniro: - serviceName: sniro-emulator - port: 80 - aai: - serviceName: aai - port: 8443 - messagerouter: - serviceName: message-router - port: 3904 - msb: - serviceName: msb-iag - port: 80 - oof: - serviceName: oof-has-api - port: 8091 - sdnc: - serviceName: sdnc - port: 8282 - sdc: - serviceName: sdc-be - port: 8443 - -# subchart configuration +image: onap/so/api-handler-infra:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 8080 +logPath: ./logs/apih/ +app: api-handler-infra +service: + type: NodePort + nodePort: 58 + internalPort: 10100 + portName: so-apih-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +resources: + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 4Gi + cpu: 2000m +livenessProbe: + path: /manage/health + scheme: HTTPS + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +global: + nodePortPrefix: 302 + # docker repository + repository: nexus3.onap.org:10001 + # image pull Policy + pullPolicy: IfNotPresent mariadb: nameOverride: so-db - -# default number of instances -replicaCount: 1 - nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - name: so - portName: so - internalPort: 8080 - nodePort: 23 - internalPort2: 3904 - nodePort2: 25 - internalPort3: 3905 - nodePort3: 24 - internalPort4: 9990 - nodePort4: 22 - internalPort5: 8787 - nodePort5: 50 - -ingress: - enabled: false - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +affinity: {} \ No newline at end of file