From: Borislav Glozman Date: Tue, 3 Jul 2018 12:40:45 +0000 (+0000) Subject: Merge "Add schemaIngest properties resource to aai-gizmo" X-Git-Tag: 3.0.0-ONAP~495 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=7e39db558fb5705bd8c081c1e761b1b2ce54581d;hp=f529a46e99b3578573f336329594ab404e7bb6d7;p=oom.git Merge "Add schemaIngest properties resource to aai-gizmo" --- diff --git a/.gitreview b/.gitreview index eabfdc6550..8f5c6a011a 100644 --- a/.gitreview +++ b/.gitreview @@ -2,4 +2,4 @@ host=gerrit.onap.org port=29418 project=oom -defaultbranch=master +defaultbranch=beijing diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index eb5d373721..9672a0e55f 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -16,7 +16,7 @@ available), follow the following instructions to deploy ONAP. **Step 1.** Clone the OOM repository from ONAP gerrit:: - > git clone http://gerrit.onap.org/r/oom + > git clone -b beijing http://gerrit.onap.org/r/oom > cd oom/kubernetes diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index e63120f1c6..f79de5950f 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -108,7 +108,7 @@ stable which should be removed to avoid confusion:: To prepare your system for an installation of ONAP, you'll need to:: - > git clone http://gerrit.onap.org/r/oom + > git clone -b beijing http://gerrit.onap.org/r/oom > cd oom/kubernetes diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 57a1fab997..3cb547cce3 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -19,7 +19,7 @@ Epic * [`OOM-6 `_] - Automated platform deployment on Docker/Kubernetes * [`OOM-7 `_] - Platform monitoring and auto-healing * [`OOM-8 `_] - Automated platform scalability -* [`OOM-9 `_] - Platform upgradability&rollbacks +* [`OOM-9 `_] - Platform upgradability & rollbacks * [`OOM-10 `_] - Platform configuration management * [`OOM-46 `_] - Platform infrastructure deployment with TOSCA * [`OOM-109 `_] - Platform Centralized Logging @@ -181,7 +181,6 @@ Task * [`OOM-624 `_] - CII security badging: cleartext password for keystone and docker repo creds * [`OOM-726 `_] - Mirror AAI docker version changes into OOM from AAI-791 * [`OOM-772 `_] - Remove old DCAE from Release -* [`OOM-793 `_] - Document OOM-722 health/ete script changes for onap-discuss/wiki/rtd/integration team * [`OOM-801 `_] - Policy docker images rename - key off new name in POLICY-674 * [`OOM-810 `_] - Improve emsdriver code * [`OOM-819 `_] - expose log/logstash 5044 as nodeport for external log producers outside of the kubernetes cluster @@ -191,6 +190,7 @@ Task * [`OOM-975 `_] - Notes are missing in multicloud * [`OOM-1031 `_] - Config Changes for consul to make vid, so, log health checks pass * [`OOM-1032 `_] - Making consul Stateful +* [`OOM-1122 `_] - Update APPC OOM chart to use Beijing release artifacts Bug *** @@ -268,7 +268,7 @@ Bug * [`OOM-874 `_] - Inconsistent repository references in ONAP charts * [`OOM-875 `_] - Cannot retrieve robot logs * [`OOM-876 `_] - Some containers ignore the repository setting -* [`OOM-878 `_] - MySQL slave nodes don't deploy when mysql.replicaCount>1 +* [`OOM-878 `_] - MySQL slave nodes don't deploy when mysql.replicaCount > 1 * [`OOM-881 `_] - SDN-C Portal pod fails to come up * [`OOM-882 `_] - Some SDNC service names should be prefixed with the helm release name * [`OOM-884 `_] - VID-VID mariadb pv is pointing to a wrong location @@ -313,7 +313,6 @@ Bug * [`OOM-964 `_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down * [`OOM-968 `_] - warning on default deployment values.yaml * [`OOM-969 `_] - oomk8s images have no Dockerfile's -* [`OOM-970 `_] - Can't configure mysql password for sdnctl user * [`OOM-971 `_] - Common service name template should allow for chart name override * [`OOM-974 `_] - Cassandra bootstrap is done incorrectly * [`OOM-977 `_] - The esr-gui annotations should include a "path" param when register to MSB @@ -347,7 +346,6 @@ Bug * [`OOM-1039 `_] - Service distribution to SO fails * [`OOM-1041 `_] - aai-service was renamed, but old references remain * [`OOM-1042 `_] - portalapps service was renamed, but old references remain -* [`OOM-1044 `_] - Fix image/table warning during deploy - since helm install switch a month ago - non-affecting - but check the yaml * [`OOM-1045 `_] - top level values.yaml missing entry for dmaap chart * [`OOM-1049 `_] - SDNC_UEB_LISTENER db * [`OOM-1050 `_] - Impossible to deploy consul using cache docker registry @@ -359,12 +357,33 @@ Bug * [`OOM-1064 `_] - Improve docker registry secret management * [`OOM-1066 `_] - Updating TOSCA blueprint to sync up with helm configuration changes (add dmaap and oof/delete message-router) * [`OOM-1068 `_] - Update SO with new AAI cert -* [`OOM-1070 `_] - SO logs partially going to /var/log/ecomp/MSO * [`OOM-1076 `_] - some charts still using readiness check image from amsterdam 1.x * [`OOM-1077 `_] - AAI resources and traversal deployment failure on non-rancher envs * [`OOM-1079 `_] - Robot charts dont allow over ride of pub_key, dcae_collector_ip and dcae_collector_port -* [`OOM-1081 `_] - Remove component'mock'from TOSCA deployment +* [`OOM-1081 `_] - Remove component 'mock' from TOSCA deployment * [`OOM-1082 `_] - Wrong pv location of dcae postgres +* [`OOM-1085 `_] - appc hostname is incorrect in url +* [`OOM-1086 `_] - clamp deployment changes /dockerdata-nfs/ReleaseName dir permissions +* [`OOM-1088 `_] - APPC returns error for vCPE restart message from Policy +* [`OOM-1089 `_] - DCAE pods are not getting purged +* [`OOM-1093 `_] - Line wrapping issue in redis-cluster-config.sh script +* [`OOM-1094 `_] - Fix postgres startup +* [`OOM-1095 `_] - common makefile builds out of order +* [`OOM-1096 `_] - node port conflict SDNC (Geo enabled) & other charts +* [`OOM-1097 `_] - Nbi needs dep-nbi - crash on make all +* [`OOM-1099 `_] - Add External Interface NBI project into OOM TOSCA +* [`OOM-1102 `_] - Incorrect AAI services +* [`OOM-1103 `_] - Cannot disable NBI +* [`OOM-1104 `_] - Policy DROOLS configuration across container restarts +* [`OOM-1110 `_] - Clamp issue when connecting Policy +* [`OOM-1111 `_] - Please revert to using VNFSDK Postgres container +* [`OOM-1114 `_] - APPC is broken in latest helm chart +* [`OOM-1115 `_] - SDNC DGBuilder cant operate on DGs in database - need NodePort +* [`OOM-1116 `_] - Correct values needed by NBI chart +* [`OOM-1124 `_] - Update OOM APPC chart to enhance AAF support +* [`OOM-1126 `_] - Incorrect Port mapping between CDT Application and APPC main application +* [`OOM-1127 `_] - SO fails healthcheck +* [`OOM-1128 `_] - AAF CS fails to start in OpenLab Sub-task ******** @@ -377,12 +396,10 @@ Sub-task * [`OOM-655 `_] - Create alternate prepull script which provides more user feedback and logging * [`OOM-753 `_] - Create Helm Sub-Chart for SO's embedded mariadb * [`OOM-754 `_] - Create Helm Chart for SO -* [`OOM-763 `_] - Work with Robot team to minimize/optimize configuration requirements * [`OOM-774 `_] - Create Helm Sub-Chart for APPC's embedded mySQL database * [`OOM-775 `_] - Create Helm Chart for APPC * [`OOM-778 `_] - Replace NFS Provisioner with configurable PV storage solution * [`OOM-825 `_] - Apache 2 License updation for All sqls and .js file -* [`OOM-833 `_] - Apache 2 license addition for all configuration * [`OOM-849 `_] - Policy Nexus component needs persistent volume for /sonatype-work * [`OOM-991 `_] - Adjust SDC-BE init job timing from 10 to 30s to avoid restarts on single node systems * [`OOM-1036 `_] - update helm from 2.7.2 to 2.8.2 wiki/rtd diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 19250d8f69..9a51839241 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -38,7 +38,7 @@ config: csServiceName: aaf-cass # gerrit branch where the latest aaf/auth/sample/public code exists gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: master + gerritBranch: 2.0.0-ONAP # default number of instances replicaCount: 1 diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml index c1b2c3ccae..b459646a6b 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml @@ -46,7 +46,7 @@ spec: - name: KEYSTORE_PASSWORD value: {{ .Values.config.keyStorePassword }} - name: SPARKY_SSL_ENABLED - value: 'true' + value: 'false' - name: SPARKY_PORTAL_ENABLED value: 'false' volumeMounts: @@ -83,13 +83,13 @@ spec: {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml index e342a9a688..385cdeabca 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml @@ -21,5 +21,4 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml index c87ec5bf02..65aa79a537 100644 --- a/kubernetes/aai/charts/aai-sparky-be/values.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/values.yaml @@ -25,7 +25,7 @@ config: elasticsearchHttpPort: 9200 keyStorePassword: OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o keystoreAliasPassword: OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o - gerritBranch: master + gerritBranch: 2.0.0-ONAP gerritProject: http://gerrit.onap.org/r/aai/test-config portalUsername: aaiui portalPassword: 1t2v1vfv1unz1vgz1t3b @@ -61,9 +61,10 @@ readiness: periodSeconds: 10 service: - type: ClusterIP + type: NodePort portName: aai-sparky-be internalPort: 9517 + nodePort: 20 internalPort2: 8000 ingress: diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg index b9721ae41a..e90f737bff 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg @@ -22,6 +22,9 @@ defaults log global mode http option httplog + option ssl-hello-chk + option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ== + default-server init-addr none # option dontlognull # errorfile 400 /etc/haproxy/errors/400.http # errorfile 403 /etc/haproxy/errors/403.http @@ -95,7 +98,8 @@ backend IST_Default_8447 balance roundrobin http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447 port 8447 ssl verify none + server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none + ####################### # BACKEND 8446######### @@ -105,7 +109,7 @@ backend IST_AAI_8446 balance roundrobin http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446 port 8446 ssl verify none + server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none listen IST_AAI_STATS mode http diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 017d0c282d..b07048e134 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -56,7 +56,7 @@ global: # global defaults # application image dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.2.3 +image: aaionap/haproxy:1.2.4 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh new file mode 100755 index 0000000000..544358c1af --- /dev/null +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh @@ -0,0 +1,15 @@ +#!/bin/bash -x + +startODL_status=$(ps -e | grep startODL | wc -l) +waiting_bundles=$(/opt/opendaylight/current/bin/client bundle:list | grep Waiting | wc -l) +run_level=$(/opt/opendaylight/current/bin/client system:start-level) + + if [ "$run_level" == "Level 100" ] && [ "$startODL_status" -lt "1" ] && [ "$waiting_bundles" -lt "1" ] + then + echo APPC is healthy. + else + echo APPC is not healthy. + exit 1 + fi + +exit 0 diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index a990739d55..18a2783c5f 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -55,6 +55,9 @@ APPC_HOME=${APPC_HOME:-/opt/onap/appc} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} +ENABLE_AAF=${ENABLE_AAF:-false} +AAF_EXT_IP=${AAF_EXT_IP:-{{.Values.config.aafExtIP}}} +AAF_EXT_FQDN=${AAF_EXT_FQDN:-{{.Values.config.aafExtFQDN}}} appcInstallStartTime=$(date +%s) @@ -143,8 +146,13 @@ then echo "" >> ${ODL_HOME}/etc/system.properties echo "Copying the aaa shiro configuration into opendaylight" - cp ${APPC_HOME}/data/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml - + if $ENABLE_AAF + then + echo "${AAF_EXT_IP} ${AAF_EXT_FQDN}" >> /etc/hosts + cp ${APPC_HOME}/data/properties/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml + else + cp ${APPC_HOME}/data/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml + fi echo "Restarting OpenDaylight" ${ODL_HOME}/bin/stop diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml new file mode 100644 index 0000000000..31bc4e31de --- /dev/null +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml @@ -0,0 +1,120 @@ + + + + + + +
+ tokenAuthRealm + + org.onap.aaf.cadi.shiro.AAFRealm +
+ + + +
+ securityManager.realms + $tokenAuthRealm +
+ + +
+ authcBasic + org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter +
+ + +
+ accountingListener + org.opendaylight.aaa.shiro.filters.AuthenticationListener +
+
+ securityManager.authenticator.authenticationListeners + $accountingListener +
+ + +
+ dynamicAuthorization + org.opendaylight.aaa.shiro.realm.MDSALDynamicAuthorizationFilter +
+ + + + + + + /auth/** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /restconf/config/aaa-cert-mdsal** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /restconf/operational/aaa-cert-mdsal** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /restconf/operations/aaa-cert-rpc** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /restconf/config/aaa-authn-model** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /restconf/operational/aaa-authn-model** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /restconf/operations/cluster-admin** + + authcBasic, roles[org.onap.appc.odl|odl-admin|*] + + + /** + + authcBasic, roles[org.onap.appc.odl|odl-api|*] + + + diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index d2da2ec756..791d93393e 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -45,8 +45,9 @@ spec: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.externalPort2 }} readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} + exec: + command: + - /opt/appc/bin/health_check.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -61,6 +62,8 @@ spec: value: "{{ .Values.config.configDir }}" - name: DMAAP_TOPIC_ENV value: "{{ .Values.config.dmaapTopic }}" + - name: ENABLE_AAF + value: "{{ .Values.config.enableAAF }}" - name: ENABLE_ODL_CLUSTER value: "{{ .Values.config.enableClustering }}" - name: APPC_REPLICAS @@ -81,6 +84,9 @@ spec: - mountPath: /opt/onap/appc/data/properties/aaiclient.properties name: onap-appc-data-properties subPath: aaiclient.properties + - mountPath: /opt/onap/appc/data/properties/aaa-app-config.xml + name: onap-appc-data-properties + subPath: aaa-app-config.xml - mountPath: /opt/onap/appc/svclogic/config/svclogic.properties name: onap-appc-svclogic-config subPath: svclogic.properties @@ -93,6 +99,9 @@ spec: - mountPath: /opt/onap/appc/bin/installAppcDb.sh name: onap-appc-bin subPath: installAppcDb.sh + - mountPath: /opt/onap/appc/bin/health_check.sh + name: onap-appc-bin + subPath: health_check.sh - mountPath: /opt/onap/ccsdk/data/properties/dblib.properties name: onap-sdnc-data-properties subPath: dblib.properties diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index 4b47c63a42..1c20977b90 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/appc-image:1.3.0 +image: onap/appc-image:1.4.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required @@ -37,7 +37,10 @@ debugEnabled: false # application configuration config: + aafExtIP: 127.0.0.1 + aafExtFQDN: aaf-onap-beijing-test.osaaf.org dbRootPassword: openECOMP1.0 + enableAAF: false enableClustering: true configDir: /opt/onap/appc/data/properties dmaapTopic: SUCCESS diff --git a/kubernetes/common/dgbuilder/resources/config/svclogic.properties b/kubernetes/common/dgbuilder/resources/config/svclogic.properties index dc3980de21..82eeec5e61 100644 --- a/kubernetes/common/dgbuilder/resources/config/svclogic.properties +++ b/kubernetes/common/dgbuilder/resources/config/svclogic.properties @@ -2,4 +2,4 @@ org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.dbServiceName}}.{{ include "common.namespace" . }}:3306/sdnctl org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}} diff --git a/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh b/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh index 76d17700b0..961792be3f 100755 --- a/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh +++ b/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh @@ -19,7 +19,7 @@ dbHost="{{.Values.config.dbServiceName}}.{{.Release.Namespace}}" dbPort="3306" dbName="sdnctl" dbUser="sdnctl" -dbPassword="gamma" +dbPassword="{{.Values.config.dbSdnctlPassword}}" gitLocalRepository="$4" lastPort=$(find "releases/" -name "customSettings.js" |xargs grep uiPort|cut -d: -f2|sed -e s/,//|sort|tail -1) @@ -99,7 +99,7 @@ then echo "org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.dbServiceName}}.{{.Release.Namespace}}:3306/sdnctl" >>$svclogicPropFile echo "org.onap.ccsdk.sli.jdbc.database=sdnctl" >>$svclogicPropFile echo "org.onap.ccsdk.sli.jdbc.user=sdnctl" >>$svclogicPropFile - echo "org.onap.ccsdk.sli.jdbc.password=gamma" >>$svclogicPropFile + echo "org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}}" >>$svclogicPropFile fi if [ ! -e "${appDir}/flowShareUsers.js" ] then diff --git a/kubernetes/common/dgbuilder/resources/scripts/customSettings.js b/kubernetes/common/dgbuilder/resources/scripts/customSettings.js index 22810baabd..e3349b9d5a 100644 --- a/kubernetes/common/dgbuilder/resources/scripts/customSettings.js +++ b/kubernetes/common/dgbuilder/resources/scripts/customSettings.js @@ -27,25 +27,25 @@ module.exports={ "userDir": "releases/sdnc1.0", "httpAuth": { "user": "dguser", - "pass": "cc03e747a6afbbcbf8be7668acfebee5" + "pass": "{{.Values.config.dgUserPassword}}" }, "dbHost": "{{.Values.config.dbServiceName}}.{{ include "common.namespace" . }}", "dbPort": "3306", "dbName": "sdnctl", "dbUser": "sdnctl", - "dbPassword": "gamma", + "dbPassword": "{{.Values.config.dbSdnctlPassword}}", "gitLocalRepository": "", "httpRoot": "/", "disableEditor": false, "httpAdminRoot": "/", "httpAdminAuth": { "user": "dguser", - "pass": "cc03e747a6afbbcbf8be7668acfebee5" + "pass": "{{.Values.config.dgUserPassword}}" }, "httpNodeRoot": "/", "httpNodeAuth": { "user": "dguser", - "pass": "cc03e747a6afbbcbf8be7668acfebee5" + "pass": "{{.Values.config.dgUserPassword}}" }, "uiHost": "0.0.0.0", "version": "0.9.1", diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index e2d0c10709..759b940aea 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -42,9 +42,11 @@ debugEnabled: false # application configuration config: dbRootPassword: openECOMP1.0 + dbSdnctlPassword: gamma dbPodName: mysql-db dbServiceName: sdnc-dbhost - + # MD5 hash of dguser password ( default: test123 ) + dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5 # default number of instances replicaCount: 1 diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml index d6a8c2c03c..b2b454d8bc 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml @@ -43,7 +43,7 @@ debugEnabled: false # application configuration config: # gerrit branch where the latest code is checked in - gerritBranch: master + gerritBranch: 2.0.0-ONAP # gerrit project where the latest code is checked in gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml index a71b14a046..3810cdfe57 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml @@ -39,7 +39,7 @@ debugEnabled: false # application configuration config: # gerrit branch where the latest code is checked in - gerritBranch: master + gerritBranch: 2.0.0-ONAP # gerrit project where the latest code is checked in gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml index 03a03cc198..add7a7c7be 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/values.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -46,14 +46,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 180 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 path: /nexus/service/local/status diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml index 7703234a66..a3dd7676a4 100644 --- a/kubernetes/policy/charts/mariadb/values.yaml +++ b/kubernetes/policy/charts/mariadb/values.yaml @@ -45,14 +45,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 ## Persist data to a persitent volume diff --git a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml index f242c41e05..5500163ba7 100644 --- a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml +++ b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml @@ -33,21 +33,16 @@ limitations under the License. ============LICENSE_END============================================ - - ECOMP is a trademark and service mark of AT&T Intellectual Property. --> - - - + diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index 49fc36f3a8..fe41734ea7 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -48,7 +48,7 @@ config: # application's front end hostname. Must be resolvable on the client side environment vidHostName: "vid.api.simpledemo.onap.org" # aai sparky ui assignment for port 8080 - aaiSparkyPort: "" # TODO: populate with + aaiSparkyPort: "30220" # application's front end hostname. Must be resolvable on the client side environment aaiSparkyHostName: "aai.api.sparky.simpledemo.onap.org" # cli ui assignment for port 8080 diff --git a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml index 864a8b9250..d1465c5f4e 100644 --- a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml +++ b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml @@ -34,19 +34,13 @@ ============LICENSE_END============================================ - ECOMP is a trademark and service mark of AT&T Intellectual Property. --> - - + @@ -223,4 +217,4 @@ - \ No newline at end of file + diff --git a/kubernetes/portal/docker/init/mariadb-client/Dockerfile b/kubernetes/portal/docker/init/mariadb-client/Dockerfile index 009f2fa757..e64b1e2d87 100644 --- a/kubernetes/portal/docker/init/mariadb-client/Dockerfile +++ b/kubernetes/portal/docker/init/mariadb-client/Dockerfile @@ -1,6 +1,6 @@ FROM boxfuse/flyway:5.0.7-alpine -ARG branch=master +ARG branch=2.0.0-ONAP ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST" # Setup Corporate proxy ENV https_proxy ${HTTP_PROXY} diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 261d345c84..62f0b630a2 100755 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -12,7 +12,7 @@ GLOBAL_INJECTED_DCAE_IP_ADDR = "dcae-healthcheck.{{include "common.namespace" .} GLOBAL_INJECTED_DNS_IP_ADDR = "N/A" GLOBAL_INJECTED_DOCKER_VERSION = "1.2-STAGING-latest" GLOBAL_INJECTED_EXTERNAL_DNS = "N/A" -GLOBAL_INJECTED_GERRIT_BRANCH = "master" +GLOBAL_INJECTED_GERRIT_BRANCH = "2.0.0-ONAP" GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = "log-es.{{include "common.namespace" .}}" GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = "log-kibana.{{include "common.namespace" .}}" GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" .}}" @@ -67,7 +67,7 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_DNS_IP_ADDR" : "N/A", "GLOBAL_INJECTED_DOCKER_VERSION" : "1.2-STAGING-latest", "GLOBAL_INJECTED_EXTERNAL_DNS" : "N/A", - "GLOBAL_INJECTED_GERRIT_BRANCH" : "master", + "GLOBAL_INJECTED_GERRIT_BRANCH" : "2.0.0-ONAP", "GLOBAL_INJECTED_KEYSTONE" : "{{ .Values.openStackKeyStoneUrl }}", "GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR" : "log-es.{{include "common.namespace" .}}", "GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR" : "log-kibana.{{include "common.namespace" .}}", diff --git a/kubernetes/robot/templates/deployment.yaml b/kubernetes/robot/templates/deployment.yaml index 0b658093bf..e5cc1d3a0f 100644 --- a/kubernetes/robot/templates/deployment.yaml +++ b/kubernetes/robot/templates/deployment.yaml @@ -77,12 +77,14 @@ spec: subPath: sdngc_interface.robot - name: robot-resources mountPath: /var/opt/OpenECOMP_ETE/robot/resources/oof_interface.robot - subPath: oof_interface.robot + subPath: oof_interface.robot - name: robot-lighttpd-authorization mountPath: /etc/lighttpd/authorization subPath: authorization - name: demodir mountPath: /share + - name: robot-logs + mountPath: /share/logs resources: {{ toYaml .Values.resources | indent 12 }} {{- if .Values.nodeSelector }} @@ -94,6 +96,13 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: + {{- if .Values.persistence.enabled }} + - name: robot-logs + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} - name: localtime hostPath: path: /etc/localtime diff --git a/kubernetes/robot/templates/pv.yaml b/kubernetes/robot/templates/pv.yaml new file mode 100644 index 0000000000..184728f8ad --- /dev/null +++ b/kubernetes/robot/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/robot/templates/pvc.yaml b/kubernetes/robot/templates/pvc.yaml new file mode 100644 index 0000000000..e27c3311e9 --- /dev/null +++ b/kubernetes/robot/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index cc81b9d110..aea67c84aa 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -18,6 +18,7 @@ global: # global defaults nodePortPrefix: 302 ubuntuInitRepository: registry.hub.docker.com + persistence: {} # application image repository: nexus3.onap.org:10001 @@ -38,7 +39,7 @@ config: # Password of the lighthttpd server. Used for HTML auth for webpage access lightHttpdPassword: robot # gerrit branch where the latest heat code is checked in - gerritBranch: master + gerritBranch: 2.0.0-ONAP # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/demo.git @@ -79,7 +80,7 @@ openStackPrivateNetCidr: "10.0.0.0/8" openStackOamNetworkCidrPrefix: "10.0" # Override with Pub Key for access to VNF vnfPubKey: "FILL_IN_WITH_PUB_KEY" -# Override with DCAE VES Collector external IP +# Override with DCAE VES Collector external IP dcaeCollectorIp: "FILL_IN_WITH_DCAE_VES_COLLECTOR_IP" # default number of instances @@ -133,3 +134,26 @@ resources: {} # requests: # cpu: 2 # memory: 4Gi + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: robot/logs \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index f69ae0ff80..ca708937ee 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 + initialDelaySeconds: 180 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json index f6d202ef09..a6950fdd70 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json @@ -36,7 +36,7 @@ "dbFabricPassword": "admin", "dbFabricDB": "mysql", "dbUser": "sdnctl", - "dbPassword": "gamma", + "dbPassword": "{{.Values.config.dbSdnctlPassword}}", "dbName": "sdnctl", "odlProtocol": "http", "odlHost": "sdnc.{{.Release.Namespace}}", diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties index 9e4c88a879..68357baae6 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties @@ -22,7 +22,7 @@ org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Relea org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}} org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 org.onap.ccsdk.sli.jdbc.connection.timeout=50 org.onap.ccsdk.sli.jdbc.request.timeout=100 diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties index e0e3295735..cc13a9d707 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties @@ -2,4 +2,4 @@ org.openecomp.sdnctl.sli.dbtype = jdbc org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb01:3306/sdnctl org.openecomp.sdnctl.sli.jdbc.database = sdnctl org.openecomp.sdnctl.sli.jdbc.user = sdnctl -org.openecomp.sdnctl.sli.jdbc.password = gamma \ No newline at end of file +org.openecomp.sdnctl.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 index e665a56d75..c75c603f22 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 @@ -2,4 +2,4 @@ org.openecomp.sdnctl.sli.dbtype = jdbc org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb02:3306/sdnctl org.openecomp.sdnctl.sli.jdbc.database = sdnctl org.openecomp.sdnctl.sli.jdbc.user = sdnctl -org.openecomp.sdnctl.sli.jdbc.password = gamma \ No newline at end of file +org.openecomp.sdnctl.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index e741db312a..147d391041 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -37,6 +37,7 @@ debugEnabled: false config: mysqlChartName: sdnc-db dbRootPassword: openECOMP1.0 + dbSdnctlPassword: gamma sdncChartName: sdnc configDir: /opt/onap/sdnc/data/properties odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U @@ -50,7 +51,7 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 + initialDelaySeconds: 180 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container diff --git a/kubernetes/sdnc/resources/config/conf/dblib.properties b/kubernetes/sdnc/resources/config/conf/dblib.properties index 362726a6d8..dd2bcabcc5 100644 --- a/kubernetes/sdnc/resources/config/conf/dblib.properties +++ b/kubernetes/sdnc/resources/config/conf/dblib.properties @@ -22,7 +22,7 @@ org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Relea org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}} org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 org.onap.ccsdk.sli.jdbc.connection.timeout=50 org.onap.ccsdk.sli.jdbc.request.timeout=100 diff --git a/kubernetes/sdnc/resources/config/conf/svclogic.properties b/kubernetes/sdnc/resources/config/conf/svclogic.properties index 99f6cf84b7..e564012c8f 100644 --- a/kubernetes/sdnc/resources/config/conf/svclogic.properties +++ b/kubernetes/sdnc/resources/config/conf/svclogic.properties @@ -23,5 +23,5 @@ org.onap.ccsdk.sli.dbtype = jdbc org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl org.onap.ccsdk.sli.jdbc.database = sdnctl org.onap.ccsdk.sli.jdbc.user = sdnctl -org.onap.ccsdk.sli.jdbc.password = gamma +org.onap.ccsdk.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} diff --git a/kubernetes/sdnc/templates/secrets.yaml b/kubernetes/sdnc/templates/secrets.yaml index 754f117e38..a900132c31 100644 --- a/kubernetes/sdnc/templates/secrets.yaml +++ b/kubernetes/sdnc/templates/secrets.yaml @@ -25,3 +25,17 @@ metadata: type: Opaque data: odl-password: {{ .Values.config.odlPassword | b64enc | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-sdnctl + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + db-sdnctl-password: {{ .Values.config.dbSdnctlPassword | b64enc | quote }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 69816dffb4..03ae8800bd 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -74,6 +74,11 @@ spec: secretKeyRef: name: {{ template "common.fullname" . }}-odl key: odl-password + - name: SDNC_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-sdnctl + key: db-sdnctl-password - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" - name: ENABLE_ODL_CLUSTER diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 58adf48f99..0c602e50cd 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -40,6 +40,7 @@ debugEnabled: false config: odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U dbRootPassword: openECOMP1.0 + dbSdnctlPassword: gamma enableClustering: true binDir: /opt/onap/sdnc/bin geoEnabled: false @@ -83,6 +84,7 @@ sdnc-portal: mysqlChartName: sdnc-db configDir: /opt/onap/sdnc/data/properties dbRootPassword: openECOMP1.0 + dbSdnctlPassword: gamma odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U sdnc-ansible-server: @@ -112,6 +114,8 @@ dgbuilder: dbPodName: sdnc-db dbServiceName: sdnc-dbhost dbRootPassword: openECOMP1.0 + dbSdnctlPassword: gamma + dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5 service: name: sdnc-dgbuilder nodePort: "03" diff --git a/kubernetes/so/charts/mariadb/values.yaml b/kubernetes/so/charts/mariadb/values.yaml index a46b31a44e..693e3dd689 100644 --- a/kubernetes/so/charts/mariadb/values.yaml +++ b/kubernetes/so/charts/mariadb/values.yaml @@ -32,7 +32,7 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 config: mariadbRootPassword: password # gerrit branch where the latest heat code is checked in - gerritBranch: master + gerritBranch: 2.0.0-ONAP # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git