From: James MacNider Date: Thu, 11 Apr 2019 14:15:19 +0000 (+0000) Subject: Merge "Bump version of Mongo and Mariadb for NBI" X-Git-Tag: 4.0.0-ONAP~243 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=b4919d5ed67ed87cbfd42951005f22e4f183358f;hp=2c2599fa047f40851c89adf38a046a4a1232d3cd;p=oom.git Merge "Bump version of Mongo and Mariadb for NBI" --- diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 8e7ea29300..28b46c24e1 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -67,11 +67,11 @@ readiness: periodSeconds: 30 service: - type: NodePort + type: ClusterIP name: aaf-sms portName: aaf-sms internalPort: 10443 - nodePort: 43 + externalPort: 10443 persistence: enabled: true diff --git a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json index 5be609730d..a6fe82fb70 100644 --- a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json +++ b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json @@ -15,7 +15,7 @@ { "type": "VF", "name": "generic-vnf", - "deleteFlag": false, + "deleteFlag": true, "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9", "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c" }, diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml index b35171ecd6..331786cf18 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/aai/charts/aai-champ/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image -image: onap/champ:1.3.0 +image: onap/champ:1.4-STAGING-latest flavor: small diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml index 3fefe1690d..9172b71e8d 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -37,19 +37,19 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) NOT FREE FOR COMMERCIAL +# kerberos (challenging) # clientcert (not challenging, needs https) -# jwt (not challenging) NOT FREE FOR COMMERCIAL +# jwt (not challenging) # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # Authz -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # noop searchguard: @@ -59,7 +59,7 @@ searchguard: # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn #kibana: - # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE + # Kibana multitenancy # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki #multitenancy_enabled: true @@ -85,7 +85,7 @@ searchguard: transport_enabled: false order: 6 http_authenticator: - type: kerberos # NOT FREE FOR COMMERCIAL USE + type: kerberos challenge: true config: # If true a lot of kerberos/security related debugging output will be logged to standard out @@ -150,7 +150,7 @@ searchguard: challenge: false authentication_backend: # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -176,7 +176,7 @@ searchguard: transport_enabled: false authorization_backend: # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -217,5 +217,5 @@ searchguard: roles_from_another_ldap: enabled: false authorization_backend: - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap #config goes here ... diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 index 023e2eaac6..5737e48796 100644 Binary files a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 and b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props index 78e4e71dc6..59593a501a 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc: +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml index 0a46c48717..9fe4c17cc9 100644 --- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml @@ -81,6 +81,28 @@ spec: "visualRange": "1", "path": "/aai/v14/cloud-infrastructure" }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/cloud-infrastructure" + }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/cloud-infrastructure" + }, { "serviceName": "_aai-business", "version": "v11", @@ -125,6 +147,28 @@ spec: "visualRange": "1", "path": "/aai/v14/business" }, + { + "serviceName": "_aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/business" + }, + { + "serviceName": "_aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/business" + }, { "serviceName": "_aai-actions", "version": "v11", @@ -169,6 +213,28 @@ spec: "visualRange": "1", "path": "/aai/v14/actions" }, + { + "serviceName": "_aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/actions" + }, + { + "serviceName": "_aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/actions" + }, { "serviceName": "_aai-service-design-and-creation", "version": "v11", @@ -212,6 +278,28 @@ spec: "lb_policy":"ip_hash", "visualRange": "1", "path": "/aai/v14/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/service-design-and-creation" }, { "serviceName": "_aai-network", @@ -257,6 +345,28 @@ spec: "visualRange": "1", "path": "/aai/v14/network" }, + { + "serviceName": "_aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/network" + }, + { + "serviceName": "_aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/network" + }, { "serviceName": "_aai-externalSystem", "version": "v11", @@ -301,6 +411,28 @@ spec: "visualRange": "1", "path": "/aai/v14/external-system" }, + { + "serviceName": "_aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/external-system" + }, + { + "serviceName": "_aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/external-system" + }, { "serviceName": "aai-cloudInfrastructure", "version": "v11", @@ -341,6 +473,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-business", "version": "v11", @@ -381,6 +533,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-actions", "version": "v11", @@ -421,6 +593,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-service-design-and-creation", "version": "v11", @@ -461,6 +653,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-network", "version": "v11", @@ -501,6 +713,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-externalSystem", "version": "v11", @@ -540,6 +772,26 @@ spec: "enable_ssl": true, "lb_policy":"ip_hash", "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" } ]' spec: diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 index 023e2eaac6..5737e48796 100644 Binary files a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 and b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props index 7cb0d492ce..0f27dbdd76 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc: +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml index 4f97f4a2c3..be4b863195 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml @@ -81,6 +81,28 @@ spec: "visualRange": "1", "path": "/aai/v14/search/generic-query" }, + { + "serviceName": "_aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/generic-query" + }, + { + "serviceName": "_aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/generic-query" + }, { "serviceName": "_aai-nodes-query", "version": "v11", @@ -125,6 +147,28 @@ spec: "visualRange": "1", "path": "/aai/v14/search/nodes-query" }, + { + "serviceName": "_aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/nodes-query" + }, + { + "serviceName": "_aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/nodes-query" + }, { "serviceName": "_aai-query", "version": "v11", @@ -169,6 +213,28 @@ spec: "visualRange": "1", "path": "/aai/v14/query" }, + { + "serviceName": "_aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/query" + }, + { + "serviceName": "_aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/query" + }, { "serviceName": "_aai-named-query", "url": "/aai/search", @@ -219,6 +285,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-nodes-query", "version": "v11", @@ -259,6 +345,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-query", "version": "v11", @@ -299,6 +405,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-named-query", "url": "/aai/search", diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore index 83cae95273..d50b33ed93 100644 Binary files a/kubernetes/aai/resources/config/aai/aai_keystore and b/kubernetes/aai/resources/config/aai/aai_keystore differ diff --git a/kubernetes/aai/resources/config/haproxy/aai.pem b/kubernetes/aai/resources/config/haproxy/aai.pem new file mode 100644 index 0000000000..e6dfd6a63d --- /dev/null +++ b/kubernetes/aai/resources/config/haproxy/aai.pem @@ -0,0 +1,82 @@ +-----BEGIN CERTIFICATE----- +MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow +azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ +YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx +CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj +PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr +qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ +XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY +yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM +r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl +ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E +BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN +MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN +MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS +Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh +cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs +YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2 +ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h +cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh +aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y +ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh +UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO +N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s +fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy +3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt +ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI +tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ +V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o +gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2 +J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6 +DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp +N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ +b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N +4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs +eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM +86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j +MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E +TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl +gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB +A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP +DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g +b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif +w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L +QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi +XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI +gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9 +71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J +lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9 +7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk +vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk= +-----END RSA PRIVATE KEY----- diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 17680a0b96..8c107303ac 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -70,6 +70,9 @@ spec: subPath: haproxy.cfg {{ end }} name: haproxy-cfg + - mountPath: /etc/ssl/private/aai.pem + name: aai-pem + subPath: aai.pem ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -121,5 +124,8 @@ spec: - name: haproxy-cfg configMap: name: aai-deployment-configmap + - name: aai-pem + secret: + secretName: aai-haproxy-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml new file mode 100644 index 0000000000..25257eaeaf --- /dev/null +++ b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} +{{- range $i, $t := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data{{$i}} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} +--- +{{- end -}} +{{- end -}} diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml similarity index 83% rename from kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml rename to kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml index a7daa05143..5f1cc5ae24 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml @@ -12,8 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment +apiVersion: apps/v1beta1 +kind: StatefulSet metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} @@ -74,6 +74,8 @@ spec: - mountPath: {{ .Values.config.configDir }}/RestServer_config name: config subPath: RestServer_config + - mountPath: {{ .Values.persistence.playbookPath }} + name: {{ include "common.fullname" . }}-data resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -92,5 +94,21 @@ spec: configMap: name: {{ include "common.fullname" . }} defaultMode: 0644 - imagePullSecrets: +{{ if not .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }}-data + emptyDir: {} +{{ else }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: [ {{ .Values.persistence.accessMode }} ] + storageClassName: {{ include "common.fullname" . }}-data + resources: + requests: + storage: {{ .Values.persistence.size }} +{{ end }} + imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml index b06d70f758..1e15919b82 100644 --- a/kubernetes/appc/charts/appc-ansible-server/values.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml @@ -39,7 +39,7 @@ debugEnabled: false config: appcChartName: appc mysqlServiceName: appc-dbhost - + configDir: /opt/onap/ccsdk # default number of instances replicaCount: 1 @@ -66,6 +66,30 @@ service: portName: appc-ansible-server internalPort: 8000 externalPort: 8000 + nfsprovisionerPrefix: appc + disableNfsProvisioner: true + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteMany + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: appc/ansible + playbookPath: /home/ansible ingress: enabled: false diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index 43920b3d65..f25e40bf2a 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,7 +32,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch-oss:6.1.3 +image: elasticsearch/elasticsearch-oss:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf index 317b428c77..b4b5071ba5 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -57,13 +57,13 @@ filter { drop { } } - if [http_request_failure] or [@metadata][code] != "200" { + if [http_request_failure] or [@metadata][code] != 200 { mutate { add_tag => [ "error" ] } } - if "dmaap_source" in [tags] { + if "dmaap_source" in [@metadata][request][tags] { # # Dmaap provides a json list, whose items are Strings containing the event # provided to Dmaap, which itself is an escaped json. @@ -76,14 +76,7 @@ filter { source => "[message]" target => "message" } - ruby { - code => " - for ev in event.get('message', []) - ev.set('@metadata', event.get('@metadata')) - end - " - } - + split { field => "message" } @@ -194,7 +187,7 @@ filter { } - if "error" not in [tags] { + if "error" not in [@metadata][request][tags]{ # # Creating data for a secondary index # @@ -203,7 +196,7 @@ filter { add_tag => [ "event-cl-aggs" ] } - if "event-cl-aggs" in [tags] { + if "event-cl-aggs" in [@metadata][request][tags]{ # # we only need a few fields for aggregations; remove all fields from clone except : # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure diff --git a/kubernetes/common/nfs-provisioner/Chart.yaml b/kubernetes/common/nfs-provisioner/Chart.yaml new file mode 100644 index 0000000000..fcb69b31e3 --- /dev/null +++ b/kubernetes/common/nfs-provisioner/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: NFS provisioner +name: nfs-provisioner +version: 4.0.0 diff --git a/kubernetes/common/nfs-provisioner/requirements.yaml b/kubernetes/common/nfs-provisioner/requirements.yaml new file mode 100644 index 0000000000..d175386e2b --- /dev/null +++ b/kubernetes/common/nfs-provisioner/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml b/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml new file mode 100644 index 0000000000..58cf7a3866 --- /dev/null +++ b/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml @@ -0,0 +1,78 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + strategy: + type: Recreate + template: + metadata: + labels: + app: {{ include "common.fullname" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.fullname" . }} + image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - name: nfs + containerPort: {{ .Values.service.nfsPort }} + - name: mountd + containerPort: {{ .Values.service.mountdPort }} + - name: rpcbind + containerPort: {{ .Values.service.rpcbindPort }} + - name: rpcbind-udp + containerPort: {{ .Values.service.rpcbindUdpPort }} + protocol: UDP + securityContext: + capabilities: + add: + - DAC_READ_SEARCH + - SYS_RESOURCE + args: + - "-provisioner={{ include "common.namespace" . }}/nfs" + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: SERVICE_NAME + value: {{ include "common.servicename" . }} + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - name: export-volume + mountPath: /export + {{- if .Values.affinity }} + affinity: + {{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: export-volume + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }} diff --git a/kubernetes/common/nfs-provisioner/templates/service.yaml b/kubernetes/common/nfs-provisioner/templates/service.yaml new file mode 100644 index 0000000000..f9bba0f872 --- /dev/null +++ b/kubernetes/common/nfs-provisioner/templates/service.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +kind: Service +apiVersion: v1 +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - name: nfs + port: {{ .Values.service.nfsPort }} + - name: mountd + port: {{ .Values.service.mountdPort }} + - name: rpcbind + port: {{ .Values.service.rpcbindPort }} + - name: rpcbind-udp + port: {{ .Values.service.rpcbindUdpPort }} + protocol: UDP + selector: + app: {{ include "common.fullname" . }} \ No newline at end of file diff --git a/kubernetes/common/nfs-provisioner/values.yaml b/kubernetes/common/nfs-provisioner/values.yaml new file mode 100644 index 0000000000..687219d680 --- /dev/null +++ b/kubernetes/common/nfs-provisioner/values.yaml @@ -0,0 +1,50 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: + mountPath: /dockerdata-nfs + +################################################################# +# Application configuration defaults. +################################################################# + +dockerHubRepository: registry.hub.docker.com +pullPolicy: Always + +# default number of instances + +nodeSelector: {} + +affinity: {} + +service: + name: nfs-provisioner + nfsPort: 2049 + mountdPort: 20048 + rpcbindPort: 111 + rpcbindUdpPort: 111 + +## Persist data to a persitent volume +persistence: + enabled: true + mountPath: /dockerdata-nfs + +## NFS provisioner image properties +nfsprovisionerRepository: quay.io +nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8 + diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh new file mode 100755 index 0000000000..cc71522f12 --- /dev/null +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -0,0 +1,355 @@ +#!/bin/bash +############################################################################# +# Copyright © 2019 Bell. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +############################################################################# +# +# This installation is for an RKE install of kubernetes +# after this run the standard oom install +# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host +# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment +# source from https://jira.onap.org/browse/OOM-1598 +# +# master/dublin +# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 +# single node install, HA pending + +usage() { +cat < cluster.yml <> /etc/hosts + echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" + curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh + sudo usermod -aG docker $USERNAME + + echo "Install RKE" + sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 + mv rke_linux-amd64 rke + sudo chmod +x rke + sudo mv ./rke /usr/local/bin/rke + + echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" + # ubuntu specific + sudo apt-get install make -y + + sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl + sudo chmod +x ./kubectl + sudo mv ./kubectl /usr/local/bin/kubectl + sudo mkdir ~/.kube + wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo mv linux-amd64/helm /usr/local/bin/helm + + echo "Bringing RKE up - using supplied cluster.yml" + sudo rke up + echo "wait 2 extra min for the cluster" + sleep 60 + echo "1 more min" + sleep 60 + echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" + sudo cp kube_config_cluster.yml ~/.kube/config + # avoid using sudo for kubectl + sudo chmod 777 ~/.kube/config + echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" + echo "kubectl get pods --all-namespaces" + kubectl get pods --all-namespaces + echo "install tiller/helm" + kubectl -n kube-system create serviceaccount tiller + kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + helm init --service-account tiller + kubectl -n kube-system rollout status deploy/tiller-deploy + echo "upgrade server side of helm in kubernetes" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "sleep 30" + sleep 30 + if [ "$USERNAME" == "root" ]; then + helm init --upgrade + else + sudo helm init --upgrade + fi + echo "sleep 30" + sleep 30 + echo "verify both versions are the same below" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "start helm server" + if [ "$USERNAME" == "root" ]; then + helm serve & + else + sudo helm serve & + fi + echo "sleep 30" + sleep 30 + echo "add local helm repo" + if [ "$USERNAME" == "root" ]; then + helm repo add local http://127.0.0.1:8879 + helm repo list + else + sudo helm repo add local http://127.0.0.1:8879 + sudo helm repo list + fi + echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" + echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" + echo "to get the nodeport for a specific VM running grafana" + echo "kubectl get services --all-namespaces | grep graf" + sudo docker version + helm version + kubectl version + kubectl get services --all-namespaces + kubectl get pods --all-namespaces + echo "finished!" +} + +BRANCH= +SERVER= +ENVIRON= +VALIDATE=false +USERNAME=ubuntu +SSHPATH_PREFIX=~/.ssh + +while getopts ":b:s:e:u:l:k:v" PARAM; do + case $PARAM in + u) + usage + exit 1 + ;; + b) + BRANCH=${OPTARG} + ;; + e) + ENVIRON=${OPTARG} + ;; + s) + SERVER=${OPTARG} + ;; + l) + USERNAME=${OPTARG} + ;; + k) + SSHKEY=${OPTARG} + ;; + v) + VALIDATE=${OPTARG} + ;; + ?) + usage + exit + ;; + esac +done + +if [[ -z $BRANCH ]]; then + usage + exit 1 +fi + +install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 3f2168b6af..51d31a355b 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -19,6 +19,7 @@ { "namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", "consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", + "default_k8s_location" : "{{ .Values.default_k8s_location }}", "image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"], "filebeat": { diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml new file mode 100644 index 0000000000..ff2c39261b --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml @@ -0,0 +1,32 @@ +#============LICENSE_START======================================================== +#================================================================================= +# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +{{ if .Values.componentImages.dashboard }} +dashboard_docker_image: {{ include "common.repository" . }}/{{ .Values.componentImages.dashboard }} +{{ end }} +external_port: {{ .Values.config.address.dashboard.port }} +external_tls_port: {{ .Values.config.address.dashboard.portSecure }} +database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }} +database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }} +database_name: "dashboard_pg" +cloudify_ip: {{ .Values.config.address.cm }} +cloudify_user: "admin" +cloudify_password: "admin" +consul_url: {{ .Values.config.address.consul.host }} +postgres_port: "5432" +replicas: 1 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml index e1ae791af8..aa2b9a3f18 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml @@ -19,3 +19,4 @@ {{ if .Values.componentImages.snmptrap }} tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.snmptrap }} {{ end }} +external_port: {{ .Values.config.address.snmptrap.port }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index 078af0cb75..69e7cb76de 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml @@ -20,6 +20,7 @@ tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} {{ end }} external_port : {{ .Values.config.address.ves.port }} +external_tls_port : {{ .Values.config.address.ves.portSecure }} ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 347e4a9620..2da7875137 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -21,6 +21,7 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -37,6 +38,9 @@ config: host: consul-server port: 8500 cm: dcae-cloudify-manager + dashboard: + port: 30418 + portSecure: 30419 datafile_collector: port: 30223 portSecure: 30262 @@ -46,8 +50,11 @@ config: msb_iag: msb-iag policy_pdp: pdp sdc: sdc-be + snmptrap: + port: 30470 ves: port: 30235 + portSecure: 30417 # redisCaching is a string not a boolean! redisCaching: "false" @@ -58,6 +65,7 @@ postgres: name: dcae-postgres name2: dcae-pg-primary name3: dcae-pg-replica + suffix: svc.cluster.local container: name: primary: dcae-pg-primary @@ -81,12 +89,13 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.9 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.10-STAGING-latest +default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1 + dashboard: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0-SNAPSHOT-latest holmes_rules: onap/holmes/rule-management:1.2.3 holmes_engine: onap/holmes/engine-management:1.2.2 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 5b541fb19d..3995bc6cba 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.1 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.2-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml index 088d381d50..794b896eef 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml @@ -30,7 +30,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.name }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml index f6da1ef06c..31d6a8b2fb 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -20,6 +20,7 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -60,10 +61,11 @@ readiness: path: /healthcheck service: - type: ClusterIP + type: NodePort name: config-binding-service externalPort: 10000 internalPort: 10000 + nodePort: 15 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml index fbd3d9973e..6a00d36f2c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 913cb714d6..97cd7d2482 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4-STAGING-latest # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml index 604f4ea6fa..c14614278c 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker @@ -46,7 +46,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0 +image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index faa19c6f4d..f15b9a12d1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: false +UseAAF: true # csit: stubs out some southbound APIs for csit csit: No @@ -198,10 +198,9 @@ KeyStoreType: jks KeyStoreFile: etc/keystore # password for the https keystore -KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ - +KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # password for the private key in the https keystore -KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ +KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # type of truststore for https TrustStoreType: jks @@ -210,8 +209,9 @@ TrustStoreType: jks TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks # password for the https truststore -TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; +TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* # path to the file used to trigger an orderly shutdown QuiesceFile: etc/SHUTDOWN +inHttpsPort: 0 diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml index 02ad199e45..ee24cfb548 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml @@ -26,9 +26,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "0" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 2d791df6c6..a7fc3d88db 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -30,7 +30,7 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-bc:1.1.1 +image: onap/dmaap/dmaap-bc:1.1.2 # application configuration diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties new file mode 100644 index 0000000000..90c413738c --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 2046dbfbf0..f2896ccafa 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -108,4 +108,22 @@ QuiesceFile=etc/SHUTDOWN # The key used to generate passwords for node to node transfers # NodeAuthKey=Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF URL to connect to AAF server +AafUrl = https://aaf-onap-test.osaaf.org:8095 +# +# AAF CADI enabled flag +CadiEnabled = false diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml index cae0d71672..a3882bcb38 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-node-props-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/node.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml index 79c47a10d8..096b51c094 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-2" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "60" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 3e0e69ecc2..ec31f3f750 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -73,14 +73,17 @@ spec: name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/dedicatedFeed.json + name: {{ include "common.fullname" . }}-create-feed-config subPath: dedicatedFeed.json - name: create-feed - mountPath: /opt/app/datartr/etc/createFeed.sh + name: {{ include "common.fullname" . }}-create-feed-config subPath: createFeed.sh - name: create-feed - mountPath: /opt/app/datartr/etc/node.properties + name: {{ include "common.fullname" . }}-config subPath: node.properties - name: node-props + - mountPath: /opt/app/datartr/etc/drNodeCadi.properties + name: {{ include "common.fullname" . }}-config + subPath: drNodeCadi.properties lifecycle: postStart: exec: @@ -114,13 +117,23 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: create-feed + - name: {{ include "common.fullname" . }}-create-feed-config configMap: name: {{ include "common.fullname" . }}-create-feed-configmap defaultMode: 0755 - - name: node-props + items: + - key: createFeed.sh + path: createFeed.sh + - key: dedicatedFeed.json + path: dedicatedFeed.json + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-node-props-configmap + name: {{ include "common.fullname" . }}-configmap + items: + - key: node.properties + path: node.properties + - key: drNodeCadi.properties + path: drNodeCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties new file mode 100644 index 0000000000..6a875146bd --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5 +cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5 +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%] + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index bb24d99dea..2b78b8eb2c 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -47,3 +47,20 @@ org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe + +# AAF URL to connect to AAF server +org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095 + diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json index 411d7f41e1..994f9c9845 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json @@ -1,5 +1,5 @@ { - "feedName": "Default PM Feed", + "feedName": "bulk_pm_feed", "feedVersion": "m1.1", "feedDescription": "Default feed provisioned for PM File collector", "asprClassification" : "unclassified", @@ -11,6 +11,21 @@ "userpwd": "dradmin" } - ] -} - + ], + "subs": [ + { + "dcaeLocationName": "san-francisco", + "deliveryURL": "https://dcae-pm-mapper:8443/delivery", + "feedId": "1", + "owner": "dcae-pm-mapper", + "status": "VALID", + "subId": "1", + "suspended": false, + "use100": true, + "username": "pmmapper", + "userpwd": "pmmapper", + "decompressData": true, + "privilegedSubscriber": true + } + ] +} \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml index bd5886ba9c..fe93cb0dcd 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-prov-props-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/provserver.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 573e90c35a..afd34d92bc 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -69,10 +69,13 @@ spec: name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties + name: {{ include "common.fullname" . }}-config subPath: provserver.properties - name: prov-props - - name: {{ include "common.fullname" . }}-logs - mountPath: {{ .Values.global.loggingDirectory }} + - mountPath: /opt/app/datartr/etc/drProvCadi.properties + name: {{ include "common.fullname" . }}-config + subPath: drProvCadi.properties + - mountPath: {{ .Values.global.loggingDirectory }} + name: {{ include "common.fullname" . }}-logs resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -99,9 +102,14 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: prov-props + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-prov-props-configmap + name: {{ include "common.fullname" . }}-configmap + items: + - key: provserver.properties + path: provserver.properties + - key: drProvCadi.properties + path: drProvCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index ceb9a04ce2..8a2cf692b8 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-3" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml new file mode 100644 index 0000000000..0dabe55e10 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + clusterIP: None + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml index 88de96b2d5..8200eda6b1 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,24 +12,28 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} + name: {{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} + spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None + type: {{ $root.Values.service.type }} + externalTrafficPolicy: Local selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - + statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + ports: + - port: {{ $root.Values.service.externalPort }} + targetPort: {{ $root.Values.service.externalPort }} + nodePort: {{ $root.Values.service.baseNodePort | add $i }} + name: {{ $root.Values.service.name }}-{{ $i }} +{{ end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index f4583a16ea..5e964231de 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -34,7 +34,11 @@ spec: release: {{ .Release.Name }} spec: podAntiAffinity: + {{if eq .Values.podAntiAffinityType "hard" -}} + requiredDuringSchedulingIgnoredDuringExecution: + {{- else -}} preferredDuringSchedulingIgnoredDuringExecution: + {{- end}} - weight: 1 podAffinityTerm: labelSelector: @@ -66,14 +70,34 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + - command: + - sh + - -exec + - | + chown -R 1000:1000 /opt/kafka/data; + image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /opt/kafka/data + name: kafka-data + name: {{ include "common.name" . }}-permission-fixer containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ + export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + exec start-kafka.sh resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.externalPort }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -87,30 +111,31 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: HOST_NAME + - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 - fieldPath: metadata.name - - name: HOST_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + fieldPath: status.hostIP - name: KAFKA_ZOOKEEPER_CONNECT value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}" - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT" - - name: KAFKA_ADVERTISED_LISTENERS - value: "INTERNAL_PLAINTEXT://$(HOST_NAME).{{ .Values.service.name }}.$(HOST_NAMESPACE).svc.cluster.local:{{ .Values.service.internalPort}}" + value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT" - name: KAFKA_LISTENERS - value: "INTERNAL_PLAINTEXT://0.0.0.0:{{.Values.service.internalPort}}" + value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}" - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "INTERNAL_PLAINTEXT" + value: "INTERNAL_SASL_PLAINTEXT" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "PLAIN" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "PLAIN" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafkaCustomAuthorizer }}" + - name: KAFKA_DELETE_TOPIC_ENABLE + value: "{{ .Values.deleteTopicEnable }}" + - name: aaf_locate_url + value: "https://aaf-locate:8095" - name: KAFKA_LOG_DIRS - value: "kafka/logs" - - name: BROKER_ID_COMMAND - value: "hostname | awk -F '-' '{print $NF}'" + value: "/opt/kafka/data" - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR value: "{{ .Values.replicaCount }}" - name: KAFKA_DEFAULT_REPLICATION_FACTOR @@ -123,7 +148,7 @@ spec: readOnly: true - mountPath: /var/run/docker.sock name: docker-socket - - mountPath: /kafka + - mountPath: /opt/kafka/data name: kafka-data {{- if .Values.tolerations }} tolerations: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index e719cb1ad4..9f92610502 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -30,9 +30,12 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/kafka01101:0.0.1 +image: onap/dmaap/kafka111:0.0.6 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 +busyBoxImage: busybox:1.30 +busyBoxRepository: docker.io + zookeeper: name: message-router-zookeeper @@ -44,6 +47,13 @@ debugEnabled: false # default number of instances replicaCount: 3 +#Kafka custom authorizer class name +kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer +deleteTopicEnable: true + +# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count +podAntiAffinityType: soft + # defult partitions defaultpartitions: 3 @@ -55,6 +65,8 @@ affinity: {} tolerations: {} + + # probe configuration parameters liveness: initialDelaySeconds: 60 @@ -91,11 +103,14 @@ persistence: mountSubPath: message-router/data-kafka service: - type: ClusterIP + type: NodePort name: message-router-kafka portName: message-router-kafka internalPort: 9092 - externalPort: 9092 + externalPort: 9093 + baseNodePort: 30490 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml new file mode 100644 index 0000000000..1d0b7bea22 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Message Router Kafka Service +name: message-router-mirrormaker +version: 4.0.0 + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt new file mode 100644 index 0000000000..a44d0f76ee --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml new file mode 100644 index 0000000000..51c4149094 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ .Values.service.name }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-initcontainer + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.messagerouter.container }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + exec start-mirrormaker.sh + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/lprobe.txt" + - "rm /tmp/lprobe.txt" + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/rprobe.txt" + - "rm /tmp/rprobe.txt" + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: KAFKA_HEAP_OPTS + value: "{{ .Values.kafkaHeapOptions }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /var/run/docker.sock + name: docker-socket + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-socket + hostPath: + path: /var/run/docker.sock + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml new file mode 100644 index 0000000000..f630e9489b --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -0,0 +1,98 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + ubuntuInitRepository: registry.hub.docker.com + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dmaap/kafka111:0.0.6 +pullPolicy: Always +ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + +zookeeper: + name: message-router-zookeeper + port: 2181 + +messagerouter: + container: message-router + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 +kafkaHeapOptions: -Xmx4G -Xms2G + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 20 + + +service: + type: NodePort + name: message-router-mirrormaker + portName: message-router-mirrormaker + internalPort: 9092 + + + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: large +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl new file mode 100644 index 0000000000..9af910eb89 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- /* + Calculate the maximum number of zk server down in order to guarantee ZK quorum. + For guaranteeing ZK quorum we need half of the server + 1 up. + + div in go template cast return an int64 + so we need to know if it is an even number or an odd. + For this we are doing (n/2)*2=n? + if true it is even else it is even +*/ -}} +{{- define "zk.maxUnavailable" -}} +{{- $halfReplica := div .Values.replicaCount 2 -}} + {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}} + {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }} + {{- toYaml (sub $halfReplica 1) -}} + {{else}} + {{- toYaml $halfReplica -}} + {{end}} +{{- end -}} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml index 2d251e90b0..5a370cdc4a 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml @@ -25,4 +25,4 @@ spec: selector: matchLabels: app: {{ include "common.name" . }} - maxUnavailable: {{ div (sub .Values.replicaCount 1) 2 }} + maxUnavailable: {{ include "zk.maxUnavailable" . }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml index b2f9f13e67..6c15783c3d 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml @@ -58,18 +58,19 @@ spec: - /bin/bash - -c - > - if [ -d /tmp/topics/version-2 ]; then + if [ -d /tmp/zookeeper/topics/version-2 ]; then echo "nothing to do"; else - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/oom-projects/data-zookeeper/* to /tmp/topics"; - cp -var /tmp/gerrit/oom-topics/data-zookeeper/* /tmp/topics; + git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/zookeeper/gerrit; + echo "Clone complete. Copying from /tmp/zookeeper/gerrit/oom-projects/data-zookeeper/* to /tmp/zookeeper/topics"; + cp -var /tmp/zookeeper/gerrit/oom-topics/data-zookeeper/* /tmp/zookeeper/topics; + chown -R 1000:1000 /tmp/zookeeper/topics; echo "Done."; fi image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: /tmp/topics + - mountPath: /tmp/zookeeper/topics name: zookeeper-data containers: - name: {{ include "common.name" . }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index c0a7450d5e..22daf946bb 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/zookeeper:2.0.0 +image: onap/dmaap/zookeeper:4.0.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -130,4 +130,4 @@ resources: requests: cpu: 1000m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index d40d2a1468..8e446610d4 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -149,17 +149,18 @@ maxcontentlength=10000 #AAF Properties msgRtr.namespace.aaf=org.onap.dmaap.mr.topic msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -enforced.topic.name.AAF=org.onap +enforced.topic.name.AAF=org.onap.dmaap.mr forceAAF=false transidUEBtopicreqd=false defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent -msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic: + +msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin +msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user +msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent +msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent msgRtr.mirrormaker.consumergroup=mmagentserver msgRtr.mirrormaker.consumerid=1 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index a79bb8d40a..948577aaa7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -1,4 +1,4 @@ -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_locate_url=https://aaf-locate:8095 aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm @@ -17,4 +17,4 @@ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147 \ No newline at end of file +cadi_longitude=-122.26147 diff --git a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json new file mode 100644 index 0000000000..9e732d2af8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json @@ -0,0 +1,6 @@ +{ + "dcaeLocationName": "san-francisco", + "fqdn": "message-router", + "topicProtocol": "http", + "topicPort": "3904" +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json b/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json deleted file mode 100644 index 2612e0d64c..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "topicName": "MirrorMakerProvisioning", - "topicDescription": "the topic used to provision the MM agent whitelist", - "replicationCase": "REPLICATION_NONE", - "owner": "dmaap", - "txenabled": false, - "partitionCount": "1", - "clients": [ - { - "dcaeLocationName": "san-francisco", - "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", - "action": [ - "pub", - "view" - ] - - } - ] -} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json new file mode 100644 index 0000000000..d2910b8398 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json @@ -0,0 +1,14 @@ +{ + "topicName": "PM_MAPPER", + "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic", + "owner": "pm-mapper", + "txenabled": false, + "clients": [{ + "dcaeLocationName": "san-francisco", + "clientIdentity": "dcae@dcae.onap.org", + "action": [ + "pub", + "view" + ] + }] +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json new file mode 100644 index 0000000000..7ae77cd8a8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json @@ -0,0 +1,42 @@ +{ + "topicName": "mirrormakeragent", + "topicDescription": "the topic used to provision the MM agent whitelist", + "replicationCase": "REPLICATION_NONE", + "owner": "dmaap", + "txenabled": false, + "partitionCount": "1", + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "demo@people.osaaf.org", + "action": [ + "pub", + "sub", + "view" + ] + + } + + ] +} + diff --git a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml index 5637812437..6d246de87f 100644 --- a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-4" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: "Always" env: - name: DELAY - value: "60" + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index bdd134ac64..7bf88f5f8e 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -68,7 +68,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: enableCadi - value: "false" + value: "true" volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 5d01e55077..b141207a03 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.9 +image: onap/dmaap/dmaap-mr:1.1.12 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index cda78cf04f..3507bd87cd 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -24,7 +24,7 @@ dependencies: - name: dmaap-bc version: ~4.x-0 repository: 'file://components/dmaap-bc' - condition: dmaap-bus-controller.enabled + condition: dmaap-bc.enabled - name: dmaap-dr-node version: ~4.x-0 repository: 'file://components/dmaap-dr-node' diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 02f0ac5399..e7b39af1ad 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -22,7 +22,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - clientImage: onap/dmaap/dbc-client:1.0.3 + clientImage: onap/dmaap/dbc-client:1.0.5 # application configuration config: logstashServiceName: log-ls diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index ecc01fafa4..9f50620ab6 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -85,7 +85,7 @@ affinity: {} # probe configuration parameters liveness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 180 periodSeconds: 30 @@ -95,7 +95,7 @@ liveness: readiness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 185 periodSeconds: 30 diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 43794d286d..ad6aadacb7 100644 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -88,6 +88,10 @@ dependencies: version: ~4.x-0 repository: '@local' condition: nbi.enabled + - name: nfs-provisioner + version: ~4.x-0 + repository: '@local' + condition: nfs-provisioner.enabled - name: pnda version: ~4.x-0 repository: '@local' diff --git a/kubernetes/onap/templates/storageclass.yaml b/kubernetes/onap/templates/storageclass.yaml new file mode 100644 index 0000000000..5418da78b5 --- /dev/null +++ b/kubernetes/onap/templates/storageclass.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ if .Values.global.persistence.enableDefaultStorageclass }} +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: "{{ include "common.namespace" . }}-default-storageclass" + namespace: {{ include "common.namespace" . }} + annotations: + storageclass.kubernetes.io/is-default-class: "true" + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +provisioner: {{ .Values.global.persistence.storageclassProvisioner }} +reclaimPolicy: {{ .Values.global.persistence.volumeReclaimPolicy }} +parameters: +{{ toYaml .Values.global.persistence.parameters | indent 2 }} +{{ end }} diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 6b283dbc94..b62606ebde 100644 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -46,6 +46,10 @@ global: # by persistent volumes and log files persistence: mountPath: /dockerdata-nfs + enableDefaultStorageclass: false + parameters: {} + storageclassProvisioner: kubernetes.io/no-provisioner + volumeReclaimPolicy: Retain # override default resource limit flavor for all charts flavor: unlimited @@ -107,6 +111,8 @@ nbi: # openstack configuration openStackRegion: "Yolo" openStackVNFTenantId: "1234" +nfs-provisioner: + enabled: true policy: enabled: false pomba: diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml new file mode 100644 index 0000000000..78fedfdef2 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Optimizer +name: oof-cmso-optimizer +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties new file mode 100644 index 0000000000..32d77bb663 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties @@ -0,0 +1,43 @@ +### +# Copyright (c) 2019 AT&T Intellectual Property. +# Modifications Copyright (c) 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +### +spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + + +changeLogFile=optimizer-liquibase-changeLog.xml diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties new file mode 100644 index 0000000000..83ed89a844 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties @@ -0,0 +1,54 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} +cmso.database.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + +spring.jpa.show-sql=false +spring.jpa.hibernate.ddl-auto=none +spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy +spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect +spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl +spring.jpa.hibernate.id.new_generator_mappings=false +hibernate.id.new_generator_mappings=false + +logging.level.org.hibernate.SQL=WARN +logging.level.org.hibernate=WARN +#------------------------------------------------------------------------------- + + +cmso.topology.create.request.url=http://${TOPOLOGY_HOST}:${TOPOLOGY_PORT}/topology/v1/current +cmso.ticket.create.request.url=http://${TICKETMGT_HOST}:${TICKETMGT_PORT}/ticketmgt/v1/activetickets +cmso.local.policy.folder=data/policies + +cmso.minizinc.command.exe=/mz-dist/bin/minizinc +cmso.minizinc.command.solver=OSICBC +cmso.minizinc.command.timelimit=60000 +cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn + +mechid.user=oof@oof.onap.org +mechid.pass=changeit diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml new file mode 100644 index 0000000000..4e418bf756 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml @@ -0,0 +1,146 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: db-init + image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + terminationMessagePolicy: File + volumeMounts: + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: TOPOLOGY_HOST + value: {{ .Values.config.topology_host }}.{{.Release.Namespace}} + - name: TOPOLOGY_PORT + value: {{ .Values.config.topology_port | quote}} + - name: TICKETMGT_HOST + value: {{ .Values.config.ticketmgt_host }}.{{.Release.Namespace}} + - name: TICKETMGT_PORT + value: {{ .Values.config.ticketmgt_port | quote}} + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: optimizer.properties + path: optimizer.properties + - key: liquibase.properties + path: liquibase.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml new file mode 100644 index 0000000000..be32774bc1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml @@ -0,0 +1,115 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-optimizer:latest +pullPolicy: Always + +#init container image +dbinit: + image: onap/optf-cmso-dbinit:latest + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-optimizer + portName: cmso + internalPort: 7997 + externalPort: 7997 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + db_root: root + db_user: cmso-admin + mysqlDatabase: optimizer + db_host: oof-cmso-dbhost + db_port: 3306 + topology_host: oof-cmso-topology + topology_port: 7998 + ticketmgt_host: oof-cmso-ticketmgt + ticketmgt_port: 7999 + +mariadb: + nameOverride: cmso-db + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties index cf1d35e105..ce94f573f6 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -1,7 +1,7 @@ #------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. +# Copyright (c) 2017-2018 AT&T Intellectual Property. +# Modifications Copyright (c) 2018 IBM. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ # # # Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at # @@ -29,9 +29,8 @@ # See the License for the specific language governing permissions and # limitations under the License. #------------------------------------------------------------------------------- -### -### MySQL DB. +#------------------------------------------------------------------------------- spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} spring.datasource.driver-class-name=org.mariadb.jdbc.Driver spring.datasource.username=${DB_USERNAME} @@ -44,7 +43,7 @@ spring.datasource.tomcat.initialSize=5 spring.datasource.tomcat.max-active=25 spring.datasource.tomcat.test-on-borrow=true -spring.jpa.show-sql=true +spring.jpa.show-sql=false spring.jpa.hibernate.ddl-auto=none spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect @@ -52,9 +51,9 @@ spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.Ph spring.jpa.hibernate.id.new_generator_mappings=false hibernate.id.new_generator_mappings=false -logging.level.org.hibernate.SQL=TRACE - -logging.level.org.hibernate=TRACE +logging.level.org.hibernate.SQL=WARN +logging.level.org.hibernate=WARN +#------------------------------------------------------------------------------- # cmso.aaf.enabled=false @@ -95,10 +94,10 @@ so.polling.interval.ms=10000 ## loopback settings so.url=http://localhost:8080/cmso/v1/loopbacktest/onap/so/infra/orchestrationRequests/v7 -so.user=cmso@onap.org -so.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== +so.user=oof@oof.onap.org +so.pass=changeit -mechid.user=cmso@onap.org -mechid.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== +mechid.user=oof@oof.onap.org +mechid.pass=changeit cmso.dispatch.url=http://localhost:8089 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties index b222d7bf59..498a1e5870 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties @@ -1,6 +1,6 @@ #------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. +# Copyright (c) 2017-2018 AT&T Intellectual Property. +# Modifications Copyright ? 2018 IBM. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ # # # Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at # @@ -29,6 +29,6 @@ # limitations under the License. #------------------------------------------------------------------------------- -cmso.optimizer.url=http://localhost:8080/cmso/v1/loopbacktest/optimizer -cmso.optimizer.callbackurl=http://localhost:8080/cmso/v1/optimizerCallback - +cmso.optimizer.request.url=$http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule +cmso.optimizer.status.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule +cmso.optimizer.health.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/health?checkInterfaces=true \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml index dd080be98e..350708f078 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright (c) 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -86,6 +86,10 @@ spec: secretKeyRef: name: {{ .Release.Name}}-cmso-db key: user-password + - name: OPTIMIZER_HOST + value: {{ .Values.config.optimizer_host }}.{{.Release.Namespace}} + - name: OPTIMIZER_PORT + value: {{ .Values.config.optimizer_port | quote}} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -128,6 +132,8 @@ spec: path: logback.xml - key: cmso.properties path: cmso.properties + - key: cadi.properties + path: cadi.properties - key: optimizer.properties path: optimizer.properties - key: ticketmgt.properties diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index 98c6b4a050..6df3049b1b 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,12 +25,12 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-service:1.0.1 +image: onap/optf-cmso-service:latest pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:1.0.1 + image: onap/optf-cmso-dbinit:latest # flag to enable debugging - application support required debugEnabled: false @@ -75,6 +75,8 @@ config: mysqlDatabase: cmso db_host: oof-cmso-dbhost db_port: 3306 + optimizer_host: oof-cmso-optimizer + optimizer_port: 7997 mariadb: nameOverride: cmso-db diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml new file mode 100644 index 0000000000..e99b3bea31 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Ticket Management +name: oof-cmso-ticketmgt +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties new file mode 100644 index 0000000000..5ca252f9bc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties @@ -0,0 +1,30 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2019 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml new file mode 100644 index 0000000000..e01034e8d2 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: ticketmgt.properties + path: ticketmgt.properties + - key: cadi.properties + path: cadi.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml new file mode 100644 index 0000000000..f19b8e2b1b --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -0,0 +1,101 @@ +# Copyright (c) 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-ticketmgt:latest +pullPolicy: Always + + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-ticketmgt + portName: cmso-ticketmgt + internalPort: 7999 + externalPort: 7999 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml new file mode 100644 index 0000000000..258d9ee317 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Service +name: oof-cmso-topology +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties new file mode 100644 index 0000000000..5ca252f9bc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties @@ -0,0 +1,30 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2019 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml new file mode 100644 index 0000000000..02f398301f --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: topology.properties + path: topology.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml new file mode 100644 index 0000000000..0d50827dcb --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-topology:latest +pullPolicy: Always + + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-topology + portName: cmso-topology + internalPort: 7998 + externalPort: 7998 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml index e22b8d26e7..d01c1548c2 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml @@ -38,7 +38,6 @@ pnda: osUser: centos nameserver: 8.8.8.8 ntp: pool.ntp.org - mirrorNodePort: 88 apps: fsType: local networkCidr: 10.0.0.0/16 diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml index f6e13eb482..97c6974fe8 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/pomba-aai-context-builder:1.4.0-SNAPSHOT-latest +image: onap/pomba-aai-context-builder:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index 40d40b3611..014323fe70 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -25,7 +25,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/pomba-context-aggregator:1.4.0-SNAPSHOT-latest +image: onap/pomba-context-aggregator:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml index 6afe768b14..c7064427ef 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/pomba-network-discovery-context-builder:1.4.0-SNAPSHOT-latest +image: onap/pomba-network-discovery-context-builder:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml index bddc349736..eb1b646bbc 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/pomba-sdc-context-builder:1.4.0-SNAPSHOT-latest +image: onap/pomba-sdc-context-builder:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml index 7947b18ad2..140aa33531 100644 --- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/pomba-sdnc-context-builder:1.4.0-SNAPSHOT-latest +image: onap/pomba-sdnc-context-builder:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks deleted file mode 100644 index 4b7e115d8c..0000000000 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks and /dev/null differ diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 index df2f4f6cd3..c53a7ae9b3 100644 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 differ diff --git a/kubernetes/readiness/docker/init/ready.py b/kubernetes/readiness/docker/init/ready.py index f4a5e5da8f..87c09a444c 100644 --- a/kubernetes/readiness/docker/init/ready.py +++ b/kubernetes/readiness/docker/init/ready.py @@ -30,6 +30,62 @@ configuration.ssl_ca_cert = cert configuration.api_key['authorization'] = token configuration.api_key_prefix['authorization'] = 'Bearer' coreV1Api = client.CoreV1Api(client.ApiClient(configuration)) +api_instance=client.ExtensionsV1beta1Api(client.ApiClient(configuration)) +api = client.AppsV1beta1Api(client.ApiClient(configuration)) +batchV1Api = client.BatchV1Api(client.ApiClient(configuration)) + +def is_job_complete(job_name): + complete = False + log.info("Checking if " + job_name + " is complete") + response = "" + try: + response = batchV1Api.read_namespaced_job_status(job_name, namespace) + if response.status.succeeded == 1: + job_status_type = response.status.conditions[0].type + if job_status_type == "Complete": + complete = True + log.info(job_name + " is complete") + else: + log.info(job_name + " is not complete") + else: + log.info(job_name + " has not succeeded yet") + return complete + except Exception as e: + log.error("Exception when calling read_namespaced_job_status: %s\n" % e) + +def wait_for_statefulset_complete(statefulset_name): + try: + response = api.read_namespaced_stateful_set(statefulset_name, namespace) + s = response.status + if ( s.updated_replicas == response.spec.replicas and + s.replicas == response.spec.replicas and + s.ready_replicas == response.spec.replicas and + s.current_replicas == response.spec.replicas and + s.observed_generation == response.metadata.generation): + log.info("Statefulset " + statefulset_name + " is ready") + return True + else: + log.info("Statefulset " + statefulset_name + " is not ready") + return False + except Exception as e: + log.error("Exception when waiting for Statefulset status: %s\n" % e) + +def wait_for_deployment_complete(deployment_name): + try: + response = api.read_namespaced_deployment(deployment_name, namespace) + s = response.status + if ( s.unavailable_replicas == None and + s.updated_replicas == response.spec.replicas and + s.replicas == response.spec.replicas and + s.ready_replicas == response.spec.replicas and + s.observed_generation == response.metadata.generation): + log.info("Deployment " + deployment_name + " is ready") + return True + else: + log.info("Deployment " + deployment_name + " is not ready") + return False + except Exception as e: + log.error("Exception when waiting for deployment status: %s\n" % e) def is_ready(container_name): ready = False @@ -41,28 +97,23 @@ def is_ready(container_name): if i.status.container_statuses is None: continue for s in i.status.container_statuses: - if i.metadata.owner_references[0].kind == "StatefulSet": - if i.metadata.name == container_name: - ready = s.ready - if not ready: - log.info(container_name + " is not ready.") - else: - log.info(container_name + " is ready!") - else: - continue - elif s.name == container_name: - ready = s.ready - if not ready: - log.info(container_name + " is not ready.") - else: - log.info(container_name + " is ready!") + if s.name == container_name: + if i.metadata.owner_references[0].kind == "StatefulSet": + ready = wait_for_statefulset_complete(i.metadata.owner_references[0].name) + elif i.metadata.owner_references[0].kind == "ReplicaSet": + api_response = api_instance.read_namespaced_replica_set_status(i.metadata.owner_references[0].name, namespace) + ready = wait_for_deployment_complete(api_response.metadata.owner_references[0].name) + elif i.metadata.owner_references[0].kind == "Job": + ready = is_job_complete(i.metadata.owner_references[0].name) + + return ready + else: continue return ready except Exception as e: log.error("Exception when calling list_namespaced_pod: %s\n" % e) - DEF_TIMEOUT = 10 DESCRIPTION = "Kubernetes container readiness check utility" USAGE = "Usage: ready.py [-t ] -c [-c ...]\n" \ @@ -105,7 +156,6 @@ def main(argv): else: time.sleep(5) - if __name__ == "__main__": main(sys.argv[1:]) diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index bb5df2bf90..be9db4cd52 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -80,6 +80,7 @@ }, "cassandra": { + "cassandra_port": 9042, "concurrent_reads": "32", "num_tokens": "256", "data_dir": "/var/lib/cassandra/data", diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index 6718aaf128..2513fc9dd4 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -20,17 +20,52 @@ # ============LICENSE_END========================================================= ### +# Append features to karaf boot feature configuration +# $1 additional feature to be added +# $2 repositories to be added (optional) +function addToFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + if [ -n "$2" ] ; then + echo "Add repository: $2" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresRepositories|s|$|,$2|" > $CFG + fi + echo "Add boot feature: $1" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresBoot *=|s|$|,$1|" > $CFG +} + +# Append features to karaf boot feature configuration +# $1 search pattern +# $2 replacement +function replaceFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + echo "Replace boot feature $1 with: $2" + sed -i "/featuresBoot/ s/$1/$2/g" $CFG +} + +function install_sdnrwt_features() { + addToFeatureBoot "$SDNRWT_BOOTFEATURES" $SDNRWT_REPOSITORY +} + function enable_odl_cluster(){ if [ -z $SDNC_REPLICAS ]; then echo "SDNC_REPLICAS is not configured in Env field" exit fi + #Be sure to remove feature odl-netconf-connector-all from list + replaceFeatureBoot "odl-netconf-connector-all," + echo "Installing Opendaylight cluster features" - mv $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig - cat $ODL_HOME/etc/org.apache.karaf.features.cfg.orig | sed -e "\|featuresBoot=config|s|$|,odl-mdsal-clustering,odl-jolokia|" > $ODL_HOME/etc/org.apache.karaf.features.cfg + replaceFeatureBoot odl-netconf-topology odl-netconf-clustered-topology + replaceFeatureBoot odl-mdsal-all odl-mdsal-all,odl-mdsal-clustering + addToFeatureBoot odl-jolokia #${ODL_HOME}/bin/client feature:install odl-mdsal-clustering #${ODL_HOME}/bin/client feature:install odl-jolokia + echo "Update cluster information statically" hm=$(hostname) @@ -88,6 +123,13 @@ MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.V ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} +SDNRWT=${SDNRWT:-false} +SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} + +echo "Settings:" +echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" +echo " SDNC_REPLICAS=$SDNC_REPLICAS" +echo " SDNRWT=$SDNRWT" # # Wait for database to init properly @@ -129,6 +171,8 @@ then if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi + if $SDNRWT ; then install_sdnrwt_features ; fi + echo "Installed at `date`" > ${SDNC_HOME}/.installed fi diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 0078711ff1..4b06a87695 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -89,6 +89,8 @@ ecomp: mso: auth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E logPath: ./logs/openstack + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 workflow: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine msoKey: 07a7159d3bf51a0e53be7a8f89699be7 diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 44efb4de48..b5b4f355b7 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -49,6 +49,8 @@ mso: aai: endpoint: https://aai.{{ include "common.namespace" . }}:8443 auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F + extApi: + endpoint: http://nbi.onap:8080/nbi/api/v3 so: operational-environment: dmaap: