From: Morgan Richomme Date: Thu, 30 Jan 2020 14:50:18 +0000 (+0000) Subject: Merge "Revert "basic auth for so-monitoring"" X-Git-Tag: 6.0.0~436 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=b97b5b43213a4e211719482fd306a485f794fd66;hp=d97011d7e1e6f3d436ef41c418db180143875e4a;p=oom.git Merge "Revert "basic auth for so-monitoring"" --- diff --git a/.gitignore b/.gitignore index 96e76c17fc..fcf3cdd96f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# Unit tests +__snapshot__ + # Application kubernetes/config/onap-parameters.yaml kubernetes/dist/* @@ -22,4 +25,3 @@ requirements.lock # Mac OS *DS_Store* - diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index 2399dc3c7e..2607805015 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -29,25 +29,25 @@ where can be an offical release tag, such as > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override -file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the -OpenStack tenant information. +**Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override +file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment +with items like the OpenStack tenant information. .. note:: - Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in - the oom/kubernetes/onap/resources/overrides/ directory. + Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in + the `oom/kubernetes/onap/resources/overrides/` directory. a. You may want to selectively enable or disable ONAP components by changing - the `enabled: true/false` flags. + the ``enabled: true/false`` flags. - b. Encyrpt the OpenStack password using the shell tool for robot and put it in - the robot helm charts or robot section of openstack.yaml + b. Encrypt the OpenStack password using the shell tool for robot and put it in + the robot helm charts or robot section of `openstack.yaml` c. Encrypt the OpenStack password using the java based script for SO helm charts - or SO section of openstack.yaml. + or SO section of `openstack.yaml`. d. Update the OpenStack parameters that will be used by robot, SO and APPC helm @@ -60,7 +60,7 @@ a. Enabling/Disabling Components: Here is an example of the nominal entries that need to be provided. We have different values file available for different contexts. -.. literalinclude:: onap-values.yaml +.. literalinclude:: ../kubernetes/onap/values.yaml :language: yaml @@ -69,11 +69,10 @@ The ROBOT encrypted Password uses the same encryption.key as SO but an openssl algorithm that works with the python based Robot Framework. .. note:: - To generate ROBOT openStackEncryptedPasswordHere : + To generate ROBOT ``openStackEncryptedPasswordHere``:: - ``cd so/resources/config/mso/`` - - ``/oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` + cd so/resources/config/mso/ + /oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` c. Generating SO Encrypted Password: The SO Encrypted Password uses a java based encryption utility since the @@ -81,23 +80,21 @@ Java encryption library is not easy to integrate with openssl/python that ROBOT uses in Dublin. .. note:: - To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword: - - SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` - - OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX - - git clone http://gerrit.onap.org/r/integration + To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword`` + ensure `default-jdk` is installed:: - cd integration/deployment/heat/onap-rke/scripts + apt-get update; apt-get install default-jdk + Then execute:: - javac Crypto.java + SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` + OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX - [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ] - - java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" + git clone http://gerrit.onap.org/r/integration + cd integration/deployment/heat/onap-rke/scripts + javac Crypto.java + java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" d. Update the OpenStack parameters: @@ -106,35 +103,34 @@ available in the environment. To get the most value out of these templates and t automation that can help confirm the setup is correct, please observe the following constraints. -openStackPublicNetId: - -This network should allow heat templates to add interfaces. -This need not be an external network, floating IPs can be assigned to the ports on -the VMs that are created by the heat template but its important that neutron allow -ports to be created on them. - -openStackPrivateNetCidr: "10.0.0.0/16" +``openStackPublicNetId:`` + This network should allow heat templates to add interfaces. + This need not be an external network, floating IPs can be assigned to the ports on + the VMs that are created by the heat template but its important that neutron allow + ports to be created on them. -This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. -The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the -demonstration ip addressing plan embodied in the preload template prevent conflicts when -instantiating the various VNFs. If you need to change this, you will need to modify the preload -data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data -in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect -to create. +``openStackPrivateNetCidr: "10.0.0.0/16"`` + This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. + The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the + demonstration ip addressing plan embodied in the preload template prevent conflicts when + instantiating the various VNFs. If you need to change this, you will need to modify the preload + data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data + in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect + to create. -openStackOamNetworkCidrPrefix: "10.0" - -This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the -robot scripts for demonstration. A production deployment need not worry about this -setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. +``openStackOamNetworkCidrPrefix: "10.0"`` + This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the + robot scripts for demonstration. A production deployment need not worry about this + setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. Example Keystone v2.0 + .. literalinclude:: example-integration-override.yaml :language: yaml Example Keystone v3 (required for Rocky and later releases) + .. literalinclude:: example-integration-override-v3.yaml :language: yaml @@ -166,13 +162,13 @@ follows:: .. literalinclude:: helm-search.txt .. note:: - The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository. + The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository. **Step 8.** Once the repo is setup, installation of ONAP can be done with a single command .. note:: - The --timeout 900 is currently required in Dublin to address long running initialization tasks + The ``--timeout 900`` is currently required in Dublin to address long running initialization tasks for DMaaP and SO. Without this timeout value both applications may fail to deploy. To deploy all ONAP applications use this command:: @@ -182,18 +178,15 @@ To deploy all ONAP applications use this command:: All override files may be customized (or replaced by other overrides) as per needs. -onap-all.yaml - +`onap-all.yaml` Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file. -environment.yaml - +`environment.yaml` Includes configuration values specific to the deployment environment. Example: adapt readiness and liveness timers to the level of performance of your infrastructure -openstack.yaml - +`openstack.yaml` Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests. **Step 9.** Verify ONAP installation @@ -205,12 +198,12 @@ Use the following to monitor your deployment and determine when ONAP is ready fo .. note:: While all pods may be in a Running state, it is not a guarantee that all components are running fine. - Launch the healthcheck tests using Robot to verify that the components are healthy. + Launch the healthcheck tests using Robot to verify that the components are healthy:: - > ~/oom/kubernetes/robot/ete-k8s.sh onap health + > ~/oom/kubernetes/robot/ete-k8s.sh onap health -**Step 10.** Undeploy ONAP +**Step 10.** Undeploy ONAP:: -> helm undeploy dev --purge + > helm undeploy dev --purge More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index f19924dd17..48701f7c31 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -250,7 +250,7 @@ precedence of all. The top level onap/values.yaml file contains the values required to be set before deploying ONAP. Here is the contents of this file: -.. include:: onap_values.yaml +.. include:: ../kubernetes/onap/values.yaml :code: yaml One may wish to create a value file that is specific to a given deployment such diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 01e3524666..fd90a37428 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -10,6 +10,59 @@ ONAP Operations Manager Release Notes ===================================== +Version 5.0.1 (El Alto Release) +---------------------------------- + +:Release Date: 2019-10-10 + +Summary +------- + +The focus of this release was on maintanence and as such no new features were delivered. +A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726 + +**New Features** + +**Bug Fixes** + +* 25 defects addressed (see link above) + +**Known Issues** + +The following known issues will be addressed in a future release: + +* [`OOM-1480 `_] - postgres chart does not set root password when installing on an existing database instances +* [`OOM-1966 `_] - ONAP on HA Kubernetes Cluster - Documentation update +* [`OOM-1995 `_] - Mariadb Galera cluster pods keep failing +* [`OOM-2061 `_] - Details Missing for installing the kubectl section +* [`OOM-2075 `_] - Invalid MTU for Canal CNI interfaces +* [`OOM-2080 `_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes? +* [`OOM-2091 `_] - incorrect release deployed +* [`OOM-2132 `_] - Common Galera server.cnf does not contain Camunda required settings + +**Security Notes** + +*Fixed Security Issues* + +*Known Security Issues* + +* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] +* Hard coded password used for all oom deployments [`OJSI-188 `_] +* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] + +*Known Vulnerabilities in Used Modules* + +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. + +Quick Links: + + - `OOM project page `_ + + - `Passing Badge information for OOM `_ + + + Version 5.0.0 (El Alto Early Drop) ---------------------------------- diff --git a/docs/slave_nfs_node.sh b/docs/slave_nfs_node.sh index 5cb164ccac..fb2e230b7a 100644 --- a/docs/slave_nfs_node.sh +++ b/docs/slave_nfs_node.sh @@ -22,4 +22,4 @@ sudo mkdir -p /dockerdata-nfs #Mount the remote NFS directory to the local one sudo mount $MASTER_IP:/dockerdata-nfs /dockerdata-nfs/ -echo "$MASTER_IP:/dockerdata-nfs /dockerdata-nfs nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab +echo "$MASTER_IP:/dockerdata-nfs /dockerdata-nfs nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab diff --git a/kubernetes/Makefile b/kubernetes/Makefile index fa63bd8942..3f41c3cc4b 100644 --- a/kubernetes/Makefile +++ b/kubernetes/Makefile @@ -20,12 +20,13 @@ OUTPUT_DIR := $(ROOT_DIR)/dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets -EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae +SUBMODS := robot aai +EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae $(SUBMODS) HELM_CHARTS := $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) $(PARENT_CHART) -.PHONY: $(EXCLUDES) $(HELM_CHARTS) +.PHONY: $(EXCLUDES) $(HELM_CHARTS) $(SUBMODS) -all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS) plugins +all: $(COMMON_CHARTS_DIR) $(SUBMODS) $(HELM_CHARTS) plugins $(COMMON_CHARTS): @echo "\n[$@]" @@ -35,6 +36,18 @@ $(HELM_CHARTS): @echo "\n[$@]" @make package-$@ +$(SUBMODS): + @echo "\n[$@]" + @make submod-$@ + @make package-$@ + +submod-%: + @make $*/requirements.yaml + +%/requirements.yaml: + $(error Submodule $* needs to be retrieved from gerrit. See https://wiki.onap.org/display/DW/OOM+-+Development+workflow+after+code+transfer+to+tech+teams ); fi + + make-%: @if [ -f $*/Makefile ]; then make -C $*; fi diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml index 5bbb1d731f..d541f1e5c5 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml @@ -106,11 +106,11 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-cass-vol {{- if .Values.persistence.enabled }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-pvc + claimName: {{ include "common.fullname" . }}-data {{- else }} emptyDir: {} {{- end }} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml index 8249d84698..ac49d283ff 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml @@ -14,11 +14,12 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-pv + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -34,11 +35,6 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: "{{ include "common.fullname" . }}-data" +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml index 4f9dac07b7..39fd993c04 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" .}}-pvc + name: {{ include "common.fullname" .}}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -30,19 +30,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/charts/aaf-cass/values.yaml index ee05a19575..ea8da6e543 100644 --- a/kubernetes/aaf/charts/aaf-cass/values.yaml +++ b/kubernetes/aaf/charts/aaf-cass/values.yaml @@ -61,23 +61,22 @@ ingress: enabled: false # Configure resource requests and limits -resources: {} - # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow -# small: -# limits: -# cpu: "1000m" -# memory: 4096Mi -# requests: -# cpu: 20m -# memory: 2048Mi -# large: -# limits: -# cpu: 400m -# memory: 12000Mi -# requests: -# cpu: 40m -# memory: 9000Mi -# unlimited: {} +resources: + small: + limits: + cpu: 2100m + memory: 1792Mi + requests: + cpu: 30m + memory: 1280Mi + large: + limits: + cpu: 4 + memory: 12000Mi + requests: + cpu: 40m + memory: 9000Mi + unlimited: {} persistence: enabled: true @@ -87,4 +86,3 @@ persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 20Gi - storageClass: "manual" diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index 19d762557a..cb5ec35fc2 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index 6ace7d1143..2bd05d81ed 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -52,22 +52,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafcm" + name: "aaf-cm" + port: 8150 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -# small: -# limits: -# cpu: 200m -# memory: 800Mi -# requests: -# cpu: 20m -# memory: 500Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 40m -# memory: 600Mi -# unlimited: {} +resources: + small: + limits: + cpu: 20m + memory: 300Mi + requests: + cpu: 1m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 600Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index cd72fddb58..53d6ed0f41 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index 48ad7c10df..d1a35a744c 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -54,22 +54,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aaffs" + name: "aaf-fs" + port: 8096 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -# small: -# limits: -# cpu: 200m -# memory: 800Mi -# requests: -# cpu: 10m -# memory: 300Mi -# large: -# limits: -# cpu: 500m -# memory: 700Mi -# requests: -# cpu: 100m -# memory: 400Mi -# unlimited: {} +resources: + small: + limits: + cpu: 200m + memory: 110Mi + requests: + cpu: 1m + memory: 80Mi + large: + limits: + cpu: 500m + memory: 700Mi + requests: + cpu: 100m + memory: 400Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index 4a433cccfd..6fa750be1e 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 3068f14ec9..1f7abd4b9d 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -56,23 +56,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafgui" + name: "aaf-gui" + port: 8200 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 100m -# memory: 500Mi -# requests: -# cpu: 10m -# memory: 200Mi -# large: -# limits: -# cpu: 200m -# memory: 1Gi -# requests: -# cpu: 100m -# memory: 500Mi -# unlimited: {} +resources: + small: + limits: + cpu: 20m + memory: 280Mi + requests: + cpu: 1m + memory: 170Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml index 066bf38f2f..af82689ef2 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml @@ -1,4 +1,6 @@ +{{- if ne 0 (int .Values.global.aaf.hello.replicas) }} {{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} ######### ## ============LICENSE_START==================================================== ## org.onap.aaf @@ -37,12 +39,8 @@ spec: - {{ .Values.persistence.config.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} hostPath: - path: {{ .Values.persistence.config.mountPath }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + storageClassName: "{{ include "common.fullname" . }}-data" +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml index 7c45b8bd7f..68828767e3 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml @@ -1,3 +1,4 @@ +{{- if ne 0 (int .Values.global.aaf.hello.replicas) }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} ######### ## ============LICENSE_START==================================================== @@ -33,20 +34,11 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-hello accessModes: - {{ .Values.persistence.config.accessMode }} resources: requests: storage: {{ .Values.persistence.config.size }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} {{- end -}} - diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index c5fcf68a58..2135f1ef31 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -34,8 +34,12 @@ spec: hostPath: path: /etc/localtime - name: aaf-hello-vol + {{- if and .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ .Release.Name }}-aaf-hello-pvc + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: diff --git a/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index ea6665c61a..36bed9d7f1 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -44,14 +44,13 @@ service: persistence: enabled: true - config: #existingClaim: # You will want "Reatan" in non-Hello Example. - volumeReclaimPolicy: Delete - accessMode: ReadWriteMany - size: 40M - storageClass: "manual" - mountPath: "/mnt/data/aaf/hello" + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 40M + mountPath: /dockerdata-nfs + mountSubPath: aaf/hello nodeSelector: {} @@ -71,23 +70,27 @@ readiness: ingress: enabled: false + service: + - baseaddr: "aafhello" + name: "aaf-hello" + port: 8130 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 500Mi -# requests: -# cpu: 10m -# memory: 200Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 20m -# memory: 500Mi -# unlimited: {} +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 20m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index 69d16121c9..e1a9c0494a 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index c13f83497f..ce59d2dec9 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -52,23 +52,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aaflocate" + name: "aaf-locate" + port: 8095 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 600Mi -# requests: -# cpu: 20m -# memory: 300Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 40m -# memory: 500Mi -# unlimited: {} +resources: + small: + limits: + cpu: 40m + memory: 320Mi + requests: + cpu: 1m + memory: 210Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index b371c86541..dfa7dc0608 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index 3c29a62977..ef00a464f4 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -51,23 +51,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafoauth" + name: "aaf-oauth" + port: 8140 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 400Mi -# requests: -# cpu: 20m -# memory: 200Mi -# large: -# limits: -# cpu: 400m -# memory: 600Mi -# requests: -# cpu: 40m -# memory: 200Mi -# unlimited: {} +resources: + small: + limits: + cpu: 40m + memory: 320Mi + requests: + cpu: 1m + memory: 210Mi + large: + limits: + cpu: 400m + memory: 600Mi + requests: + cpu: 40m + memory: 200Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index 1c09718262..ec35115420 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -121,9 +121,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 8794afe0ce..190b284681 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -52,23 +52,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafservice" + name: "aaf-service" + port: 8100 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 800Mi -# requests: -# cpu: 20m -# memory: 300Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 40m -# memory: 300Mi -# unlimited: {} +resources: + small: + limits: + cpu: 250m + memory: 360Mi + requests: + cpu: 10m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 300Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml index da0949816e..8c48bbaf46 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml @@ -13,25 +13,33 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + app: {{ include "common.name" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ $global.Values.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 16f8092d00..a5573c8091 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -31,6 +31,8 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} @@ -44,8 +46,10 @@ spec: - mountPath: /quorumclient/config.json name: {{ include "common.name" .}} subPath: config.json +{{- if .Values.persistence.enabled }} - mountPath: /quorumclient/auth - name: {{ include "common.fullname" . }}-auth + name: {{ include "common.fullname" . }}-data +{{- end }} resources: {{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} @@ -67,8 +71,20 @@ spec: - key: config.json path: config.json mode: 0755 - - name: {{ include "common.fullname" . }}-auth - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 4dc13a5660..142fbb51aa 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -60,10 +60,10 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 40m + memory: 40Mi requests: - cpu: 10m + cpu: 1m memory: 10Mi large: limits: diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml index da0949816e..8c48bbaf46 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml @@ -13,25 +13,33 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + app: {{ include "common.name" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ $global.Values.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml index ab0ad17b85..f4151b50a2 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -55,8 +55,10 @@ spec: - name: http containerPort: 8500 volumeMounts: +{{- if .Values.persistence.enabled }} - mountPath: /consul/data - name: {{ include "common.fullname" . }}-consuldata + name: {{ include "common.fullname" . }}-data +{{- end }} - mountPath: /consul/config/config.json name: {{ include "common.fullname" . }}-consulconfiguration subPath: config.json @@ -66,9 +68,6 @@ spec: resources: {{ include "common.resources" . | indent 10 }} volumes: - - name: {{ include "common.fullname" . }}-consuldata - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - name: {{ include "common.fullname" . }}-consulconfiguration configMap: name: {{ include "common.fullname" . }}-consul @@ -79,4 +78,21 @@ spec: hostPath: path: /etc/localtime imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 360bf4204e..192d33d029 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -96,11 +96,11 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 40m + memory: 40Mi requests: cpu: 10m - memory: 10Mi + memory: 25Mi large: limits: cpu: 400m diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml index ca35fdc55a..a461b2e1b5 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml @@ -98,7 +98,11 @@ spec: configMap: name: {{ include "common.fullname" . }} - name: {{ include "common.fullname" . }}-auth + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml index 37ed28ee9d..ec88aae707 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,6 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml index e6aacd1b96..7d1c6fd162 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml @@ -30,19 +30,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index de005ed366..2de7466209 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -88,8 +88,8 @@ ingress: resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 100m + memory: 15Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml index 1fcc155827..2a733632bf 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -45,8 +45,8 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml index fa5fd16c7f..a07ebd0a53 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml @@ -15,12 +15,12 @@ */}} {{- if .Values.global.distcenter.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -34,8 +34,9 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml index 6497639a77..201d456fec 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml @@ -15,7 +15,6 @@ */}} {{- if .Values.global.distcenter.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -32,20 +31,11 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} {{- end -}} -{{- end -}} \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index e8d2f7ecaa..94791be713 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -54,8 +54,8 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml index 5c3618d2d4..3f7782c604 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -46,8 +46,8 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml similarity index 65% rename from kubernetes/aaf/charts/aaf-sshsm/templates/pv.yaml rename to kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml index b4d283f1c7..a12b4a0bb1 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,26 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dataMountSubPath }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-dbus - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-dbus -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml new file mode 100644 index 0000000000..bb5649cf3a --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-dbus + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-dbus +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-dbus" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml new file mode 100644 index 0000000000..e8b82ca9a2 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml similarity index 80% rename from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml rename to kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml index e6aacd1b96..9c3fb46f7a 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-dbus namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -30,19 +30,14 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-dbus" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc.yaml deleted file mode 100644 index c50a0bc587..0000000000 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-data - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} ---- -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-dbus - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-dbus - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/values.yaml index 2d20d579de..6d4fbec5c4 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/values.yaml @@ -50,8 +50,8 @@ persistence: resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/templates/aaf-config-pv.yaml b/kubernetes/aaf/templates/aaf-config-pv.yaml deleted file mode 100644 index 9a1e8020db..0000000000 --- a/kubernetes/aaf/templates/aaf-config-pv.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-config-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Chart.Name }}-config - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.config.size}} - accessModes: - - {{ .Values.persistence.config.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.config.mountPath }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/aaf/templates/aaf-config-pvc.yaml b/kubernetes/aaf/templates/aaf-config-pvc.yaml deleted file mode 100644 index b22df6d494..0000000000 --- a/kubernetes/aaf/templates/aaf-config-pvc.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-config-pvc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-config - accessModes: - - {{ .Values.persistence.config.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.config.size }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} - diff --git a/kubernetes/aaf/templates/aaf-status-pv.yaml b/kubernetes/aaf/templates/aaf-status-pv.yaml deleted file mode 100644 index b8d12c5cba..0000000000 --- a/kubernetes/aaf/templates/aaf-status-pv.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-status-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Chart.Name }}-status - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.status.size}} - accessModes: - - {{ .Values.persistence.status.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} -{{- if .Values.persistence.status.storageClass }} -{{- if (eq "-" .Values.persistence.status.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.status.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/aaf/templates/aaf-status-pvc.yaml b/kubernetes/aaf/templates/aaf-status-pvc.yaml deleted file mode 100644 index 870ac9c89d..0000000000 --- a/kubernetes/aaf/templates/aaf-status-pvc.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-status-pvc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-status - accessModes: - - {{ .Values.persistence.status.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.status.size }} -{{- if .Values.persistence.status.storageClass }} -{{- if (eq "-" .Values.persistence.status.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.status.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} - diff --git a/kubernetes/aaf/templates/pv-config.yaml b/kubernetes/aaf/templates/pv-config.yaml new file mode 100644 index 0000000000..b004fe43cd --- /dev/null +++ b/kubernetes/aaf/templates/pv-config.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }}-config + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }} + storageClassName: "{{ include "common.fullname" . }}-config" +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/templates/pv-status.yaml b/kubernetes/aaf/templates/pv-status.yaml new file mode 100644 index 0000000000..455e32216c --- /dev/null +++ b/kubernetes/aaf/templates/pv-status.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-status + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }}-status + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.status.size}} + accessModes: + - {{ .Values.persistence.status.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} + storageClassName: "{{ include "common.fullname" . }}-status" +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/templates/pvc-config.yaml b/kubernetes/aaf/templates/pvc-config.yaml new file mode 100644 index 0000000000..3431fb0c85 --- /dev/null +++ b/kubernetes/aaf/templates/pvc-config.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-config" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/templates/pvc-status.yaml b/kubernetes/aaf/templates/pvc-status.yaml new file mode 100644 index 0000000000..0413914831 --- /dev/null +++ b/kubernetes/aaf/templates/pvc-status.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.status.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.status.size }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-status" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 0109a5e90d..a19f102385 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -129,20 +129,18 @@ persistence: volumeReclaimPolicy: Delete accessMode: ReadWriteMany size: 2Gi - storageClass: "manual" - mountPath: "/mnt/data/aaf/config" + mountPath: /dockerdata-nfs + mountSubPath: "config" logs: #existingClaim: volumeReclaimPolicy: Retain accessMode: ReadWriteMany size: 2Gi - storageClass: "manual" mountPath: "/mnt/data/aaf/logs" status: volumeReclaimPolicy: Delete accessMode: ReadWriteMany size: 2M - storageClass: "manual" mountPath: /dockerdata-nfs mountSubPath: "status" cass: @@ -150,7 +148,6 @@ persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 10Gi - storageClass: "manual" mountPath: /dockerdata-nfs mountSubPath: "cass" diff --git a/kubernetes/aai b/kubernetes/aai index d689606843..f636b1cc2b 160000 --- a/kubernetes/aai +++ b/kubernetes/aai @@ -1 +1 @@ -Subproject commit d68960684392a6da61805e4161ae032549db6102 +Subproject commit f636b1cc2bf7d391dc76956e906a6f497ef1b092 diff --git a/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config b/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config index 74fcc49155..8a417fcb1f 100644 --- a/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config +++ b/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config @@ -24,15 +24,8 @@ auth: no priv: provide_privated_key.pem pub: provide_public_key.pem -# RestServer authentication -id: sdnc -psswd: sdnc - # Mysql host: {{.Values.config.mariadbGaleraSVCName}} -user: appc -passwd: appc -db: ansible # Playbooks from_files: yes diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml index 6fef70ceb5..91ebe78daf 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml @@ -15,11 +15,12 @@ */}} {{- $global := . }} {{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} {{- range $i, $t := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" $global }}-playbook{{$i}} + name: {{ include "common.fullname" $global }}-playbook-{{$i}} namespace: {{ include "common.namespace" $global }} labels: app: {{ include "common.fullname" $global }} @@ -32,10 +33,13 @@ spec: storage: {{ $global.Values.persistence.size}} accessModes: - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-playbook" + storageClassName: "{{ include "common.fullname" $global }}-data" persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} {{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml index f7fa15ca89..b9ef80dbb3 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml @@ -95,9 +95,13 @@ spec: name: {{ include "common.fullname" . }}-playbook labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-playbook + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml index 7b0767c80f..b6bf77f3f7 100644 --- a/kubernetes/appc/charts/appc-ansible-server/values.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml @@ -87,7 +87,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: appc/ansible @@ -112,5 +112,3 @@ resources: cpu: 1 memory: 1Gi unlimited: {} - - diff --git a/kubernetes/appc/charts/appc-cdt/templates/ingress.yaml b/kubernetes/appc/charts/appc-cdt/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/appc/charts/appc-cdt/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/appc/charts/appc-cdt/values.yaml b/kubernetes/appc/charts/appc-cdt/values.yaml index 6c138fad87..2fd2fb5f52 100644 --- a/kubernetes/appc/charts/appc-cdt/values.yaml +++ b/kubernetes/appc/charts/appc-cdt/values.yaml @@ -60,6 +60,12 @@ service: ingress: enabled: false + service: + - baseaddr: appccdt + name: "appc-cdt" + port: 18080 + config: + ssl: "none" # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index c52c6e3aa1..22d38363c0 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -171,6 +171,9 @@ ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log" java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log & +echo "Starting dmaap-event-service jar, logging to ${APPC_HOME}/dmaap-event-service/jar.log" +java -jar -Dorg_onap_appc_bootstrap_path=/opt/onap/appc/data/properties -Dorg_onap_appc_bootstrap_file=appc.properties ${APPC_HOME}/dmaap-event-service/dmaap-event-service.jar > ${APPC_HOME}/dmaap-event-service/jar.log & + echo "Adding a property system.properties for AAF cadi.properties location" echo "" >> ${ODL_HOME}/etc/system.properties echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties index 58593d93e5..914d60850b 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties @@ -114,9 +114,9 @@ appc.sdc.provider.url=http://localhost:8181/restconf/operations/AsdcMessage:conf # Properties used by EventSenderDmaapImpl.java DCAE.dmaap.event.topic.write=EventSenderTest -DCAE.dmaap.appc.username=test -DCAE.dmaap.appc.password=test -DCAE.dmaap.event.pool.members=message-router.{{.Release.Namespace}}:3904 +DCAE.dmaap.event.username=test +DCAE.dmaap.event.password=test +DCAE.dmaap.event.poolMembers=message-router.{{.Release.Namespace}}:3904 #OAM Listener appc.OAM.disabled=true @@ -130,3 +130,8 @@ appc.OAM.provider.user={{.Values.config.odlUser}} appc.OAM.provider.pass={{.Values.config.odlPassword}} appc.asdc.env={{.Values.config.dmaapTopicEnv}} + +#Properties for communication between appc dmaap microservice and appc +appc.srvcomm.messaging.username={{.Values.config.dmaapServiceUser}} +appc.srvcomm.messaging.password={{.Values.config.dmaapServicePassword}} +appc.srvcomm.messaging.url={{.Values.config.dmaapServiceUrl}} diff --git a/kubernetes/appc/templates/ingress.yaml b/kubernetes/appc/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/appc/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/appc/templates/pv.yaml b/kubernetes/appc/templates/pv.yaml index 25257eaeaf..955285b73d 100644 --- a/kubernetes/appc/templates/pv.yaml +++ b/kubernetes/appc/templates/pv.yaml @@ -15,11 +15,12 @@ */}} {{- $global := . }} {{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} {{- range $i, $t := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" $global }}-data{{$i}} + name: {{ include "common.fullname" $global }}-data-{{$i}} namespace: {{ include "common.namespace" $global }} labels: app: {{ include "common.fullname" $global }} @@ -36,6 +37,9 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} {{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index 1401a8225d..0bee9f34e9 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -63,9 +63,8 @@ spec: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.externalPort2 }} readinessProbe: - exec: - command: - - /opt/appc/bin/health_check.sh + tcpSocket: + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -225,9 +224,13 @@ spec: name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-data + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index 2312638adc..4dfb2263ad 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -65,6 +65,9 @@ config: openStackUserName: admin openStackEncryptedPassword: enc:LDEbHEAvTF1R odlUser: admin + dmaapServiceUrl: http://localhost:8080/publish + dmaapServiceUser: appc + dmaapServicePassword: onapappc appc-ansible-server: service: @@ -160,6 +163,12 @@ persistence: ingress: enabled: false + service: + - baseaddr: appc + name: "appc" + port: 8443 + config: + ssl: "redirect" # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties index ec2ce6bda5..b102b7c365 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties @@ -16,7 +16,7 @@ # Web server config ### START -Controller Blueprints Properties # Load Resource Source Mappings -resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,script=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability # Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy @@ -94,6 +94,9 @@ blueprintsprocessor.restclient.aai-data.type=basic-auth blueprintsprocessor.restclient.aai-data.url=https://aai:8443 blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org blueprintsprocessor.restclient.aai-data.password=demo123456! +blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id +blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id +blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json # Self Service Request Kafka Message Consumer blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false @@ -106,7 +109,28 @@ blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 # Self Service Response Kafka Message Producer blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092 + + +# Used in Health Check blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer + +blueprintprocessor.remoteScriptCommand.enabled=true + +#Encrypted username and password for health check service +endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ== +endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ== + +#BaseUrls for health check blueprint processor services +blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/ +blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check] + +#BaseUrls for health check Cds Listener services +cdslistener.healthcheck.baseUrl=http://cds-sdc-listener:8080/ +cdslistener.healthcheck.mapping-service-name-with-service-link=[SDC Listener service,/api/v1/sdclistener/healthcheck] + +#Actuator properties +management.endpoints.web.exposure.include=* +management.endpoint.health.show-details=always diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index 6cfc933303..8e9b6db2af 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -71,6 +71,7 @@ spec: value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: httpGet: @@ -79,8 +80,9 @@ spec: httpHeaders: - name: Authorization value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/ingress.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml index 812108760b..a4bf83ed96 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} {{- if not .Values.persistence.storageClass -}} kind: PersistentVolume apiVersion: v1 @@ -33,7 +34,9 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml index 98b55716c5..601334ec44 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}-blueprints -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml index cb6d191eb8..781b5383fe 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml @@ -62,7 +62,8 @@ dmaapEnabled: true # probe configuration parameters liveness: initialDelaySeconds: 120 - periodSeconds: 10 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -70,6 +71,7 @@ liveness: readiness: initialDelaySeconds: 120 periodSeconds: 10 + timeoutSeconds: 20 service: http: @@ -94,6 +96,12 @@ persistence: ingress: enabled: false + service: + - baseaddr: "blueprintsprocessorhttp" + name: "blueprints-processor-http" + port: 8080 + config: + ssl: "none" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml index 659eddbaef..bbeeea26bb 100755 --- a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml @@ -57,12 +57,14 @@ spec: port: {{ .Values.service.grpc.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.grpc.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml index 469864629d..5bc0381da2 100755 --- a/kubernetes/cds/charts/cds-command-executor/values.yaml +++ b/kubernetes/cds/charts/cds-command-executor/values.yaml @@ -56,8 +56,9 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 20 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -65,6 +66,7 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 20 service: type: ClusterIP diff --git a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml index 9d03025c7f..cc611a129b 100644 --- a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml @@ -17,4 +17,27 @@ listenerservice: archivePath: /opt/app/onap/sdc-listener/ grpcAddress: cds-blueprints-processor-grpc grpcPort: 9111 - authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== \ No newline at end of file + authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + + +cdslistener: + healthcheck: + baseUrl: http://localhost:9000/ + mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]" + + +management: + endpoint: + health: + show-details: always + + + endpoints: + web: + exposure: + include: "*" + +endpoints: + user: + name: eHbVUbJAj4AG2522cSbrOQ== + password: eHbVUbJAj4AG2522cSbrOQ== diff --git a/kubernetes/cds/charts/cds-ui/templates/deployment.yaml b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml index 562cd54b31..bdb1871a9a 100644 --- a/kubernetes/cds/charts/cds-ui/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml @@ -56,7 +56,7 @@ spec: value: {{ .Values.config.api.controller.http.baseUrl }} - name: API_BLUEPRINT_CONTROLLER_HTTP_AUTH_TOKEN value: {{ .Values.config.api.controller.http.authToken }} - - name: API_BLUEPRINT_PROCESSOR_HHTP_BASE_URL + - name: API_BLUEPRINT_PROCESSOR_HTTP_BASE_URL value: {{ .Values.config.api.processor.http.baseUrl }} - name: API_BLUEPRINT_PROCESSOR_HTTP_AUTH_TOKEN value: {{ .Values.config.api.processor.http.authToken }} diff --git a/kubernetes/cds/charts/cds-ui/templates/ingress.yaml b/kubernetes/cds/charts/cds-ui/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/cds/charts/cds-ui/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml index 3b7659a3a5..e4a3e8acd6 100644 --- a/kubernetes/cds/charts/cds-ui/values.yaml +++ b/kubernetes/cds/charts/cds-ui/values.yaml @@ -40,7 +40,7 @@ config: api: controller: http: - baseUrl: http://cds-controller-blueprints:8080/api/v1 + baseUrl: http://cds-blueprints-processor-http:8081/api/v1 authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== processor: http: @@ -85,6 +85,13 @@ service: ingress: enabled: false + service: + - baseaddr: "cdsui" + name: "cds-ui" + port: 8080 + config: + ssl: "none" + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index a0dc0e8fbe..fec878960c 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -50,8 +50,9 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 20 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true diff --git a/kubernetes/clamp/charts/clamp-backend/values.yaml b/kubernetes/clamp/charts/clamp-backend/values.yaml index a72d0c5857..498149412a 100644 --- a/kubernetes/clamp/charts/clamp-backend/values.yaml +++ b/kubernetes/clamp/charts/clamp-backend/values.yaml @@ -27,7 +27,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-backend:4.1.2 +image: onap/clamp-backend:4.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -45,13 +45,14 @@ config: springApplicationJson: > { "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", + "spring.profiles.active": "clamp-default,clamp-default-user,clamp-sdc-controller-new", "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/", "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/", "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services", "clamp.config.sdc.serviceUsername": "clamp", "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", - "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.inventory.url": "https4://inventory.{{ include "common.namespace" . }}:8080", "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", "clamp.config.dcae.deployment.userName": "none", diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml b/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml index fd21cdfc1f..a1408dfc07 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml @@ -14,10 +14,11 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -30,7 +31,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml b/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml index abab145a8f..d2eddc227d 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml @@ -29,11 +29,9 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 94e14b5b65..88587160e9 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:4.1.2 +image: onap/clamp-dashboard-kibana:4.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index 689977db05..20bf974157 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:4.1.2 +image: onap/clamp-dashboard-logstash:4.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/load-sql-files-tests-automation.sh b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh similarity index 68% rename from kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/load-sql-files-tests-automation.sh rename to kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh index 0755826cde..224a813db9 100755 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/load-sql-files-tests-automation.sh +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh @@ -6,8 +6,6 @@ # ================================================================================ # Copyright (C) 2017 AT&T Intellectual Property. All rights # reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# Modifications Copyright © 2019 AT&T # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,12 +20,9 @@ # limitations under the License. # ============LICENSE_END============================================ # =================================================================== -# ECOMP is a trademark and service mark of AT&T Intellectual Property. +# ### -cd /docker-entrypoint-initdb.d/bulkload -### Keep previous DB for now (SOON DEPRECATED) -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < clds-create-db-objects.sql -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < clds-stored-procedures.sql -## New model creation -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < create-tables.sql +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < /docker-entrypoint-initdb.d/bulkload/create-db.sql +## New model creation +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < /docker-entrypoint-initdb.d/bulkload/create-tables.sql diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql deleted file mode 100644 index a6beca2b09..0000000000 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql +++ /dev/null @@ -1,240 +0,0 @@ -/* Copyright © 2017-2019 AT&T, Amdocs, Bell Canada -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -# -# Create CLDS database objects (tables, etc.) -# -# -CREATE DATABASE `cldsdb4`; -USE `cldsdb4`; -DROP USER 'clds'; -CREATE USER 'clds'; -GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION; -GRANT SELECT on mysql.proc TO 'clds'; -FLUSH PRIVILEGES; - - -CREATE TABLE template ( - template_id VARCHAR(36) NOT NULL, - template_name VARCHAR(80) NOT NULL, - template_bpmn_id VARCHAR(36) NULL, - template_image_id VARCHAR(36) NULL, - template_doc_id VARCHAR(36) NULL, - PRIMARY KEY (template_id), - UNIQUE (template_name) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE template_bpmn ( - template_bpmn_id VARCHAR(36) NOT NULL, - template_id VARCHAR(36) NOT NULL, - template_bpmn_text MEDIUMTEXT NOT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (template_bpmn_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE template_image ( - template_image_id VARCHAR(36) NOT NULL, - template_id VARCHAR(36) NOT NULL, - template_image_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (template_image_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE template_doc ( - template_doc_id VARCHAR(36) NOT NULL, - template_id VARCHAR(36) NOT NULL, - template_doc_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (template_doc_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model ( - model_id VARCHAR(36) NOT NULL, - model_name VARCHAR(80) NOT NULL, - template_id VARCHAR(36) NULL, - model_prop_id VARCHAR(36) NULL, - model_blueprint_id VARCHAR(36) NULL, - event_id VARCHAR(36) NULL, - control_name_prefix VARCHAR(80) NULL, - control_name_uuid VARCHAR(36) NOT NULL, - service_type_id VARCHAR(80) NULL, - deployment_id VARCHAR(80) NULL, - deployment_status_url VARCHAR(300) NULL, - PRIMARY KEY (model_id), - UNIQUE (model_name), - UNIQUE (control_name_uuid), - UNIQUE (service_type_id), - UNIQUE (deployment_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model_properties ( - model_prop_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NOT NULL, - model_prop_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (model_prop_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model_blueprint ( - model_blueprint_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NOT NULL, - model_blueprint_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (model_blueprint_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model_instance ( - model_instance_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NOT NULL, - vm_name VARCHAR(250) NOT NULL, - location VARCHAR(250) NULL, - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (model_instance_id), - UNIQUE (model_id, vm_name) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE event ( - event_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NULL, - action_cd VARCHAR(80) NOT NULL, - action_state_cd VARCHAR(80) NULL, - prev_event_id VARCHAR(36) NULL, - process_instance_id VARCHAR(80) NULL, - user_id VARCHAR(80) NULL, - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (event_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS tosca_model ( - tosca_model_id VARCHAR(36) NOT NULL, - tosca_model_name VARCHAR(80) NOT NULL, - policy_type VARCHAR(80) NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (tosca_model_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS tosca_model_revision ( - tosca_model_revision_id VARCHAR(36) NOT NULL, - tosca_model_id VARCHAR(36) NOT NULL, - version DOUBLE NOT NULL DEFAULT 1, - tosca_model_yaml MEDIUMTEXT NULL, - tosca_model_json MEDIUMTEXT NULL, - user_id VARCHAR(80), - createdTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - lastUpdatedTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (tosca_model_revision_id), - CONSTRAINT tosca_model_revision_ukey UNIQUE KEY (tosca_model_id, version), - CONSTRAINT tosca_model_revision_fkey01 FOREIGN KEY (tosca_model_id) REFERENCES tosca_model (tosca_model_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS dictionary ( - dictionary_id VARCHAR(36) NOT NULL, - dictionary_name VARCHAR(80) NOT NULL, - created_by VARCHAR(80), - modified_by VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (dictionary_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS dictionary_elements ( - dict_element_id VARCHAR(36) NOT NULL, - dictionary_id VARCHAR(36) NOT NULL, - dict_element_name VARCHAR(250) NOT NULL, - dict_element_short_name VARCHAR(80) NOT NULL, - dict_element_description VARCHAR(250), - dict_element_type VARCHAR(80) NOT NULL, - created_by VARCHAR(80), - modified_by VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (dict_element_id), - CONSTRAINT dictionary_elements_ukey UNIQUE KEY (dict_element_name, dict_element_short_name), - CONSTRAINT dictionary_elements_ukey_fkey01 FOREIGN KEY (dictionary_id) REFERENCES dictionary (dictionary_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -ALTER TABLE template - ADD CONSTRAINT template_bpmn_id_fkey01 - FOREIGN KEY (template_bpmn_id) - REFERENCES template_bpmn (template_bpmn_id); - -ALTER TABLE template - ADD CONSTRAINT template_image_id_fkey01 - FOREIGN KEY (template_image_id) - REFERENCES template_image (template_image_id); - -ALTER TABLE template - ADD CONSTRAINT template_doc_id_fkey01 - FOREIGN KEY (template_doc_id) - REFERENCES template_doc (template_doc_id); - -ALTER TABLE template_bpmn - ADD CONSTRAINT template_id_fkey02 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE template_image - ADD CONSTRAINT template_id_fkey03 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE template_doc - ADD CONSTRAINT template_id_fkey04 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE model - ADD CONSTRAINT template_id_fkey01 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE model - ADD CONSTRAINT model_prop_id_fkey01 - FOREIGN KEY (model_prop_id) - REFERENCES model_properties (model_prop_id); - -ALTER TABLE model - ADD CONSTRAINT model_blueprint_id_fkey01 - FOREIGN KEY (model_blueprint_id) - REFERENCES model_blueprint (model_blueprint_id); - -ALTER TABLE model - ADD CONSTRAINT event_id_fkey01 - FOREIGN KEY (event_id) - REFERENCES event (event_id); - -ALTER TABLE model_properties - ADD CONSTRAINT model_id_fkey01 - FOREIGN KEY (model_id) - REFERENCES model (model_id); - -ALTER TABLE model_blueprint - ADD CONSTRAINT model_id_fkey02 - FOREIGN KEY (model_id) - REFERENCES model (model_id); - -ALTER TABLE model_instance - ADD CONSTRAINT model_id_fkey04 - FOREIGN KEY (model_id) - REFERENCES model (model_id); - -ALTER TABLE event - ADD CONSTRAINT model_id_fkey03 - FOREIGN KEY (model_id) - REFERENCES model (model_id); diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql deleted file mode 100644 index a590fed04e..0000000000 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql +++ /dev/null @@ -1,549 +0,0 @@ -/* Copyright © 2017 AT&T, Amdocs, Bell Canada -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -# -# CLDS stored procedures -# - -USE cldsdb4; - -DROP PROCEDURE IF EXISTS upd_event; -DROP PROCEDURE IF EXISTS ins_event; -DROP PROCEDURE IF EXISTS del_all_model_instances; -DROP PROCEDURE IF EXISTS del_model_instance; -DROP PROCEDURE IF EXISTS ins_model_instance; -DROP PROCEDURE IF EXISTS set_model; -DROP PROCEDURE IF EXISTS get_model; -DROP PROCEDURE IF EXISTS get_model_template; -DROP PROCEDURE IF EXISTS set_template; -DROP PROCEDURE IF EXISTS get_template; -DROP PROCEDURE IF EXISTS del_model; -DROP PROCEDURE IF EXISTS set_new_tosca_model_version; -DROP PROCEDURE IF EXISTS set_tosca_model; -DROP PROCEDURE IF EXISTS set_dictionary; -DROP PROCEDURE IF EXISTS set_dictionary_elements; -DELIMITER // -CREATE PROCEDURE get_template - (IN v_template_name VARCHAR(80), - OUT v_template_id VARCHAR(36), - OUT v_template_bpmn_id VARCHAR(36), - OUT v_template_bpmn_user_id VARCHAR(80), - OUT v_template_bpmn_text MEDIUMTEXT, - OUT v_template_image_id VARCHAR(36), - OUT v_template_image_user_id VARCHAR(80), - OUT v_template_image_text MEDIUMTEXT, - OUT v_template_doc_id VARCHAR(36), - OUT v_template_doc_user_id VARCHAR(80), - OUT v_template_doc_text MEDIUMTEXT) -BEGIN - SELECT t.template_id, - tb.template_bpmn_id, - tb.user_id, - tb.template_bpmn_text, - ti.template_image_id, - ti.user_id, - ti.template_image_text, - td.template_doc_id, - td.user_id, - td.template_doc_text - INTO v_template_id, - v_template_bpmn_id, - v_template_bpmn_user_id, - v_template_bpmn_text, - v_template_image_id, - v_template_image_user_id, - v_template_image_text, - v_template_doc_id, - v_template_doc_user_id, - v_template_doc_text - FROM template t, - template_bpmn tb, - template_image ti, - template_doc td - WHERE t.template_bpmn_id = tb.template_bpmn_id - AND t.template_image_id = ti.template_image_id - AND t.template_doc_id = td.template_doc_id - AND t.template_name = v_template_name; -END; -CREATE PROCEDURE set_template - (IN v_template_name VARCHAR(80), - IN v_user_id VARCHAR(80), - IN v_template_bpmn_text MEDIUMTEXT, - IN v_template_image_text MEDIUMTEXT, - IN v_template_doc_text MEDIUMTEXT, - OUT v_template_id VARCHAR(36), - OUT v_template_bpmn_id VARCHAR(36), - OUT v_template_bpmn_user_id VARCHAR(80), - OUT v_template_image_id VARCHAR(36), - OUT v_template_image_user_id VARCHAR(80), - OUT v_template_doc_id VARCHAR(36), - OUT v_template_doc_user_id VARCHAR(80)) -BEGIN - DECLARE v_old_template_bpmn_text MEDIUMTEXT; - DECLARE v_old_template_image_text MEDIUMTEXT; - DECLARE v_old_template_doc_text MEDIUMTEXT; - SET v_template_id = NULL; - CALL get_template( - v_template_name, - v_template_id, - v_template_bpmn_id, - v_template_bpmn_user_id, - v_old_template_bpmn_text, - v_template_image_id, - v_template_image_user_id, - v_old_template_image_text, - v_template_doc_id, - v_template_doc_user_id, - v_old_template_doc_text); - IF v_template_id IS NULL THEN - BEGIN - SET v_template_id = UUID(); - INSERT INTO template - (template_id, template_name) - VALUES (v_template_id, v_template_name); - END; - END IF; - IF v_template_bpmn_id IS NULL OR v_template_bpmn_text <> v_old_template_bpmn_text THEN - SET v_template_bpmn_id = UUID(); - INSERT INTO template_bpmn - (template_bpmn_id, template_id, template_bpmn_text, user_id) - VALUES (v_template_bpmn_id, v_template_id, v_template_bpmn_text, v_user_id); - SET v_template_bpmn_user_id = v_user_id; - END IF; - IF v_template_image_id IS NULL OR v_template_image_text <> v_old_template_image_text THEN - SET v_template_image_id = UUID(); - INSERT INTO template_image - (template_image_id, template_id, template_image_text, user_id) - VALUES (v_template_image_id, v_template_id, v_template_image_text, v_user_id); - SET v_template_image_user_id = v_user_id; - END IF; - IF v_template_doc_id IS NULL OR v_template_doc_text <> v_old_template_doc_text THEN - SET v_template_doc_id = UUID(); - INSERT INTO template_doc - (template_doc_id, template_id, template_doc_text, user_id) - VALUES (v_template_doc_id, v_template_id, v_template_doc_text, v_user_id); - SET v_template_doc_user_id = v_user_id; - END IF; - UPDATE template - SET template_bpmn_id = v_template_bpmn_id, - template_image_id = v_template_image_id, - template_doc_id = v_template_doc_id - WHERE template_id = v_template_id; -END; -CREATE PROCEDURE get_model - (IN v_model_name VARCHAR(80), - OUT v_control_name_prefix VARCHAR(80), - INOUT v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36), - OUT v_service_type_id VARCHAR(80), - OUT v_deployment_id VARCHAR(80), - OUT v_deployment_status_url VARCHAR(300), - OUT v_template_name VARCHAR(80), - OUT v_template_id VARCHAR(36), - OUT v_model_prop_id VARCHAR(36), - OUT v_model_prop_user_id VARCHAR(80), - OUT v_model_prop_text MEDIUMTEXT, - OUT v_model_blueprint_id VARCHAR(36), - OUT v_model_blueprint_user_id VARCHAR(80), - OUT v_model_blueprint_text MEDIUMTEXT, - OUT v_event_id VARCHAR(36), - OUT v_action_cd VARCHAR(80), - OUT v_action_state_cd VARCHAR(80), - OUT v_event_process_instance_id VARCHAR(80), - OUT v_event_user_id VARCHAR(80)) -BEGIN - SELECT m.control_name_prefix, - m.control_name_uuid, - m.model_id, - m.service_type_id, - m.deployment_id, - m.deployment_status_url, - t.template_name, - m.template_id, - mp.model_prop_id, - mp.user_id, - mp.model_prop_text, - mb.model_blueprint_id, - mb.user_id, - mb.model_blueprint_text, - e.event_id, - e.action_cd, - e.action_state_cd, - e.process_instance_id, - e.user_id - INTO v_control_name_prefix, - v_control_name_uuid, - v_model_id, - v_service_type_id, - v_deployment_id, - v_deployment_status_url, - v_template_name, - v_template_id, - v_model_prop_id, - v_model_prop_user_id, - v_model_prop_text, - v_model_blueprint_id, - v_model_blueprint_user_id, - v_model_blueprint_text, - v_event_id, - v_action_cd, - v_action_state_cd, - v_event_process_instance_id, - v_event_user_id - FROM model m, - template t, - model_properties mp, - model_blueprint mb, - event e - WHERE m.template_id = t.template_id - AND m.model_prop_id = mp.model_prop_id - AND m.model_blueprint_id = mb.model_blueprint_id - AND m.event_id = e.event_id - AND (m.model_name = v_model_name - OR m.control_name_uuid = v_control_name_uuid); - SELECT model_instance_id, - vm_name, - location, - timestamp - FROM model_instance - WHERE model_id = v_model_id - ORDER BY 2; -END; -CREATE PROCEDURE get_model_template - (IN v_model_name VARCHAR(80), - OUT v_control_name_prefix VARCHAR(80), - INOUT v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36), - OUT v_service_type_id VARCHAR(80), - OUT v_deployment_id VARCHAR(80), - OUT v_deployment_status_url VARCHAR(300), - OUT v_template_name VARCHAR(80), - OUT v_template_id VARCHAR(36), - OUT v_model_prop_id VARCHAR(36), - OUT v_model_prop_user_id VARCHAR(80), - OUT v_model_prop_text MEDIUMTEXT, - OUT v_model_blueprint_id VARCHAR(36), - OUT v_model_blueprint_user_id VARCHAR(80), - OUT v_model_blueprint_text MEDIUMTEXT, - OUT v_template_bpmn_id VARCHAR(36), - OUT v_template_bpmn_user_id VARCHAR(80), - OUT v_template_bpmn_text MEDIUMTEXT, - OUT v_template_image_id VARCHAR(36), - OUT v_template_image_user_id VARCHAR(80), - OUT v_template_image_text MEDIUMTEXT, - OUT v_template_doc_id VARCHAR(36), - OUT v_template_doc_user_id VARCHAR(80), - OUT v_template_doc_text MEDIUMTEXT, - OUT v_event_id VARCHAR(36), - OUT v_action_cd VARCHAR(80), - OUT v_action_state_cd VARCHAR(80), - OUT v_event_process_instance_id VARCHAR(80), - OUT v_event_user_id VARCHAR(80)) -BEGIN - CALL get_model( - v_model_name, - v_control_name_prefix, - v_control_name_uuid, - v_model_id, - v_service_type_id, - v_deployment_id, - v_deployment_status_url, - v_template_name, - v_template_id, - v_model_prop_id, - v_model_prop_user_id, - v_model_prop_text, - v_model_blueprint_id, - v_model_blueprint_user_id, - v_model_blueprint_text, - v_event_id, - v_action_cd, - v_action_state_cd, - v_event_process_instance_id, - v_event_user_id); - CALL get_template( - v_template_name, - v_template_id, - v_template_bpmn_id, - v_template_bpmn_user_id, - v_template_bpmn_text, - v_template_image_id, - v_template_image_user_id, - v_template_image_text, - v_template_doc_id, - v_template_doc_user_id, - v_template_doc_text); - END; -CREATE PROCEDURE set_model - (IN v_model_name VARCHAR(80), - IN v_template_id VARCHAR(36), - IN v_user_id VARCHAR(80), - IN v_model_prop_text MEDIUMTEXT, - IN v_model_blueprint_text MEDIUMTEXT, - IN v_service_type_id VARCHAR(80), - IN v_deployment_id VARCHAR(80), - IN v_deployment_status_url VARCHAR(300), - INOUT v_control_name_prefix VARCHAR(80), - INOUT v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36), - OUT v_model_prop_id VARCHAR(36), - OUT v_model_prop_user_id VARCHAR(80), - OUT v_model_blueprint_id VARCHAR(36), - OUT v_model_blueprint_user_id VARCHAR(80), - OUT v_event_id VARCHAR(36), - OUT v_action_cd VARCHAR(80), - OUT v_action_state_cd VARCHAR(80), - OUT v_event_process_instance_id VARCHAR(80), - OUT v_event_user_id VARCHAR(80)) -BEGIN - DECLARE v_old_template_name VARCHAR(80); - DECLARE v_old_template_id VARCHAR(36); - DECLARE v_old_control_name_prefix VARCHAR(80); - DECLARE v_old_control_name_uuid VARCHAR(36); - DECLARE v_old_model_prop_text MEDIUMTEXT; - DECLARE v_old_model_blueprint_text MEDIUMTEXT; - DECLARE v_old_service_type_id VARCHAR(80); - DECLARE v_old_deployment_id VARCHAR(80); - DECLARE v_old_deployment_status_url VARCHAR(300); - SET v_model_id = NULL; - CALL get_model( - v_model_name, - v_old_control_name_prefix, - v_old_control_name_uuid, - v_model_id, - v_old_service_type_id, - v_old_deployment_id, - v_old_deployment_status_url, - v_old_template_name, - v_old_template_id, - v_model_prop_id, - v_model_prop_user_id, - v_old_model_prop_text, - v_model_blueprint_id, - v_model_blueprint_user_id, - v_old_model_blueprint_text, - v_event_id, - v_action_cd, - v_action_state_cd, - v_event_process_instance_id, - v_event_user_id); - IF v_model_id IS NULL THEN - BEGIN - # UUID can be provided initially but cannot be updated - # if not provided (this is expected) then it will be set here - IF v_control_name_uuid IS NULL THEN - SET v_control_name_uuid = UUID(); - END IF; - SET v_model_id = v_control_name_uuid; - INSERT INTO model - (model_id, model_name, template_id, control_name_prefix, control_name_uuid, service_type_id, deployment_id, deployment_status_url) - VALUES (v_model_id, v_model_name, v_template_id, v_control_name_prefix, v_control_name_uuid, v_service_type_id, v_deployment_id,v_deployment_status_url); - # since just created model, insert CREATED event as initial default event - SET v_action_cd = 'CREATE'; - SET v_action_state_cd = 'COMPLETED'; - SET v_event_user_id = v_user_id; - SET v_event_id = UUID(); - INSERT INTO event - (event_id, model_id, action_cd, action_state_cd, user_id) - VALUES (v_event_id, v_model_id, v_action_cd, v_action_state_cd, v_event_user_id); - UPDATE model - SET event_id = v_event_id - WHERE model_id = v_model_id; - END; - ELSE - BEGIN - # use old control_name_prefix if null value is provided - IF v_control_name_prefix IS NULL THEN - SET v_control_name_prefix = v_old_control_name_prefix; - END IF; - # UUID can not be updated after initial insert - SET v_control_name_uuid = v_old_control_name_uuid; - END; - END IF; - IF v_model_prop_id IS NULL OR v_model_prop_text <> v_old_model_prop_text THEN - SET v_model_prop_id = UUID(); - INSERT INTO model_properties - (model_prop_id, model_id, model_prop_text, user_id) - VALUES (v_model_prop_id, v_model_id, v_model_prop_text, v_user_id); - SET v_model_prop_user_id = v_user_id; - END IF; - IF v_model_blueprint_id IS NULL OR v_model_blueprint_text <> v_old_model_blueprint_text THEN - SET v_model_blueprint_id = UUID(); - INSERT INTO model_blueprint - (model_blueprint_id, model_id, model_blueprint_text, user_id) - VALUES (v_model_blueprint_id, v_model_id, v_model_blueprint_text, v_user_id); - SET v_model_blueprint_user_id = v_user_id; - END IF; - UPDATE model - SET control_name_prefix = v_control_name_prefix, - model_prop_id = v_model_prop_id, - model_blueprint_id = v_model_blueprint_id, - service_type_id = v_service_type_id, - deployment_id = v_deployment_id, - deployment_status_url = v_deployment_status_url - WHERE model_id = v_model_id; -END; -CREATE PROCEDURE ins_model_instance - (IN v_control_name_uuid VARCHAR(36), - IN v_vm_name VARCHAR(250), - IN v_location VARCHAR(250), - OUT v_model_id VARCHAR(36), - OUT v_model_instance_id VARCHAR(36)) -BEGIN - SELECT m.model_id - INTO v_model_id - FROM model m - WHERE m.control_name_uuid = v_control_name_uuid; - SET v_model_instance_id = UUID(); - INSERT INTO model_instance - (model_instance_id, model_id, vm_name, location) - VALUES (v_model_instance_id, v_model_id, v_vm_name, v_location); -END; -CREATE PROCEDURE del_model_instance - (IN v_control_name_uuid VARCHAR(36), - IN v_vm_name VARCHAR(250), - OUT v_model_id VARCHAR(36), - OUT v_model_instance_id VARCHAR(36)) -BEGIN - SELECT m.model_id, i.model_instance_id - INTO v_model_id, - v_model_instance_id - FROM model m, - model_instance i - WHERE m.model_id = i.model_id - AND m.control_name_uuid = v_control_name_uuid - AND i.vm_name = v_vm_name; - DELETE FROM model_instance - WHERE model_instance_id = v_model_instance_id; -END; -CREATE PROCEDURE del_all_model_instances - (IN v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36)) -BEGIN - SELECT m.model_id - INTO v_model_id - FROM model m - WHERE m.control_name_uuid = v_control_name_uuid; - DELETE FROM model_instance - WHERE model_id = v_model_id; -END; -CREATE PROCEDURE ins_event - (IN v_model_name VARCHAR(80), - IN v_control_name_prefix VARCHAR(80), - IN v_control_name_uuid VARCHAR(36), - IN v_user_id VARCHAR(80), - IN v_action_cd VARCHAR(80), - IN v_action_state_cd VARCHAR(80), - IN v_process_instance_id VARCHAR(80), - OUT v_model_id VARCHAR(36), - OUT v_event_id VARCHAR(36)) -BEGIN - DECLARE v_prev_event_id VARCHAR(36); - SELECT m.model_id, - m.event_id - INTO v_model_id, - v_prev_event_id - FROM model m - WHERE m.model_name = v_model_name - OR m.control_name_uuid = v_control_name_uuid; - SET v_event_id = UUID(); - INSERT INTO event - (event_id, model_id, action_cd, action_state_cd, prev_event_id, process_instance_id, user_id) - VALUES (v_event_id, v_model_id, v_action_cd, v_action_state_cd, v_prev_event_id, v_process_instance_id, v_user_id); - UPDATE model - SET event_id = v_event_id - WHERE model_id = v_model_id; -END; -CREATE PROCEDURE upd_event - (IN v_event_id VARCHAR(36), - IN v_process_instance_id VARCHAR(80)) -BEGIN - UPDATE event - SET process_instance_id = v_process_instance_id - WHERE event_id = v_event_id; -END; -CREATE PROCEDURE del_model -(IN v_model_name VARCHAR(80)) -BEGIN - DECLARE v_model_id VARCHAR(36); - SELECT model_id INTO v_model_id from model where model_name = v_model_name; - UPDATE model set event_id = null, model_blueprint_id = null, model_prop_id = null where model_id = v_model_id; - DELETE from event where model_id = v_model_id; - DELETE from model_blueprint where model_id = v_model_id; - DELETE from model_properties where model_id = v_model_id; - DELETE from model where model_id = v_model_id; -END; - -CREATE PROCEDURE set_new_tosca_model_version - (IN v_tosca_model_id VARCHAR(36), - IN v_version DOUBLE, - IN v_tosca_model_yaml MEDIUMTEXT, - IN v_tosca_model_json MEDIUMTEXT, - IN v_user_id VARCHAR(80), - OUT v_revision_id VARCHAR(36)) -BEGIN - SET v_revision_id = UUID(); - INSERT INTO tosca_model_revision - (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id) - VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id); -END; - -CREATE PROCEDURE set_tosca_model - (IN v_tosca_model_name VARCHAR(80), - IN v_policy_type VARCHAR(80), - IN v_user_id VARCHAR(80), - IN v_tosca_model_yaml MEDIUMTEXT, - IN v_tosca_model_json MEDIUMTEXT, - IN v_version DOUBLE, - OUT v_tosca_model_id VARCHAR(36), - OUT v_revision_id VARCHAR(36)) -BEGIN - SET v_tosca_model_id = UUID(); - INSERT INTO tosca_model - (tosca_model_id, tosca_model_name, policy_type, user_id) - VALUES (v_tosca_model_id, v_tosca_model_name, v_policy_type, v_user_id); - SET v_revision_id = UUID(); - INSERT INTO tosca_model_revision - (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id) - VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id); -END; - -CREATE PROCEDURE set_dictionary - (IN v_dictionary_name VARCHAR(80), - IN v_user_id VARCHAR(80), - OUT v_dictionary_id VARCHAR(36)) -BEGIN - SET v_dictionary_id = UUID(); - INSERT INTO dictionary - (dictionary_id, dictionary_name, created_by, modified_by) - VALUES (v_dictionary_id, v_dictionary_name, v_user_id, v_user_id); -END; - -CREATE PROCEDURE set_dictionary_elements - (IN v_dictionary_id VARCHAR(36), - IN v_dict_element_name VARCHAR(250), - IN v_dict_element_short_name VARCHAR(80), - IN v_dict_element_description VARCHAR(250), - IN v_dict_element_type VARCHAR(80), - IN v_user_id VARCHAR(80), - OUT v_dict_element_id VARCHAR(36)) -BEGIN - SET v_dict_element_id = UUID(); - INSERT INTO dictionary_elements - (dict_element_id, dictionary_id, dict_element_name, dict_element_short_name, dict_element_description, dict_element_type, created_by, modified_by) - VALUES (v_dict_element_id, v_dictionary_id, v_dict_element_name, v_dict_element_short_name, v_dict_element_description, v_dict_element_type, v_user_id, v_user_id); -END; -// -DELIMITER ; diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql new file mode 100644 index 0000000000..ea4d97c1b5 --- /dev/null +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql @@ -0,0 +1,11 @@ +# +# Create CLDS database objects (tables, etc.) +# +# +CREATE DATABASE `cldsdb4`; +USE `cldsdb4`; +DROP USER 'clds'; +CREATE USER 'clds'; +GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION; +FLUSH PRIVILEGES; + diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql index 9b12b1804c..0e15d4d3a2 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql @@ -1,17 +1,4 @@ -/* Copyright © 2019 AT&T -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + create table hibernate_sequence ( next_val bigint ) engine=InnoDB; diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql deleted file mode 100644 index 0412373d01..0000000000 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql +++ /dev/null @@ -1,54 +0,0 @@ -/* Copyright © 2017 AT&T, Amdocs, Bell Canada -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -# -# Drop CLDS database objects (tables, etc.) -# - - -ALTER TABLE template - DROP FOREIGN KEY template_image_id_fkey01; -ALTER TABLE template - DROP FOREIGN KEY template_bpmn_id_fkey01; -ALTER TABLE template - DROP FOREIGN KEY template_doc_id_fkey01; - -ALTER TABLE model - DROP FOREIGN KEY template_id_fkey01; -ALTER TABLE model - DROP FOREIGN KEY model_prop_id_fkey01; -ALTER TABLE model - DROP FOREIGN KEY model_blueprint_id_fkey01; -ALTER TABLE model - DROP FOREIGN KEY event_id_fkey01; - -DROP TABLE clds_service_cache; - -DROP TABLE model_instance; -DROP TABLE model_blueprint; -DROP TABLE model_properties; -DROP TABLE event; -DROP TABLE model; - -DROP TABLE template_doc; -DROP TABLE template_image; -DROP TABLE template_bpmn; -DROP TABLE template; - -DROP TABLE dictionary_elements; -DROP TABLE dictionary; -DROP TABLE tosca_model_revision; -DROP TABLE tosca_model; - diff --git a/kubernetes/clamp/charts/mariadb/templates/pv.yaml b/kubernetes/clamp/charts/mariadb/templates/pv.yaml index 252ca76599..d166900c6f 100644 --- a/kubernetes/clamp/charts/mariadb/templates/pv.yaml +++ b/kubernetes/clamp/charts/mariadb/templates/pv.yaml @@ -16,10 +16,11 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -32,7 +33,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/clamp/charts/mariadb/templates/pvc.yaml b/kubernetes/clamp/charts/mariadb/templates/pvc.yaml index 1deed4e92a..c3c2a2259e 100644 --- a/kubernetes/clamp/charts/mariadb/templates/pvc.yaml +++ b/kubernetes/clamp/charts/mariadb/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/clamp/charts/mariadb/values.yaml b/kubernetes/clamp/charts/mariadb/values.yaml index 5f31c79bdf..8bf6100563 100644 --- a/kubernetes/clamp/charts/mariadb/values.yaml +++ b/kubernetes/clamp/charts/mariadb/values.yaml @@ -70,7 +70,7 @@ persistence: ## GKE, AWS & OpenStack) ## # storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: clamp/mariadb/data diff --git a/kubernetes/clamp/resources/config/nginx.conf b/kubernetes/clamp/resources/config/nginx.conf index ce94eff70f..da7978ad01 100644 --- a/kubernetes/clamp/resources/config/nginx.conf +++ b/kubernetes/clamp/resources/config/nginx.conf @@ -4,8 +4,10 @@ server { ssl_protocols TLSv1.2; ssl_certificate /etc/ssl/clamp.pem; ssl_certificate_key /etc/ssl/clamp.key; + ssl_verify_client optional_no_ca; location /restservices/clds/ { proxy_pass https://clamp-backend:443; + proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; } location / { diff --git a/kubernetes/clamp/templates/ingress.yaml b/kubernetes/clamp/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/clamp/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index a0385ada9c..d66273dce1 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-frontend:4.1.2 +image: onap/clamp-frontend:4.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -83,6 +83,12 @@ service: ingress: enabled: false + service: + - baseaddr: "clamp" + name: "clamp" + port: 443 + config: + ssl: "redirect" #resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/cli/templates/ingress.yaml b/kubernetes/cli/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/cli/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index 0fbe21dd4c..7278c99a5f 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -63,6 +63,15 @@ service: ingress: enabled: false + service: + - baseaddr: "cli" + name: "cli" + port: 8080 + - baseaddr: "cli2" + name: cli + port: 9090 + config: + ssl: "none" # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index 630ac43ba3..0d06318422 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -75,7 +75,7 @@ spec: echo "Executing cleanup!!" command="nodetool cleanup" - /root/exec.py -p "cassandra" -c "$command" + /root/exec.py -p "cassandra" -c "$command" echo "Cleaned Node!! Backing up database now!!!" command="nodetool snapshot -t $curr_time" @@ -97,7 +97,7 @@ spec: if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then /root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & pids="$pids $!" - fi + fi done {{- end }} @@ -121,7 +121,7 @@ spec: echo "Failed" > /backup/backup.log exit 0 fi - + mv /backup/temp /backup/backup-${curr_time} echo "Success" > /backup/backup.log echo "Cassandra Backup Succeeded" @@ -135,8 +135,10 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - mountPath: /onap-data - name: data-dir + {{- range $i := until (int .Values.replicaCount)}} + - mountPath: /onap-data/cassandra-{{ $i }} + name: data-dir-{{ $i }} + {{- end }} - mountPath: /backup name: backup-dir - name: scripts @@ -144,7 +146,7 @@ spec: subPath: restore.sh - name: scripts mountPath: /root/exec.py - subPath: exec.py + subPath: exec.py containers: - name: cassandra-backup-validate image: "{{ .Values.image }}" @@ -200,7 +202,7 @@ spec: done kill -9 $CASS_PID {{- end }} - echo "Validation Successful!!!" + echo "Validation Successful!!!" cd /backup totalFiles=`ls -t | grep "backup-" | wc -l` if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then @@ -230,13 +232,14 @@ spec: path: /etc/localtime - name: scripts configMap: - name: {{ include "common.fullname" $ }}-configmap + name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 - - name: data-dir + {{- range $i := until (int .Values.replicaCount)}} + - name: data-dir-{{ $i }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-db-data + claimName: {{ include "common.fullname" . }}-data-{{ $i }} + {{- end }} - name: backup-dir persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-backup-data {{- end -}} - diff --git a/kubernetes/common/cassandra/templates/backup/pv.yaml b/kubernetes/common/cassandra/templates/backup/pv.yaml index 332dc95e05..10c310077b 100644 --- a/kubernetes/common/cassandra/templates/backup/pv.yaml +++ b/kubernetes/common/cassandra/templates/backup/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada, AT&T +# Copyright © 2019 Amdocs, Bell Canada, AT&T, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,25 +14,8 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{ if .Values.persistence.enabled }} -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.fullname" . }}-db-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }}-db-data -spec: - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} --- apiVersion: v1 kind: PersistentVolume @@ -49,9 +32,10 @@ spec: storage: {{ .Values.persistence.size }} accessModes: - {{ .Values.persistence.accessMode }} - hostPath: - path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} -{{ end }} + storageClassName: "{{ include "common.fullname" . }}-data" + hostPath: + path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{ include "common.fullname" . }} +{{- end -}} +{{- end -}} {{- end -}} - diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml index 1f848c3315..dd7f3810a0 100644 --- a/kubernetes/common/cassandra/templates/backup/pvc.yaml +++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml @@ -15,36 +15,6 @@ */}} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-db-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-backup - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-db-data - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} --- kind: PersistentVolumeClaim apiVersion: v1 @@ -61,20 +31,11 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-backup-data accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} {{- end -}} diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml index 06f41e7683..fbbb5ba105 100644 --- a/kubernetes/common/cassandra/templates/pv.yaml +++ b/kubernetes/common/cassandra/templates/pv.yaml @@ -12,28 +12,35 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{ if .Values.persistence.enabled }} -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + namespace: {{ $global.Release.Namespace }} labels: - type: {{ $root.Values.persistence.storageType }} - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + type: {{ $global.Values.persistence.storageType }} + app: {{ $global.Values.service.name }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} spec: capacity: - storage: {{ $root.Values.persistence.size }} + storage: {{ $global.Values.persistence.size }} accessModes: - - {{ $root.Values.persistence.accessMode }} + {{- if $global.Values.backup.enabled }} + - ReadWriteMany + {{- else }} + - ReadWriteOnce + {{- end }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 4be3570851..72e886d4d1 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -49,7 +49,7 @@ spec: - containerPort: {{ $ports.port }} {{- end }} volumeMounts: - - name: cassandra-data + - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/cassandra - name: localtime mountPath: /etc/localtime @@ -151,25 +151,26 @@ spec: name: {{ include "common.fullname" . }}-entrypoint defaultMode: 0755 {{- if not .Values.persistence.enabled }} - - name: cassandra-data + - name: {{ include "common.fullname" . }}-data emptyDir: {} {{- else }} volumeClaimTemplates: - metadata: - name: cassandra-data + name: {{ include "common.fullname" . }}-data labels: - app: {{ template "common.fullname" . }} + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - annotations: - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} spec: accessModes: - - {{ .Values.persistence.accessMode | quote }} + {{- if .Values.backup.enabled }} + - ReadWriteMany + {{- else }} + - ReadWriteOnce + {{- end }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" {{- end }} diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index f078bd17ce..c3af7e59b2 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -37,7 +37,7 @@ debugEnabled: false config: cluster_domain: cluster.local heap: - max: 512M + max: 2048M min: 100M jvmOpts: -Dcassandra.consistent.rangemovement=false clusterName: cassandra @@ -115,12 +115,12 @@ persistence: ## GKE, AWS & OpenStack) ## ## storageClass: "-" - accessMode: ReadWriteOnce + ## Not set as it depends of the backup enabledment or not. + #accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: cassandra storageType: local - storageClass: "" backup: mountPath: /dockerdata-nfs/backup diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl new file mode 100644 index 0000000000..938b0ee514 --- /dev/null +++ b/kubernetes/common/common/templates/_createPassword.tpl @@ -0,0 +1,62 @@ +{{/* +# Copyright © 2019 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Resolve the master password to be used to derive other passwords. The value of + .Values.masterPassword is used by default, unless either override mechanism is + used: + + - .Values.global.masterPassword : override default master password for all charts + - .Values.masterPasswordOverride : override global and default masterPassword on a per chart basis +*/}} +{{- define "common.masterPassword" -}} + {{ if .Values.masterPasswordOverride }} + {{- printf "%d" .Values.masterPasswordOverride -}} + {{ else if .Values.global.masterPassword }} + {{- printf "%d" .Values.global.masterPassword -}} + {{ else if .Values.masterPassword }} + {{- printf "%d" .Values.masterPassword -}} + {{ else }} + {{ fail "masterPassword not provided" }} + {{ end }} +{{- end -}} + +{{/* + Generate a new password based on masterPassword. The new password is not + random, it is derived from masterPassword, fully qualified chart name and + additional uid provided by the user. This ensures that every time when we + run this function from the same place, with the same password and uid we + get the same results. This allows to avoid password changes while you are + doing upgrade. + + The function can take from one to three arguments (inside a dictionary): + - .dot : environment (.) + - .uid : unique identifier of password to be generated within this particular chart. Use only when you create more than a single password within one chart + - .strength : complexity of derived password. See derivePassword documentation for more details + + Example calls: + + {{ include "common.createPassword" . }} + {{ include "common.createPassword" (dict "dot" . "uid" "mysqlRootPasswd") }} + +*/}} +{{- define "common.createPassword" -}} + {{- $dot := default . .dot -}} + {{- $uid := default "onap" .uid -}} + {{- $strength := default "long" .strength -}} + {{- $mp := include "common.masterPassword" $dot -}} + {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}} +{{- end -}} diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 49d7eeb415..b4afe6309d 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -1,12 +1,24 @@ {{- define "ingress.config.port" -}} {{- if .Values.ingress -}} -{{- if .Values.ingress.service -}} +{{- if or (not .Values.global.ingress.virtualhost) (not .Values.global.ingress.virtualhost.enabled) -}} + - http: + paths: {{- range .Values.ingress.service }} - - path: {{ .path }} + - path: {{ printf "/%s" (required "baseaddr" .baseaddr) }} backend: serviceName: {{ .name }} servicePort: {{ .port }} {{- end -}} +{{- else if .Values.ingress.service -}} +{{- $burl := (required "baseurl" .Values.global.ingress.virtualhost.baseurl) -}} +{{ range .Values.ingress.service }} + - host: {{ printf "%s.%s" (required "baseaddr" .baseaddr) $burl }} + http: + paths: + - backend: + serviceName: {{ .name }} + servicePort: {{ .port }} +{{- end -}} {{- else -}} - path: {{ printf "/%s" .Chart.Name }} backend: @@ -17,18 +29,37 @@ {{- end -}} +{{- define "ingress.config.annotations.ssl" -}} +{{- if .Values.ingress.config -}} +{{- if .Values.ingress.config.ssl -}} +{{- if eq .Values.ingress.config.ssl "redirect" -}} +kubernetes.io/ingress.class: nginx +nginx.ingress.kubernetes.io/ssl-passthrough: "true" +nginx.ingress.kubernetes.io/ssl-redirect: "true" +{{- else if eq .Values.ingress.config.ssl "native" -}} +nginx.ingress.kubernetes.io/ssl-redirect: "true" +{{- else if eq .Values.ingress.config.ssl "none" -}} +nginx.ingress.kubernetes.io/ssl-redirect: "false" +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} + + {{- define "ingress.config.annotations" -}} {{- if .Values.ingress -}} {{- if .Values.ingress.annotations -}} {{ toYaml .Values.ingress.annotations | indent 4 | trim }} {{- end -}} {{- end -}} +{{ include "ingress.config.annotations.ssl" . | indent 4 | trim }} {{- end -}} {{- define "common.ingress" -}} {{- if .Values.ingress -}} -{{- if .Values.ingress.enabled -}} +{{- if .Values.global.ingress -}} +{{- if and .Values.ingress.enabled .Values.global.ingress.enabled -}} apiVersion: extensions/v1beta1 kind: Ingress metadata: @@ -42,9 +73,7 @@ metadata: heritage: {{ .Release.Service }} spec: rules: - - http: - paths: - {{- include "ingress.config.port" . }} + {{ include "ingress.config.port" . | trim }} {{- if .Values.ingress.tls }} tls: {{ toYaml .Values.ingress.tls | indent 4 }} @@ -52,4 +81,4 @@ spec: {{- end -}} {{- end -}} {{- end -}} - +{{- end -}} \ No newline at end of file diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl new file mode 100644 index 0000000000..15fb5a4225 --- /dev/null +++ b/kubernetes/common/common/templates/_mariadb.tpl @@ -0,0 +1,59 @@ +{{/* +# Copyright © 2019 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Choose the name of the mariadb service to use. +*/}} +{{- define "common.mariadbService" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{- index .Values "mariadb-galera" "service" "name" -}} + {{- else -}} + {{- .Values.global.mariadbGalera.service -}} + {{- end -}} +{{- end -}} + +{{/* + Choose the value of mariadb port to use. +*/}} +{{- define "common.mariadbPort" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{- index .Values "mariadb-galera" "service" "internalPort" -}} + {{- else -}} + {{- .Values.global.mariadbGalera.internalPort -}} + {{- end -}} +{{- end -}} + +{{/* + Choose the value of secret to retrieve user value. +*/}} +{{- define "common.mariadbSecret" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{ printf "%s-%s-db-user-credentials" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}} + {{- else -}} + {{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}} + {{- end -}} +{{- end -}} + +{{/* + Choose the value of secret param to retrieve user value. +*/}} +{{- define "common.mariadbSecretParam" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{ printf "password" -}} + {{- else -}} + {{ printf "db-user-password" -}} + {{- end -}} +{{- end -}} diff --git a/kubernetes/common/common/templates/_name.tpl b/kubernetes/common/common/templates/_name.tpl index 4299984673..f84ca21f3a 100644 --- a/kubernetes/common/common/templates/_name.tpl +++ b/kubernetes/common/common/templates/_name.tpl @@ -28,4 +28,14 @@ {{- define "common.fullname" -}} {{- $name := default .Chart.Name .Values.nameOverride -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} \ No newline at end of file +{{- end -}} + +{{/* + Retrieve the "original" release from the component release: + if ONAP is deploy with "helm deploy --name toto", then cassandra components + will have "toto-cassandra" as release name. + this function would answer back "toto". +*/}} +{{- define "common.release" -}} + {{- regexReplaceAll "-[a-zA-Z0-9]*$" .Release.Name "" }} +{{- end -}} diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml new file mode 100644 index 0000000000..523d7880f0 --- /dev/null +++ b/kubernetes/common/common/templates/_secret.yaml @@ -0,0 +1,276 @@ +{{/* +# Copyright © 2019 AT&T, Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + For internal use only! + + Generates a secret header with given name and desired labels. + + The template takes two arguments: + - .global: environment (.) + - .name: name of the secret + + Example call: + {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }} +*/}} +{{- define "common.secret._header" -}} +{{- $global := .global }} +{{- $name := .name }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $name }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.name" $global }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} +type: Opaque +{{- end -}} + +{{/* + For internal use only! + + Pick a value based on "user input" and generation policy. + + The template takes below arguments: + - .global: environment (.) + - .secretName: name of the secret where the value will be placed + - .secretEnv: map of values which configures this secret. This can contain below keys: + - value: Value of secret key provided by user (can be a template inside a string) + - policy: What to do if value is missing or empty. Possible options are: + - generate: Generate a new password deriving it from master password + - required: Fail the deployment if value has not been provided + Defaults to generate. + - name: Name of the key to which this value should be assigned +*/}} +{{- define "common.secret._value" -}} + {{- $global := .global }} + {{- $name := .secretName }} + {{- $secretEnv := .secretEnv }} + {{- $value := tpl $secretEnv.value $global }} + {{- $policy := default "generate" $secretEnv.policy }} + + {{- if $value }} + {{- $value | quote }} + {{- else if eq $policy "generate" }} + {{- include "common.createPassword" (dict "dot" $global "uid" $name) | quote }} + {{- else }} + {{- fail (printf "Value for %s secret %s key not provided" $name $secretEnv.name) }} + {{- end }} +{{- end -}} + + +{{/* + For internal use only! + + Generate a secret name based on provided name or UID. + If UID is provided then the name is generated by appending this UID right after + the chart name. If name is provided, it overrides the name generation algorith + and is used right away. Both name and uid strings may contain a template to be + resolved. + + The template takes below arguments: + - .global: environment (.) + - .uid: string that uniquely identifies this secret within a helm chart + - .name: string that can be used to override default name generation algorithm + and provide a custom name for the secret +*/}} +{{- define "common.secret._genName" -}} + {{- $global := .global }} + {{- $uid := tpl (default "" .uid) $global }} + {{- $name := tpl (default "" .name) $global }} + {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }} +{{- end -}} + +{{/* + Get the real secret name by UID or name, based on the configuration provided by user. + User may decide to not create a new secret but reuse existing one for this deployment + (aka externalSecret). In this case the real name of secret to be used is different + than the one declared in secret definition. This easily retrieve current secret real + name based on declared name or UID even if it has been overrided by the user using + externalSecret option. You should use this template always when you need to reference + a secret created using common.secret template by name. + + The template takes below arguments: + - .global: environment (.) + - .uid: string that uniquely identifies this secret within a helm chart + (can be omitted if name has been provided) + - .name: name which was used to declare a secret + (can be omitted if uid has been provided) +*/}} +{{- define "common.secret.getSecretName" -}} + {{- $global := .global }} + {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }} + {{- range $secret := $global.Values.secrets }} + {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} + {{- if eq $currName $targetName }} + {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} + {{- default $currName $externalSecret }} + {{- end }} + {{- end }} +{{- end -}} + +{{/* + Convenience template which can be used to easily set the value of environment variable + to the value of a key in a secret. + + It takes care of all name mangling, usage of external secrets etc. + + The template takes below arguments: + - .global: environment (.) + - .uid: string that uniquely identifies this secret within a helm chart + (can be omitted if name has been provided) + - .name: name which was used to declare a secret + (can be omitted if uid has been provided) + - .key: Key within this secret which value should be assigned to this variable + + Example usage: + env: + - name: SECRET_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "secret" "key" "password") | indent 8}} +*/}} +{{- define "common.secret.envFromSecret" -}} + {{- $key := .key }} +valueFrom: + secretKeyRef: + name: {{ include "common.secret.getSecretName" . }} + key: {{ $key }} +{{- end -}} + +{{/* + Define secrets to be used by chart. + Every secret has a type which is one of: + - generic: + Generic secret template that allows to input some raw data (from files). + File Input can be passed as list of files (filePaths) or as a single string + (filePath) + - genericKV: + Type of secret which allows you to define a list of key value pairs. + The list is assiged to envs value. Every item may define below items: + - name: + Identifier of this value within secret + - value: + String that defines a value associated with given key. + This can be a simple string or a template. + - policy: + Defines what to do if value is not provided by the user. + Available options are: + - generate: + Generate a value by derriving it from master password + - required: + Fail the deployment + - password: + Type of secret that holds only the password. + Only two items can be defined for this type: + - password: + Equivalent of value field from genericKV + - policy: + The same meaning as for genericKV policy field + - basicAuth: + Type of secret that holds both username and password. + Below fields are available: + - login: + The value for login key. + This can be a simple string or a template. + Providing a value for login is always required. + - password: + The value for password key. + This can be a simple string or a template. + - passwordPolicy: + The same meaning as the policy field in genericKV. + Only the policy for password can be set. + + Every secret can be identified using: + - uid: + A string to be appended to the chart fullname to generate a secret name. + - name: + Overrides default secret name generation and allows to set immutable + and globaly unique name + + To allow sharing a secret between the components and allow to pre-deploy secrets + before ONAP deployment it is possible to use already existing secret instead of + creating a new one. For this purpose externalSecret field can be used. If value of + this field is evaluated to true no new secret is created, only the name of the + secret is aliased to the external one. + + Example usage: + secrets.yaml: + {{ include "common.secret" . }} + + values.yaml: + mysqlLogin: "root" + + mysqlExternalSecret: "some-other-secret-name" + + secrets: + - uid: "mysql" + externalSecret: '{{ tpl .Values.passExternalSecret . }}' + type: basicAuth + login: '{{ .Values.mysqlLogin }}' + mysqlPassword: '{{ .Values.mysqlPassword }}' + passwordPolicy: generate + + In the above example new secret is not going to be created. + Already existing one (some-other-secret-name) is going to be used. + To force creating a new one, just make sure that mysqlExternalSecret + is not set. + +*/}} +{{- define "common.secret" -}} + {{- $global := . }} + {{- range $secret := .Values.secrets }} + {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} + {{- $type := default "generic" $secret.type }} + {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} + {{- if not $externalSecret }} +--- + {{ include "common.secret._header" (dict "global" $global "name" $name) }} + + {{- if eq $type "generic" }} +data: + {{- range $curFilePath := $secret.filePaths }} + {{ tpl ($global.Files.Glob $curFilePath).AsSecrets $global | indent 2 }} + {{- end }} + {{- if $secret.filePath }} + {{ tpl ($global.Files.Glob $secret.filePath).AsSecrets $global | indent 2 }} + {{- end }} + {{- else if eq $type "genericKV" }} +stringData: + {{- if $secret.envs }} + {{- range $secretEnv := $secret.envs }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} + {{ $secretEnv.name }}: {{ include "common.secret._value" $valueDesc }} + {{- end }} + {{- end }} + {{- else if eq $type "password" }} + {{- $secretEnv := (dict "policy" (default "generate" $secret.policy) "name" "password" "value" $secret.password) }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} +stringData: + password: {{ include "common.secret._value" $valueDesc }} + {{- else if eq $type "basicAuth" }} +stringData: + {{- $secretEnv := (dict "policy" "required" "name" "login" "value" $secret.login) }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} + login: {{ include "common.secret._value" $valueDesc }} + {{- $secretEnv := (dict "policy" (default "generate" $secret.passwordPolicy) "name" "password" "value" $secret.password) }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} + password: {{ include "common.secret._value" $valueDesc }} + {{- end }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/kubernetes/common/common/templates/_storageClass.tpl b/kubernetes/common/common/templates/_storageClass.tpl new file mode 100644 index 0000000000..8fd1f9772b --- /dev/null +++ b/kubernetes/common/common/templates/_storageClass.tpl @@ -0,0 +1,57 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Expand the name of the storage class. + The value "common.fullname"-data is used by default, + unless either override mechanism is used. + + - .Values.global.persistence.storageClass : override default storageClass for all charts + - .Values.persistence.storageClassOverride : override global and default storage class on a per chart basis + - .Values.persistence.storageClass : override default storage class on a per chart basis +*/}} +{{- define "common.storageClass" -}} + {{- if .Values.persistence.storageClassOverride -}} + {{- if ne "-" .Values.persistence.storageClassOverride -}} + {{- printf "%s" .Values.persistence.storageClassOverride -}} + {{- else -}} + {{- $storage_class := "" -}} + {{- printf "%q" $storage_class -}} + {{- end -}} + {{- else -}} + {{- if or .Values.persistence.storageClass .Values.global.persistence.storageClass }} + {{- if ne "-" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}} + {{- printf "%s" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}} + {{- else -}} + {{- $storage_class := "" -}} + {{- printf "%q" $storage_class -}} + {{- end -}} + {{- else -}} + {{- printf "%s-data" (include "common.fullname" .) -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* + Calculate if we need a PV. If a storageClass is provided, then we don't need. +*/}} +{{- define "common.needPV" -}} +{{- if or (or .Values.persistence.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}} + False +{{- else -}} + True +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index a01524c42f..012a4e13ce 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -11,7 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - + +apiVersion: v1 name: etcd home: https://github.com/coreos/etcd version: 5.0.0 diff --git a/kubernetes/common/etcd/templates/pv.yaml b/kubernetes/common/etcd/templates/pv.yaml index 65993e5f2a..da8dfb8a22 100644 --- a/kubernetes/common/etcd/templates/pv.yaml +++ b/kubernetes/common/etcd/templates/pv.yaml @@ -12,30 +12,34 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{ if .Values.persistence.enabled }} -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ include "common.fullname" $root }}-data-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - type: {{ $root.Values.persistence.storageType }} - app: {{ include "common.fullname" $root }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ $root.Values.persistence.storage }} + storage: {{ $global.Values.persistence.storage }} accessModes: - - {{ $root.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $root }}-data" + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} - + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index 7190c5bca0..cef1a48c2a 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -213,14 +213,19 @@ spec: volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: accessModes: - - "{{ .Values.persistence.accessMode }}" + - "{{ .Values.persistence.accessMode }}" + storageClassName: {{ include "common.storageClass" . }} resources: requests: # upstream recommended max is 700M storage: "{{ .Values.persistence.storage }}" - storageClassName: {{ include "common.fullname" . }}-data {{- else }} volumes: - name: {{ include "common.fullname" . }}-data @@ -231,4 +236,3 @@ spec: emptyDir: {} {{- end }} {{- end }} - diff --git a/kubernetes/common/etcd/values.yaml b/kubernetes/common/etcd/values.yaml index 7f53d22248..d994f87ea4 100644 --- a/kubernetes/common/etcd/values.yaml +++ b/kubernetes/common/etcd/values.yaml @@ -45,7 +45,7 @@ liveness: enabled: true persistence: - enabled: false + enabled: true ## etcd data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning @@ -79,4 +79,3 @@ tolerations: [] affinity: {} extraEnv: [] resources: {} - diff --git a/kubernetes/common/mariadb-galera/.helmignore b/kubernetes/common/mariadb-galera/.helmignore index f0c1319444..f3d010c5f7 100644 --- a/kubernetes/common/mariadb-galera/.helmignore +++ b/kubernetes/common/mariadb-galera/.helmignore @@ -19,3 +19,6 @@ .project .idea/ *.tmproj + +# Unit tests folder +tests diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 7d3ec75c00..408bd1814c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -86,25 +86,17 @@ spec: echo "Backup Successful!!!" env: - name: DB_PASS - valueFrom: - secretKeyRef: - name: {{ include "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} volumeMounts: - - name: backup-data + - name: backup-dir mountPath: /backup - - name: db-data - mountPath: /var/lib/mysql containers: - name: mariadb-backup-validate image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} command: - /bin/bash - -c @@ -130,7 +122,7 @@ spec: remove_dir $target_dir exit 0 fi - + /docker-entrypoint.sh mysqld & count=0 @@ -163,16 +155,13 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - name: backup-data + - name: backup-dir mountPath: /backup volumes: - name: localtime hostPath: path: /etc/localtime - - name: db-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-db-data - - name: backup-data + - name: backup-dir persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-backup + claimName: {{ include "common.fullname" . }}-backup-data {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml index 2972191563..ec6f44d955 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,45 +15,27 @@ */}} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-backup - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-backup -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{include "common.name" . }} +{{- if eq "True" (include "common.needPV" .) -}} --- -kind: PersistentVolume apiVersion: v1 +kind: PersistentVolume metadata: - name: {{ include "common.fullname" . }}-db-data + name: {{ include "common.fullname" . }}-backup-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-db-data + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }}-backup-data spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ .Values.persistence.size }} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data-backup" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}{{ sub .Values.replicaCount 1 }} + path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }} +{{- end -}} {{- end -}} {{- end -}} - diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml index a983c8af98..06b590c7fd 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,44 +15,14 @@ */}} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-backup - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-backup - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-backup - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} --- kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-db-data + name: {{ include "common.fullname" . }}-backup-data namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }}-db-data + app: {{ include "common.name" . }}-backup chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" @@ -61,21 +31,15 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-db-data accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" +{{- if eq "True" (include "common.needPV" .) -}} + storageClassName: "{{ include "common.fullname" . }}-data-backup" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} {{- end -}} {{- end -}} - diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index 9c9a248f35..ff6e119b0c 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -12,19 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-confd - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} ---- {{- if .Values.externalConfig }} apiVersion: v1 kind: ConfigMap @@ -39,4 +26,4 @@ metadata: data: my_extra.cnf: | {{ .Values.externalConfig | indent 4 }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/pv.yaml b/kubernetes/common/mariadb-galera/templates/pv.yaml index a2096fdef3..795ad3188b 100644 --- a/kubernetes/common/mariadb-galera/templates/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,12 +14,13 @@ # limitations under the License. */}} {{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} -{{- range $i, $t := until (int $global.Values.replicaCount)}} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" $global }}-data{{$i}} + name: {{ include "common.fullname" $global }}-data-{{ $i }} namespace: {{ include "common.namespace" $global }} labels: app: {{ include "common.fullname" $global }} @@ -35,7 +36,10 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} {{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/secrets.yaml b/kubernetes/common/mariadb-galera/templates/secrets.yaml index 233158f791..3f8eb0b6de 100644 --- a/kubernetes/common/mariadb-galera/templates/secrets.yaml +++ b/kubernetes/common/mariadb-galera/templates/secrets.yaml @@ -1,4 +1,5 @@ # Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,18 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -type: Opaque -data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} - user-password: {{ default "" .Values.config.userPassword | b64enc | quote }} \ No newline at end of file +{{ include "common.secret" . }} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index b0b7174811..a9f1fb37b7 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -61,19 +61,13 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: MYSQL_USER - value: {{ default "" .Values.config.userName | quote }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}} - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: user-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}} - name: MYSQL_DATABASE value: {{ default "" .Values.config.mysqlDatabase | quote }} - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} @@ -112,7 +106,7 @@ spec: - mountPath: /var/lib/mysql name: {{ include "common.fullname" . }}-data initContainers: - - name: mariadb-galera-prepare + - name: {{ include "common.name" . }}-prepare image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"] @@ -130,11 +124,8 @@ spec: spec: accessModes: - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.fullname" . }}-data + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/tests/pv_test.yaml b/kubernetes/common/mariadb-galera/tests/pv_test.yaml new file mode 100644 index 0000000000..cd4007960b --- /dev/null +++ b/kubernetes/common/mariadb-galera/tests/pv_test.yaml @@ -0,0 +1,35 @@ +--- +suite: test pv behavior +templates: + - pv.yaml +tests: + - it: 'should render "" (global case))' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "-" + asserts: + - isEmpty: + + - it: 'should "" (override case)' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + persistence.storageClassOverride: "-" + asserts: + - isEmpty: + + - it: 'should "" (local case)' + values: + - ./values/persistence.yaml + set: + persistence.storageClass: "-" + asserts: + - isEmpty: + + - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname' + asserts: + - equal: + path: spec.storageClassName + value: "RELEASE-NAME-mariadb-galera-data" diff --git a/kubernetes/common/mariadb-galera/tests/storage_class_test.yaml b/kubernetes/common/mariadb-galera/tests/storage_class_test.yaml new file mode 100644 index 0000000000..9b7bdcb550 --- /dev/null +++ b/kubernetes/common/mariadb-galera/tests/storage_class_test.yaml @@ -0,0 +1,67 @@ +--- +suite: test storage class behavior +templates: + - statefulset.yaml +tests: + - it: 'should render "" as storageClassname (global case)' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "-" + asserts: + - isEmpty: + path: spec.volumeClaimTemplates[0].spec.storageClassName + + - it: 'should "" as storageClassname (override case)' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + persistence.storageClassOverride: "-" + asserts: + - isEmpty: + path: spec.volumeClaimTemplates[0].spec.storageClassName + + - it: 'should "" as storageClassname (local case)' + values: + - ./values/persistence.yaml + set: + persistence.storageClass: "-" + asserts: + - isEmpty: + path: spec.volumeClaimTemplates[0].spec.storageClassName + + - it: 'should render "global" as storageClassname' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "global" + + - it: 'should render "local" as storageClassname' + values: + - ./values/persistence.yaml + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "local" + + - it: 'should render "override" as storageClassname' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + persistence.storageClassOverride: "override" + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "override" + + - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname' + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "RELEASE-NAME-mariadb-galera-data" diff --git a/kubernetes/common/mariadb-galera/tests/values/persistence.yaml b/kubernetes/common/mariadb-galera/tests/values/persistence.yaml new file mode 100644 index 0000000000..a282f74318 --- /dev/null +++ b/kubernetes/common/mariadb-galera/tests/values/persistence.yaml @@ -0,0 +1,6 @@ +--- +persistence: + enabled: true + existingClaim: false + size: 10Gb + storageClass: "local" diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index a662b1e04a..a6dd1ca359 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +13,21 @@ # See the License for the specific language governing permissions and # limitations under the License. +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-password" + type: password + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + password: '{{ .Values.config.mariadbRootPassword }}' + - uid: "db-user-credentials" + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.userName }}' + password: '{{ .Values.config.userPassword }}' + + ################################################################# # Global configuration defaults. ################################################################# @@ -35,13 +51,15 @@ global: #repository: mysql repository: nexus3.onap.org:10001 image: adfinissygroup/k8s-mariadb-galera-centos:v002 -backupImage: library/mariadb:10.1.38 +backupImage: library/mariadb:10.1.38 imageInit: busybox pullPolicy: IfNotPresent # application configuration config: + # .mariadbRootPasswordExternalSecret: 'some-external-secret' mariadbRootPassword: secretpassword + # .userCredentialsExternalSecret: 'some-external-secret' userName: my-user userPassword: my-password mysqlDatabase: my-database @@ -91,7 +109,7 @@ persistence: mountSubPath: "mariadb-galera/data" mysqlPath: /var/lib/mysql backup: - mountPath: /dockerdata-nfs/backup + mountPath: /dockerdata-nfs/backup{{- if or (or .Values.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}} service: internalPort: 3306 diff --git a/kubernetes/common/mariadb-init/.helmignore b/kubernetes/common/mariadb-init/.helmignore new file mode 100644 index 0000000000..dadf202953 --- /dev/null +++ b/kubernetes/common/mariadb-init/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +tests diff --git a/kubernetes/common/mysql/Chart.yaml b/kubernetes/common/mariadb-init/Chart.yaml similarity index 84% rename from kubernetes/common/mysql/Chart.yaml rename to kubernetes/common/mariadb-init/Chart.yaml index 7f272295ff..47b8b8f11c 100644 --- a/kubernetes/common/mysql/Chart.yaml +++ b/kubernetes/common/mariadb-init/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: MySQL Server -name: mysql +description: Chart for MariaDB Galera init job +name: mariadb-init version: 5.0.0 diff --git a/kubernetes/common/mariadb-init/requirements.yaml b/kubernetes/common/mariadb-init/requirements.yaml new file mode 100644 index 0000000000..d323ddaa2b --- /dev/null +++ b/kubernetes/common/mariadb-init/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: 'file://../common' \ No newline at end of file diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh new file mode 100755 index 0000000000..b2fdb14b12 --- /dev/null +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -0,0 +1,36 @@ +#!/bin/bash +# Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +while read DB ; do + USER_VAR="MYSQL_USER_${DB^^}" + PASS_VAR="MYSQL_PASSWORD_${DB^^}" + USER=${!USER_VAR} + PASS=${!PASS_VAR} + MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) + + echo "Creating database ${DB} and user ${USER}..." + + mysql "${MYSQL_OPTS[@]}" -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'" + mysql "${MYSQL_OPTS[@]}" -e "CREATE DATABASE IF NOT EXISTS ${DB}" + mysql "${MYSQL_OPTS[@]}" -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'" + + echo "Created database ${DB} and user ${USER}." +done < /mnt/conf.d/server-id.cnf - # Add an offset to avoid reserved server-id=0 value. - echo server-id=$(($siteId*100 + $ordinal)) >> /mnt/conf.d/server-id.cnf - # Copy appropriate conf.d files from config-map to emptyDir. - if [[ $ordinal -eq 0 ]]; then - cp /mnt/config-map/master.cnf /mnt/conf.d/ - else - cp /mnt/config-map/slave.cnf /mnt/conf.d/ - fi - volumeMounts: - - name: conf - mountPath: /mnt/conf.d - - name: config-map - mountPath: /mnt/config-map - - - name: clone-mysql - image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - command: - - bash - - "-c" - - | - set -ex - # Skip the clone if data already exists. - [[ -d /var/lib/mysql/mysql ]] && exit 0 - # Skip the clone on master (ordinal index 0). - [[ `hostname` =~ -([0-9]+)$ ]] || exit 1 - ordinal=${BASH_REMATCH[1]} - echo ${BASH_REMATCH} - [[ $ordinal -eq 0 ]] && exit 0 - # Clone data from previous peer. - ncat --recv-only {{ include "common.fullname" . }}-$(($ordinal-1)).{{ .Values.service.name }}.{{ include "common.namespace" . }} 3307 | xbstream -x -C {{ .Values.persistence.mysqlPath }} - # Prepare the backup. - xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --prepare --target-dir=/var/lib/mysql - ls -l {{ .Values.persistence.mysqlPath }} - volumeMounts: - - name: {{ include "common.fullname" . }}-mysql - mountPath: {{ .Values.persistence.mysqlPath }} - - name: conf - mountPath: /etc/mysql/conf.d - - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ["mysqladmin", "ping"] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - - name: MYSQL_ROOT_HOST - value: '%' - - name: MYSQL_ALLOW_EMPTY_PASSWORD - value: {{ .Values.config.dbAllowEmptyPassword | default "0" | quote }} - volumeMounts: - - mountPath: {{ .Values.persistence.mysqlPath }} - name: {{ include "common.fullname" . }}-mysql - - mountPath: /etc/mysql/conf.d - name: conf - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - - name: xtrabackup - image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - ports: - - containerPort: {{ .Values.xtrabackup.internalPort }} - name: xtrabackup - command: - - bash - - "-c" - - | - set -ex - cd {{ .Values.persistence.mysqlPath }} - ls -l - # Determine binlog position of cloned data, if any. - if [[ -f xtrabackup_slave_info ]]; then - echo "Inside xtrabackup_slave_info" - # XtraBackup already generated a partial "CHANGE MASTER TO" query - # because we're cloning from an existing slave. - mv xtrabackup_slave_info change_master_to.sql.in - # Ignore xtrabackup_binlog_info in this case (it's useless). - rm -f xtrabackup_binlog_info - elif [[ -f xtrabackup_binlog_info ]]; then - echo "Inside xtrabackup_binlog_info" - # We're cloning directly from master. Parse binlog position. - [[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1 - rm xtrabackup_binlog_info - echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\ - MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in - fi - - [[ `hostname` =~ -([0-9]+)$ ]] || exit 1 - ordinal=${BASH_REMATCH[1]} - echo $ordinal - - mysqlhost={{ include "common.fullname" . }}-$(($ordinal)).{{ .Values.service.name }}.{{ include "common.namespace" . }} - echo $mysqlhost - - # Check if we need to complete a clone by starting replication. - if [[ -f change_master_to.sql.in ]]; then - echo "Waiting for mysqld to be ready (accepting connections)" - until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost -e "SELECT 1"; do sleep 1; done - - echo "Initializing replication from clone position" - # In case of container restart, attempt this at-most-once. - mv change_master_to.sql.in change_master_to.sql.orig - mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost < 0 + # (change requires restart) + +# -- heartbeat mode -- + +wd_heartbeat_port = 9694 + # Port number for receiving heartbeat signal + # (change requires restart) +wd_heartbeat_keepalive = 2 + # Interval time of sending heartbeat signal (sec) + # (change requires restart) +wd_heartbeat_deadtime = 30 + # Deadtime interval for heartbeat signal (sec) + # (change requires restart) +heartbeat_destination0 = 'host0_ip1' + # Host name or IP address of destination 0 + # for sending heartbeat signal. + # (change requires restart) +heartbeat_destination_port0 = 9694 + # Port number of destination 0 for sending + # heartbeat signal. Usually this is the + # same as wd_heartbeat_port. + # (change requires restart) +heartbeat_device0 = '' + # Name of NIC device (such like 'eth0') + # used for sending/receiving heartbeat + # signal to/from destination 0. + # This works only when this is not empty + # and pgpool has root privilege. + # (change requires restart) + +#heartbeat_destination1 = 'host0_ip2' +#heartbeat_destination_port1 = 9694 +#heartbeat_device1 = '' + +# -- query mode -- + +wd_life_point = 3 + # lifecheck retry times + # (change requires restart) +wd_lifecheck_query = 'SELECT 1' + # lifecheck query to pgpool from watchdog + # (change requires restart) +wd_lifecheck_dbname = 'template1' + # Database name connected for lifecheck + # (change requires restart) +wd_lifecheck_user = 'nobody' + # watchdog user monitoring pgpools in lifecheck + # (change requires restart) +wd_lifecheck_password = '' + # Password for watchdog user in lifecheck + # (change requires restart) + +# - Other pgpool Connection Settings - + +#other_pgpool_hostname0 = 'host0' + # Host name or IP address to connect to for other pgpool 0 + # (change requires restart) +#other_pgpool_port0 = 5432 + # Port number for othet pgpool 0 + # (change requires restart) +#other_wd_port0 = 9000 + # Port number for othet watchdog 0 + # (change requires restart) +#other_pgpool_hostname1 = 'host1' +#other_pgpool_port1 = 5432 +#other_wd_port1 = 9000 + + +#------------------------------------------------------------------------------ +# OTHERS +#------------------------------------------------------------------------------ +relcache_expire = 0 + # Life time of relation cache in seconds. + # 0 means no cache expiration(the default). + # The relation cache is used for cache the + # query result against PostgreSQL system + # catalog to obtain various information + # including table structures or if it's a + # temporary table or not. The cache is + # maintained in a pgpool child local memory + # and being kept as long as it survives. + # If someone modify the table by using + # ALTER TABLE or some such, the relcache is + # not consistent anymore. + # For this purpose, cache_expiration + # controls the life time of the cache. +relcache_size = 256 + # Number of relation cache + # entry. If you see frequently: + # "pool_search_relcache: cache replacement happend" + # in the pgpool log, you might want to increate this number. + +check_temp_table = on + # If on, enable temporary table check in SELECT statements. + # This initiates queries against system catalog of primary/master + # thus increases load of master. + # If you are absolutely sure that your system never uses temporary tables + # and you want to save access to primary/master, you could turn this off. + # Default is on. + + +#------------------------------------------------------------------------------ +# ON MEMORY QUERY MEMORY CACHE +#------------------------------------------------------------------------------ +memory_cache_enabled = off + # If on, use the memory cache functionality, off by default +memqcache_method = 'shmem' + # Cache storage method. either 'shmem'(shared memory) or + # 'memcached'. 'shmem' by default + # (change requires restart) +memqcache_memcached_host = 'localhost' + # Memcached host name or IP address. Mandatory if + # memqcache_method = 'memcached'. + # Defaults to localhost. + # (change requires restart) +memqcache_memcached_port = 11211 + # Memcached port number. Mondatory if memqcache_method = 'memcached'. + # Defaults to 11211. + # (change requires restart) +memqcache_total_size = 67108864 + # Total memory size in bytes for storing memory cache. + # Mandatory if memqcache_method = 'shmem'. + # Defaults to 64MB. + # (change requires restart) +memqcache_max_num_cache = 1000000 + # Total number of cache entries. Mandatory + # if memqcache_method = 'shmem'. + # Each cache entry consumes 48 bytes on shared memory. + # Defaults to 1,000,000(45.8MB). + # (change requires restart) +memqcache_expire = 0 + # Memory cache entry life time specified in seconds. + # 0 means infinite life time. 0 by default. + # (change requires restart) +memqcache_auto_cache_invalidation = on + # If on, invalidation of query cache is triggered by corresponding + # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered + # by memqcache_expire. on by default. + # (change requires restart) +memqcache_maxcache = 409600 + # Maximum SELECT result size in bytes. + # Must be smaller than memqcache_cache_block_size. Defaults to 400KB. + # (change requires restart) +memqcache_cache_block_size = 1048576 + # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'. + # Defaults to 1MB. + # (change requires restart) +memqcache_oiddir = '/var/log/pgpool/oiddir' + # Temporary work directory to record table oids + # (change requires restart) +white_memqcache_table_list = '' + # Comma separated list of table names to memcache + # that don't write to database + # Regexp are accepted +black_memqcache_table_list = '' + # Comma separated list of table names not to memcache + # that don't write to database + # Regexp are accepted diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf new file mode 100644 index 0000000000..d8918409e8 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf @@ -0,0 +1,67 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd similarity index 100% rename from kubernetes/common/postgres/charts/pgpool/configs/pool_passwd rename to kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd diff --git a/kubernetes/common/nfs-provisioner/requirements.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml similarity index 93% rename from kubernetes/common/nfs-provisioner/requirements.yaml rename to kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml index 542c262ef0..5b097f3ab7 100644 --- a/kubernetes/common/nfs-provisioner/requirements.yaml +++ b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml new file mode 100755 index 0000000000..e2c77ff910 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pgpool-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml new file mode 100644 index 0000000000..15fa18d81d --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml @@ -0,0 +1,68 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 2 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + env: + - name: PG_PRIMARY_SERVICE_NAME + value: {{.Values.container.name.primary}} + - name: PG_REPLICA_SERVICE_NAME + value: {{.Values.container.name.replica}} + - name: PG_USERNAME + value: {{.Values.credentials.pgusername}} + - name: PG_PASSWORD + value: {{.Values.credentials.pgpassword}} + ports: + - containerPort: 5432 + name: pgpool + protocol: TCP + readinessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 20 + periodSeconds: 10 + livenessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 15 + periodSeconds: 20 + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + volumes: + - name: pgpool-pgconf + configMap: + name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml new file mode 100644 index 0000000000..86442a2740 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/common/nfs-provisioner/values.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml similarity index 61% rename from kubernetes/common/nfs-provisioner/values.yaml rename to kubernetes/common/postgres-legacy/charts/pgpool/values.yaml index 687219d680..cb732b7cd7 100644 --- a/kubernetes/common/nfs-provisioner/values.yaml +++ b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml @@ -1,50 +1,44 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - persistence: - mountPath: /dockerdata-nfs - -################################################################# -# Application configuration defaults. -################################################################# - -dockerHubRepository: registry.hub.docker.com -pullPolicy: Always - -# default number of instances - -nodeSelector: {} - -affinity: {} - -service: - name: nfs-provisioner - nfsPort: 2049 - mountdPort: 20048 - rpcbindPort: 111 - rpcbindUdpPort: 111 - -## Persist data to a persitent volume -persistence: - enabled: true - mountPath: /dockerdata-nfs - -## NFS provisioner image properties -nfsprovisionerRepository: quay.io -nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8 - +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: crunchydata +image: crunchy-pgpool:centos7-10.4-2.0.0 +pullPolicy: Always + +container: + port: 5432 + name: + primary: pgset-primary + replica: pgset-replica +credentials: + pgusername: testuser + pgpassword: password +service: + name: pgpool + type: ClusterIP + externalPort: 5432 + internalPort: 5432 diff --git a/kubernetes/common/mysql/requirements.yaml b/kubernetes/common/postgres-legacy/requirements.yaml similarity index 93% rename from kubernetes/common/mysql/requirements.yaml rename to kubernetes/common/postgres-legacy/requirements.yaml index 79d7de4dd3..5b097f3ab7 100644 --- a/kubernetes/common/mysql/requirements.yaml +++ b/kubernetes/common/postgres-legacy/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/common/postgres-legacy/templates/pv.yaml b/kubernetes/common/postgres-legacy/templates/pv.yaml new file mode 100644 index 0000000000..bcd67d79cb --- /dev/null +++ b/kubernetes/common/postgres-legacy/templates/pv.yaml @@ -0,0 +1,45 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/configmap.yaml b/kubernetes/common/postgres-legacy/templates/secrets.yaml similarity index 67% rename from kubernetes/multicloud/charts/multicloud-lenovo/templates/configmap.yaml rename to kubernetes/common/postgres-legacy/templates/secrets.yaml index f6eb87eab1..29de3af260 100644 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/configmap.yaml +++ b/kubernetes/common/postgres-legacy/templates/secrets.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright (c) 2019 Lenovo +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. @@ -13,16 +13,19 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} - apiVersion: v1 -kind: ConfigMap +kind: Secret metadata: - name: {{ include "common.fullname" . }}-log-configmap + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} +type: Opaque data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} + pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }} + pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }} + pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/templates/service.yaml b/kubernetes/common/postgres-legacy/templates/service.yaml similarity index 100% rename from kubernetes/common/postgres/templates/service.yaml rename to kubernetes/common/postgres-legacy/templates/service.yaml diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres-legacy/templates/statefulset.yaml similarity index 81% rename from kubernetes/common/postgres/templates/statefulset.yaml rename to kubernetes/common/postgres-legacy/templates/statefulset.yaml index db4a256f12..7c38d1d9d7 100644 --- a/kubernetes/common/postgres/templates/statefulset.yaml +++ b/kubernetes/common/postgres-legacy/templates/statefulset.yaml @@ -37,23 +37,13 @@ spec: - /bin/sh - -c - | - for i in $(seq 0 $(({{ .Values.replicaCount }}-1))); do - if [ ! -d /podroot/data$i ]; then - mkdir -p /podroot/data$i; - chown 26:26 /podroot/data$i; - chmod 700 /podroot/data$i; - fi; - done - env: - - name: POD_NAME - valueFrom: { fieldRef: { fieldPath: metadata.name } } - securityContext: - privileged: true + chown -R 26:26 /podroot/; + chmod 700 /podroot/; image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: init-sysctl + name: {{ include "common.name" . }}-prepare volumeMounts: - - name: {{ include "common.fullname" . }}-init + - name: {{ include "common.fullname" . }}-data mountPath: /podroot/ containers: - name: {{ include "common.name" . }} @@ -129,27 +119,25 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.fullname" . }}-init - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountInitPath }} - name: {{ include "common.fullname" . }}-backup emptyDir: {} -#{{ if not .Values.persistence.enabled }} +{{- if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} -#{{ else }} +{{- else }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-data + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: - storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -#{{ end }} + storage: {{ .Values.persistence.size | quote }} +{{- end }} diff --git a/kubernetes/common/mysql/values.yaml b/kubernetes/common/postgres-legacy/values.yaml similarity index 74% rename from kubernetes/common/mysql/values.yaml rename to kubernetes/common/postgres-legacy/values.yaml index 9fd67fcabc..8dd5d0aaac 100644 --- a/kubernetes/common/mysql/values.yaml +++ b/kubernetes/common/postgres-legacy/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,31 +21,54 @@ global: readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - ################################################################# # Application configuration defaults. ################################################################# -dockerHubRepository: registry.hub.docker.com -image: library/mysql:5.7 +# BusyBox image +busyboxRepository: registry.hub.docker.com +busyboxImage: library/busybox:latest + +postgresRepository: crunchydata +image: crunchy-postgres:centos7-10.4-2.0.0 pullPolicy: Always # application configuration config: - dbRootPassword: openECOMP1.0 + pgUserName: testuser + pgDatabase: userdb + pgPrimaryPassword: password + pgUserPassword: password + pgRootPassword: password + +container: + name: + primary: pgset-primary + replica: pgset-replica + +pgpool: + container: + port: 5432 + name: + primary: pgset-primary + replica: pgset-replica + credentials: + pgusername: testuser + pgpassword: password + service: + name: pgpool + # default number of instances -replicaCount: 1 +replicaCount: 2 nodeSelector: {} affinity: {} -disableNfsProvisioner: true - # probe configuration parameters liveness: - initialDelaySeconds: 30 + initialDelaySeconds: 300 periodSeconds: 10 timeoutSeconds: 5 # necessary to disable liveness probe when setting breakpoints @@ -53,7 +76,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 5 + initialDelaySeconds: 10 periodSeconds: 10 ## Persist data to a persitent volume @@ -75,21 +98,22 @@ persistence: accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs - mountSubPath: "mysql/data" - mysqlPath: /var/lib/mysql + mountSubPath: postgres/data + mountInitPath: postgres service: - name: mysql - portName: mysql - internalPort: 3306 - # nfs provisioner ports - nfsPort: 2049 - mountdPort: 20048 - rpcbindPort: 111 - rpcbindUdpPort: 111 - type: NodePort - nodeport1: 72 - nodeport2: 73 + type: ClusterIP + name: pgset + externalPort: 5432 + internalPort: 5432 + type2: ClusterIP + name2: pgset-primary + externalPort2: 5432 + internalPort2: 5432 + type3: ClusterIP + name3: pgset-replica + externalPort3: 5432 + internalPort3: 5432 ingress: enabled: false @@ -113,21 +137,3 @@ resources: {} # cpu: 2 # memory: 4Gi -################################################################# -# Sidecar Configuration. -# -# xtrabackup configuration defaults. -################################################################# -xtrabackupRepository: gcr.io/google-samples -xtrabackupImage: xtrabackup:1.0 -xtrabackup: - internalPort: 3307 - -nfsprovisionerRepository: quay.io -nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8 -nfsprovisionerPrefix: mysql - -sdnctlPrefix: mysql - -geoEnabled: false -geoSiteId: 1 diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf index d8918409e8..580185c6f0 100644 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf +++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf @@ -65,3 +65,4 @@ #local all all trust # IPv4 local connections: host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml index 15fa18d81d..a4b0ca8657 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml @@ -31,6 +31,33 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - name: {{ include "common.name" . }}-job + image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + - name: pgpool-pgconf-static + mountPath: /configdir/ + readOnly: false + command: + - /bin/sh + args: + - -c + - | + cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/ + cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/ + pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD} + env: + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password + - name: PG_USER + value: {{ index .Values.credentials.pgusername }} containers: - image: "{{.Values.repository}}/{{.Values.image}}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -43,7 +70,10 @@ spec: - name: PG_USERNAME value: {{.Values.credentials.pgusername}} - name: PG_PASSWORD - value: {{.Values.credentials.pgpassword}} + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password ports: - containerPort: 5432 name: pgpool @@ -64,5 +94,7 @@ spec: readOnly: false volumes: - name: pgpool-pgconf + emptyDir: {} + - name: pgpool-pgconf-static configMap: name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml similarity index 85% rename from kubernetes/vid/charts/vid-mariadb-galera/templates/secrets.yaml rename to kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml index 233158f791..b449faca92 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/secrets.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml @@ -24,5 +24,5 @@ metadata: heritage: "{{ .Release.Service }}" type: Opaque data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} - user-password: {{ default "" .Values.config.userPassword | b64enc | quote }} \ No newline at end of file + db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml index 86442a2740..4306b264b2 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml @@ -15,11 +15,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/common/postgres/charts/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml index cb732b7cd7..8ceff8f964 100644 --- a/kubernetes/common/postgres/charts/pgpool/values.yaml +++ b/kubernetes/common/postgres/charts/pgpool/values.yaml @@ -38,7 +38,8 @@ credentials: pgusername: testuser pgpassword: password service: - name: pgpool + name: pgpool + portName: tcp-postgres type: ClusterIP externalPort: 5432 internalPort: 5432 diff --git a/kubernetes/common/postgres/configs/pg_hba.conf b/kubernetes/common/postgres/configs/pg_hba.conf new file mode 100644 index 0000000000..580185c6f0 --- /dev/null +++ b/kubernetes/common/postgres/configs/pg_hba.conf @@ -0,0 +1,68 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/templates/configmap.yaml b/kubernetes/common/postgres/templates/configmap.yaml new file mode 100644 index 0000000000..7abd39b9b9 --- /dev/null +++ b/kubernetes/common/postgres/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml new file mode 100644 index 0000000000..9cb3007400 --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-primary.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.primary }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-primary + release: {{ .Release.Name }} + name: "{{ .Values.container.name.primary }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: primary + - name: PG_PRIMARY_HOST + value: "{{ .Values.container.name.primary }}" + - name: PG_REPLICA_HOST + value: "{{ .Values.container.name.replica }}" + - name: PG_PRIMARY_PORT + value: "{{ .Values.service.internalPort }}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{ .Values.config.pgUserName }}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{ .Values.config.pgDatabase }}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-primary +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml new file mode 100644 index 0000000000..8f09a2f48f --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-replica.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.replica }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-replica + release: {{ .Release.Name }} + name: "{{ .Values.container.name.replica }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: replica + - name: PG_PRIMARY_HOST + value: "{{.Values.container.name.primary}}" + - name: PG_REPLICA_HOST + value: "{{.Values.container.name.replica}}" + - name: PG_PRIMARY_PORT + value: "{{.Values.service.internalPort}}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{.Values.config.pgUserName}}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{.Values.config.pgDatabase}}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-replica +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/pv.yaml b/kubernetes/common/postgres/templates/pv-primary.yaml similarity index 59% rename from kubernetes/common/postgres/templates/pv.yaml rename to kubernetes/common/postgres/templates/pv-primary.yaml index 144a3f793b..1764868ffc 100644 --- a/kubernetes/common/postgres/templates/pv.yaml +++ b/kubernetes/common/postgres/templates/pv-primary.yaml @@ -14,10 +14,11 @@ # # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if include "common.needPV" . -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-data0 + name: {{ include "common.fullname" . }}-primary namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} @@ -30,29 +31,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-data" + storageClassName: "{{ include "common.fullname" . }}-primary" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-data" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/primary +{{- end -}} {{- end -}} diff --git a/kubernetes/common/postgres/templates/pv-replica.yaml b/kubernetes/common/postgres/templates/pv-replica.yaml new file mode 100644 index 0000000000..b67cac0c26 --- /dev/null +++ b/kubernetes/common/postgres/templates/pv-replica.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if include "common.needPV" . -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-replica" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/replica +{{- end -}} +{{- end -}} diff --git a/kubernetes/policy/charts/mariadb/templates/pvc.yaml b/kubernetes/common/postgres/templates/pvc-primary.yaml similarity index 75% rename from kubernetes/policy/charts/mariadb/templates/pvc.yaml rename to kubernetes/common/postgres/templates/pvc-primary.yaml index 1deed4e92a..e529da1bd5 100644 --- a/kubernetes/policy/charts/mariadb/templates/pvc.yaml +++ b/kubernetes/common/postgres/templates/pvc-primary.yaml @@ -1,6 +1,5 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,31 +18,28 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-primary namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" +{{- if include "common.needPV" . }} + storageClassName: "{{ include "common.fullname" . }}-primary" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end }} + storageClassName: "{{ include "common.fullname" . }}-primary" {{- end -}} diff --git a/kubernetes/common/mongo/templates/pvc.yaml b/kubernetes/common/postgres/templates/pvc-replica.yaml similarity index 84% rename from kubernetes/common/mongo/templates/pvc.yaml rename to kubernetes/common/postgres/templates/pvc-replica.yaml index 372c106800..41199b6861 100644 --- a/kubernetes/common/mongo/templates/pvc.yaml +++ b/kubernetes/common/postgres/templates/pvc-replica.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-data + name: {{ include "common.fullname" . }}-replica namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} @@ -36,8 +36,9 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} - storageClassName: "{{ include "common.fullname" . }}-data" +{{- if include "common.needPV" . }} + storageClassName: "{{ include "common.fullname" . }}-replica" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} {{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/service.yaml b/kubernetes/common/postgres/templates/service-common.yaml similarity index 50% rename from kubernetes/multicloud/charts/multicloud-lenovo/templates/service.yaml rename to kubernetes/common/postgres/templates/service-common.yaml index 43f735a96e..da0505cfa6 100644 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/service.yaml +++ b/kubernetes/common/postgres/templates/service-common.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright (c) 2019 Lenovo +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. @@ -13,11 +13,10 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} - apiVersion: v1 kind: Service metadata: - name: {{ include "common.servicename" . }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -25,37 +24,18 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "multicloud-thinkcloud", - "version": "v0", - "url": "/api/multicloud-thinkcloud/v0", - "protocol": "REST", - "port": "{{ .Values.service.externalPort }}", - "visualRange": "1" - }, - { - "serviceName": "multicloud-thinkcloud", - "version": "v1", - "url": "/api/multicloud-thinkcloud/v1", - "protocol": "REST", - "port": "{{ .Values.service.externalPort }}", - "visualRange": "1" - } - ]' - spec: + type: {{ .Values.service.type }} ports: - {{ if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end }} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} diff --git a/kubernetes/common/postgres/templates/service-primary.yaml b/kubernetes/common/postgres/templates/service-primary.yaml new file mode 100644 index 0000000000..501c01ecfe --- /dev/null +++ b/kubernetes/common/postgres/templates/service-primary.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} + selector: + name: "{{.Values.container.name.primary}}" + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/templates/service-replica.yaml b/kubernetes/common/postgres/templates/service-replica.yaml new file mode 100644 index 0000000000..34f76d125e --- /dev/null +++ b/kubernetes/common/postgres/templates/service-replica.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name3 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type3 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName3 }} + {{- else -}} + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + {{- end}} + selector: + name: "{{.Values.container.name.replica}}" + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml index 8dd5d0aaac..3104ee79d2 100644 --- a/kubernetes/common/postgres/values.yaml +++ b/kubernetes/common/postgres/values.yaml @@ -104,14 +104,17 @@ persistence: service: type: ClusterIP name: pgset + portName: tcp-postgres externalPort: 5432 internalPort: 5432 type2: ClusterIP - name2: pgset-primary + name2: tcp-pgset-primary + portName2: tcp-postgres externalPort2: 5432 internalPort2: 5432 type3: ClusterIP - name3: pgset-replica + name3: tcp-pgset-replica + portName3: tcp-postgres externalPort3: 5432 internalPort3: 5432 @@ -136,4 +139,3 @@ resources: {} # requests: # cpu: 2 # memory: 4Gi - diff --git a/kubernetes/consul/templates/ingress.yaml b/kubernetes/consul/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/consul/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index 93fd6506a1..d55ea4666e 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -60,7 +60,13 @@ service: {} ingress: enabled: false - + service: + - baseaddr: "consul-server" + name: "consul-server" + port: 8800 + config: + ssl: "none" + resources: {} odl: diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml index a8cf9f6d9d..da68e3400c 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml @@ -15,7 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if not .Values.persistence.storageClass -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,7 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml index 52891ffda0..6d51a09232 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml index 79fe5104b2..09012ead47 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/awx/charts/awx/values.yaml b/kubernetes/contrib/charts/awx/charts/awx/values.yaml index 5974de32ff..fd77a12c0b 100755 --- a/kubernetes/contrib/charts/awx/charts/awx/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx/values.yaml @@ -23,10 +23,10 @@ global: # global defaults # application image repository: ansible image: - web: awx_web:latest - task: awx_task:latest + web: awx_web:9.0.1 + task: awx_task:9.0.1 rabbitmq: awx_rabbitmq:3.7.4 - memcached: memcached:latest + memcached: memcached:1.5.20 pullPolicy: Always # application configuration @@ -76,7 +76,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 5Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/awx/requirements.yaml b/kubernetes/contrib/charts/awx/requirements.yaml index 486fc6585c..ca8971c138 100755 --- a/kubernetes/contrib/charts/awx/requirements.yaml +++ b/kubernetes/contrib/charts/awx/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~4.x-0 + version: ~5.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml index f741cba64c..d2783cc628 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml @@ -19,20 +19,21 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }} + name: {{ include "common.fullname" . }} spec: capacity: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/app {{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml index 3489049602..a72d8277a4 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }} -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} - {{- if .Values.persistence.storageClass }} - {{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" - {{- end }} - {{- end }} -{{- end -}} \ No newline at end of file + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml index a19f5001e5..9b6ee1b59a 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml @@ -15,7 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if not .Values.persistence.storageClass -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,7 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml index 30bba6da31..022a0fa8d8 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml index f2def04359..1db2457171 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml new file mode 100644 index 0000000000..937828a759 --- /dev/null +++ b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml @@ -0,0 +1,317 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- + +kind: ConfigMap +apiVersion: v1 +metadata: + name: nginx-configuration + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: tcp-services + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: udp-services + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nginx-ingress-serviceaccount + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: nginx-ingress-clusterrole + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "extensions" + - "networking.k8s.io" + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "extensions" + - "networking.k8s.io" + resources: + - ingresses/status + verbs: + - update + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: nginx-ingress-role + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - configmaps + resourceNames: + # Defaults to "-" + # Here: "-" + # This has to be adapted if you change either parameter + # when launching the nginx-ingress-controller. + - "ingress-controller-leader-nginx" + verbs: + - get + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: nginx-ingress-role-nisa-binding + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: nginx-ingress-role +subjects: + - kind: ServiceAccount + name: nginx-ingress-serviceaccount + namespace: ingress-nginx + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: nginx-ingress-clusterrole-nisa-binding + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nginx-ingress-clusterrole +subjects: + - kind: ServiceAccount + name: nginx-ingress-serviceaccount + namespace: ingress-nginx + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-ingress-controller + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + template: + metadata: + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + annotations: + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + spec: + serviceAccountName: nginx-ingress-serviceaccount + containers: + - name: nginx-ingress-controller + image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.1 + args: + - /nginx-ingress-controller + - --configmap=$(POD_NAMESPACE)/nginx-configuration + - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services + - --udp-services-configmap=$(POD_NAMESPACE)/udp-services + - --publish-service=$(POD_NAMESPACE)/ingress-nginx + - --annotations-prefix=nginx.ingress.kubernetes.io + - --enable-ssl-passthrough=true + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + # www-data -> 33 + runAsUser: 33 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - name: http + containerPort: 80 + - name: https + containerPort: 443 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 10 + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 10 + +--- +kind: Service +apiVersion: v1 +metadata: + name: ingress-nginx + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +spec: + externalTrafficPolicy: Local + type: LoadBalancer + selector: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + ports: + - name: http + port: 80 + targetPort: http + - name: https + port: 443 + targetPort: https + +--- + +apiVersion: v1 +kind: Service +metadata: + name: ingress-nginx + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +spec: + type: NodePort + ports: + - name: http + port: 80 + targetPort: 80 + protocol: TCP + - name: https + port: 443 + targetPort: 443 + protocol: TCP + selector: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- + diff --git a/kubernetes/dcaegen2/Chart.yaml b/kubernetes/dcaegen2/Chart.yaml index 9c23194558..6dbd40679e 100644 --- a/kubernetes/dcaegen2/Chart.yaml +++ b/kubernetes/dcaegen2/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DCAE Gen2 name: dcaegen2 -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/Makefile b/kubernetes/dcaegen2/Makefile index fcd62da048..f10f2fc682 100644 --- a/kubernetes/dcaegen2/Makefile +++ b/kubernetes/dcaegen2/Makefile @@ -1,31 +1,48 @@ +# Copyright © 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard make-dcae-bootstrap: - cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap + cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap make-dcae-cloudify-manager: - cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager + cd components && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager make-dcae-config-binding-service: - cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service + cd components && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service make-dcae-healthcheck: - cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck + cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck make-dcae-redis: - cd charts && helm dep up dcae-redis && helm lint dcae-redis + cd components && helm dep up dcae-redis && helm lint dcae-redis make-dcae-servicechange-handler: - cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler + cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler make-dcae-inventory-api: - cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api + cd components && helm dep up dcae-inventory-api && helm lint dcae-inventory-api make-dcae-deployment-handler: - cd charts && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler + cd components && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler make-dcae-policy-handler: - cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler + cd components && helm dep up dcae-policy-handler && helm lint dcae-policy-handler make-dcae-dashboard: - cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard + cd components && helm dep up dcae-dashboard && helm lint dcae-dashboard + +clean: + @find . -type f -name '*.tgz' -delete + @find . -type f -name '*.lock' -delete diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/pv.yaml b/kubernetes/dcaegen2/charts/dcae-redis/templates/pv.yaml deleted file mode 100644 index 5573179d87..0000000000 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/pv.yaml +++ /dev/null @@ -1,227 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}0 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}2 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}3 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}3 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}4 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}4 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}5 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}5 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}6 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}6 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}7 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}7 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}8 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}8 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}9 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}9 - -{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/.helmignore b/kubernetes/dcaegen2/components/dcae-bootstrap/.helmignore similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/.helmignore rename to kubernetes/dcaegen2/components/dcae-bootstrap/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml index b92c9439e8..87b6a87ee2 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Bootstrap name: dcae-bootstrap -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml similarity index 96% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml index 4b650c06dd..6b90aa3144 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml @@ -20,6 +20,7 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' - - name: postgres + - name: postgres-legacy version: ~5.x-0 repository: '@local' + alias: postgres diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/certs/cacert.pem similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/certs/cacert.pem diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/templates/secret.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml similarity index 95% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml rename to kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index d1b9170e69..3ecdff7d5d 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -101,12 +101,12 @@ default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - holmes_rules: onap/holmes/rule-management:1.2.6 - holmes_engine: onap/holmes/engine-management:1.2.5 + holmes_rules: onap/holmes/rule-management:1.2.7 + holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.1 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.2 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.3.0 # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore b/kubernetes/dcaegen2/components/dcae-cloudify-manager/.helmignore similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml index 159e2b5933..5a23621f2a 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Cloudify Manager name: dcae-cloudify-manager -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md b/kubernetes/dcaegen2/components/dcae-cloudify-manager/README.md similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/README.md diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml index b3e90a2efb..2fd9a6d0a1 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml @@ -129,8 +129,12 @@ spec: hostPath: path: /etc/localtime - name: cm-persistent + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-data + {{- else }} + emptyDir: {} + {{- end }} - emptyDir: {} name: tls-info imagePullSecrets: diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml similarity index 84% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pv.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml index bef681ad27..b454b5ae44 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pv.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml @@ -16,6 +16,8 @@ # limitations under the License. # ============LICENSE_END========================================================= +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: @@ -28,10 +30,13 @@ metadata: heritage: "{{ .Release.Service }}" name: {{ include "common.fullname" . }} spec: - storageClassName: manual capacity: storage: {{ .Values.persistence.size }} accessModes: - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pvc.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml similarity index 88% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pvc.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml index 6740082b37..c4de971f39 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pvc.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml @@ -14,6 +14,7 @@ # limitations under the License. # ============LICENSE_END========================================================= +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -22,12 +23,10 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - storageClassName: manual accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml similarity index 99% rename from kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml rename to kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index d8db056f96..60fd7e55b3 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -105,3 +105,4 @@ persistence: size: 4Gi mountPath: /dockerdata-nfs mountSubPath: dcae-cm/data + volumeReclaimPolicy: Retain diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml index f1aa82bc69..8d9a28a4b4 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Config Binding Service name: dcae-config-binding-service -version: 5.0.0 \ No newline at end of file +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml b/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml rename to kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/.helmignore b/kubernetes/dcaegen2/components/dcae-dashboard/.helmignore similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/.helmignore rename to kubernetes/dcaegen2/components/dcae-dashboard/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml similarity index 84% rename from kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml index 5250c17584..a46ea7ec52 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: "1.0" description: DCAE Dashboard name: dcae-dashboard -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/requirements.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml rename to kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml rename to kubernetes/dcaegen2/components/dcae-dashboard/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore b/kubernetes/dcaegen2/components/dcae-deployment-handler/.helmignore similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore rename to kubernetes/dcaegen2/components/dcae-deployment-handler/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml index 042eb68648..e918b7717c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Deployment Handler name: dcae-deployment-handler -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/config/config.json similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json rename to kubernetes/dcaegen2/components/dcae-deployment-handler/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml rename to kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml index c6db31d6f6..7c10b31b58 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Health Check name: dcae-healthcheck -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-healthcheck/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-healthcheck/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml rename to kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml index e1735ec8e3..face827504 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Inventory API Service name: dcae-inventory-api -version: 5.0.0 \ No newline at end of file +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml similarity index 94% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml index 9136278557..3e79830cc1 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml @@ -17,6 +17,7 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' - - name: postgres + - name: postgres-legacy version: ~5.x-0 repository: '@local' + alias: postgres diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json rename to kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml rename to kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore b/kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore rename to kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml index d2b275b615..dfcc52e116 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Policy Handler name: dcae-policy-handler -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json rename to kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml rename to kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml rename to kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-redis/.helmignore b/kubernetes/dcaegen2/components/dcae-redis/.helmignore similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-redis/.helmignore rename to kubernetes/dcaegen2/components/dcae-redis/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml b/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml similarity index 97% rename from kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-redis/Chart.yaml index 49ae5d27b5..d4c264f713 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP DCAE Redis name: dcae-redis -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml b/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-redis/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-redis/resources/redis/scripts/redis-cluster-config.sh b/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-redis/resources/redis/scripts/redis-cluster-config.sh rename to kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/NOTES.txt b/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-redis/templates/NOTES.txt rename to kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-redis/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml new file mode 100644 index 0000000000..29026044f1 --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml @@ -0,0 +1,45 @@ +{{/* +# Copyright © 2017 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{$i}} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-redis/templates/service.yaml rename to kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml similarity index 89% rename from kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml rename to kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml index 5a5b220e61..d5fa6340d3 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml @@ -96,23 +96,27 @@ spec: - name: {{ include "common.fullname" . }}-scripts configMap: name: {{ include "common.fullname" . }}-scripts - defaultMode: 0755 + defaultMode: 0755 - name: localtime hostPath: path: /etc/localtime + {{- if not .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }}-data + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + {{- if .Values.persistence.enabled }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data labels: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }} spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: manual + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: - storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} + storage: {{ .Values.persistence.size | quote}} + {{- end }} diff --git a/kubernetes/dcaegen2/charts/dcae-redis/values.yaml b/kubernetes/dcaegen2/components/dcae-redis/values.yaml similarity index 94% rename from kubernetes/dcaegen2/charts/dcae-redis/values.yaml rename to kubernetes/dcaegen2/components/dcae-redis/values.yaml index 40812f2144..0b342e81bb 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/values.yaml @@ -93,7 +93,15 @@ persistence: ingress: enabled: false - + service: + - baseaddr: "dcaeredis" + name: "dcae-redis" + port: 6379 + - baseaddr: "dcaeredisgossip" + name: "dcae-redis" + port: 16379 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml similarity index 98% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml rename to kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml index 64c891097c..3b96aca5b9 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Service Change Handler name: dcae-servicechange-handler -version: 5.0.0 \ No newline at end of file +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml rename to kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-servicechange-handler/resources/config/config.json similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json rename to kubernetes/dcaegen2/components/dcae-servicechange-handler/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml rename to kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml rename to kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml similarity index 100% rename from kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml rename to kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml diff --git a/kubernetes/dcaegen2/requirements.yaml b/kubernetes/dcaegen2/requirements.yaml index ad039c205b..cd04d8a907 100644 --- a/kubernetes/dcaegen2/requirements.yaml +++ b/kubernetes/dcaegen2/requirements.yaml @@ -16,3 +16,44 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' + - name: dcae-bootstrap + version: ~6.x-0 + repository: 'file://components/dcae-bootstrap' + condition: dcae-bootstrap.enabled + - name: dcae-cloudify-manager + version: ~6.x-0 + repository: 'file://components/dcae-cloudify-manager' + condition: dcae-cloudify-manager.enabled + - name: dcae-config-binding-service + version: ~6.x-0 + repository: 'file://components/dcae-config-binding-service' + condition: dcae-config-binding-service.enabled + - name: dcae-healthcheck + version: ~6.x-0 + repository: 'file://components/dcae-healthcheck' + condition: dcae-healthcheck.enabled + - name: dcae-redis + version: ~6.x-0 + repository: 'file://components/dcae-redis' + condition: dcae-redis.enabled + - name: dcae-servicechange-handler + version: ~6.x-0 + repository: 'file://components/dcae-servicechange-handler' + condition: dcae-servicechange-handler.enabled + - name: dcae-inventory-api + version: ~6.x-0 + repository: 'file://components/dcae-inventory-api' + condition: dcae-inventory-api.enabled + - name: dcae-deployment-handler + version: ~6.x-0 + repository: 'file://components/dcae-deployment-handler' + condition: dcae-deployment-handler.enabled + - name: dcae-policy-handler + version: ~6.x-0 + repository: 'file://components/dcae-policy-handler' + condition: dcae-policy-handler.enabled + - name: dcae-dashboard + version: ~6.x-0 + repository: 'file://components/dcae-dashboard' + condition: dcae-dashboard.enabled + diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index bcfefe93cf..e43182daa3 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: true +UseAAF: {{ .Values.global.aafEnabled }} # csit: stubs out some southbound APIs for csit csit: No diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json index 9099e046ed..23b111c8f3 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json @@ -4,7 +4,7 @@ {{- else -}} "dmaapName": "{{ include "common.namespace" . }}", {{- end}} - "drProvUrl": "https://dmaap-dr-prov:8443", + "drProvUrl": "https://dmaap-dr-prov", "version": "1", "topicNsRoot": "org.onap.dmaap", "bridgeAdminTopic": "DCAE_MM_AGENT" diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index fffd4db847..36963bfaf5 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -1,4 +1,3 @@ - # Modifications Copyright © 2018 Amdocs,Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -31,11 +30,8 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostAliases: - - ip: "10.12.5.145" - hostnames: - - "aaf-onap-test.osaaf.org" initContainers: +{{- if .Values.global.aafEnabled }} - command: - /root/ready.py args: @@ -50,7 +46,41 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-aaf-readiness -{{ if .Values.PG.enabled }} + - name: {{ include "common.name" . }}-dbc-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.name" . }}-aaf-config + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "common.fullname" . }}-secret + key: aaf-deploy-password + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" +{{- end }} +{{- if .Values.PG.enabled }} - command: - /root/ready.py args: @@ -73,7 +103,7 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - {{if eq .Values.liveness.enabled true }} + {{ if eq .Values.liveness.enabled true -}} livenessProbe: httpGet: port: {{ .Values.service.internalPort }} @@ -92,7 +122,6 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath - name: {{ include "common.name" . }}-config @@ -100,9 +129,8 @@ spec: - name: {{ include "common.name" . }}-aaf-config mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props subPath: org.onap.dmaap-bc.props - resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/ingress.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-bc/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/nbi/charts/mariadb/templates/secrets.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml similarity index 82% rename from kubernetes/nbi/charts/mariadb/templates/secrets.yaml rename to kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml index 254d86f8ee..ed5ba14dda 100644 --- a/kubernetes/nbi/charts/mariadb/templates/secrets.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange + +# Modifications Copyright © 2019 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- if .Values.global.aafEnabled }} apiVersion: v1 kind: Secret metadata: @@ -24,5 +26,5 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-user-password: {{ .Values.config.db.password | b64enc | quote }} - db-root-password: {{ .Values.config.db.root_password | b64enc | quote }} + aaf-deploy-password: {{ index .Values.aafConfig.aafDeployPass | b64enc | quote }} +{{- end }} diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 171ac45788..f0e9e179fa 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -47,6 +47,19 @@ topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org adminPwd: demo123456! +#AAF local config +aafConfig: + aafDeployFqi: dmaap-bc@dmaap-bc.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-bc + fqi: dmaap-bc@dmaap-bc.onap.org + publicFqdn: dmaap-bc.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + +persistence: + aafCredsPath: /opt/app/osaaf/local + # for Casablanca default deployment, leave this true to # get a topic namespace that matches MR. When set to false, # it will compose the topic namespace using the kubernetes namespace value @@ -120,6 +133,12 @@ postgres: ingress: enabled: false + service: + - baseaddr: "dmaapbc" + name: "dmaap-bc" + port: 8443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties deleted file mode 100644 index 043bb8bced..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_key_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=)OBvCd{e{aWq.^mJJdX:S:1& - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 4379dfbf1d..3a95b5a221 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -71,43 +71,19 @@ SpoolDir=/opt/app/datartr/spool # # The path to the redirection data file # -#RedirectionFile: etc/redirections.dat +RedirectionFile = etc/redirections.dat # # The type of keystore for https -# -KeyStoreType=jks -# -# The path to the keystore for https -# -KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -# -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -# -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https -# -TrustStoreType=jks -# -# The path to the truststore for https -# -TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -# -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& +TrustStoreType = jks # # The path to the file used to trigger an orderly shutdown -# -QuiesceFile=etc/SHUTDOWN +QuiesceFile = etc/SHUTDOWN # # The key used to generate passwords for node to node transfers -# -NodeAuthKey=Node123! +NodeAuthKey = Node123! # # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 @@ -121,9 +97,9 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-locate:8095 -# # AAF CADI enabled flag CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/ingress.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-aaf.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-aaf.yaml new file mode 100644 index 0000000000..9b71b93290 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-aaf.yaml @@ -0,0 +1,54 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + + +{{- if .Values.global.aafEnabled }} +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-aaf-props-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.name" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }}-aaf-props +spec: + capacity: + storage: {{ $global.Values.persistence.aafCredsSize }} + accessModes: + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data-aaf-props" + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.aafCredsMountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-event.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-event.yaml new file mode 100644 index 0000000000..1dd7302695 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-event.yaml @@ -0,0 +1,51 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + +--- +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-event-logs-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }}-event-logs +spec: + capacity: + storage: {{ $global.Values.persistence.eventLogSize}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data-event-logs" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.eventLogsMountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-spool.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-spool.yaml new file mode 100644 index 0000000000..5e1c339815 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-spool.yaml @@ -0,0 +1,50 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-spool-data-{{$i}} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }}-spool-data +spec: + capacity: + storage: {{ $global.Values.persistence.spoolSize}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.spoolMountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index a190d0d7d2..7ab2f8356d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -45,15 +45,51 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-dr-node-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + {{- end }} - name: {{ include "common.name" . }}-permission-fixer image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: {{ .Values.persistence.spoolPath }} - name: {{ include "common.fullname" . }}-spool-data-pvc + name: {{ include "common.fullname" . }}-data - mountPath: {{ .Values.persistence.eventLogsPath }} - name: {{ include "common.fullname" . }}-event-logs-pvc - command: ["chown","-Rf","1000:1001", "/opt/app/datartr"] + name: {{ include "common.fullname" . }}-event-logs + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props + {{- end }} + command: ["chown","-Rf","1000:1001", "/opt/app/"] containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -74,26 +110,27 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props + {{- end }} - mountPath: {{ .Values.persistence.spoolPath }} - name: {{ include "common.fullname" . }}-spool-data-pvc + name: {{ include "common.fullname" . }}-data - mountPath: {{ .Values.persistence.eventLogsPath }} - name: {{ include "common.fullname" . }}-event-logs-pvc + name: {{ include "common.fullname" . }}-event-logs - mountPath: /etc/localtime name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/node.properties name: {{ include "common.fullname" . }}-config subPath: node.properties - - mountPath: /opt/app/datartr/etc/drNodeCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drNodeCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -101,8 +138,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -126,8 +163,6 @@ spec: items: - key: node.properties path: node.properties - - key: drNodeCadi.properties - path: drNodeCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -136,34 +171,61 @@ spec: name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + {{- if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-event-logs-pvc emptyDir: {} - - name: {{ include "common.fullname" . }}-logs + - name: {{ include "common.fullname" . }}-data + emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-props-pvc emptyDir: {} + {{- end }} + {{- end }} +{{- if .Values.persistence.enabled }} volumeClaimTemplates: - metadata: - name: {{ include "common.fullname" . }}-spool-data-pvc + name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-spool-data-stcl + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.spoolSize }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}-spool-data-pv - metadata: - name: {{ include "common.fullname" . }}-event-logs-pvc + name: {{ include "common.fullname" . }}-event-logs labels: name: {{ include "common.fullname" . }} spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-event-logs-stcl + accessModes: + - {{ .Values.persistence.accessMode }} + {{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-data-event-logs" + {{- else }} + storageClassName: {{ include "common.storageClass" . }} + {{- end }} resources: requests: storage: {{ .Values.persistence.eventLogSize }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}-event-logs-pv +{{- if .Values.global.aafEnabled }} + - metadata: + name: {{ include "common.fullname" . }}-aaf-props + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: + - {{ .Values.persistence.accessMode }} + {{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-data-aaf-props" + {{- else }} + storageClassName: {{ include "common.storageClass" . }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} +{{- end }} +{{- end }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index b5e459b6b9..1b992af27e 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -17,14 +17,12 @@ ################################################################# global: loggingDirectory: /var/log/onap/datarouter - busyBoxImage: busybox:1.30 - busyBoxRepository: docker.io ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.2 +image: onap/dmaap/datarouter-node:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -58,15 +56,36 @@ persistence: mountPath: /dockerdata-nfs spoolMountSubPath: data-router/dr-node/spool-data - spoolSize: 1Gi + spoolSize: 2Gi spoolPath: /opt/app/datartr/spool eventLogsMountSubPath: data-router/dr-node/event-logs - eventLogSize: 1Gi + eventLogSize: 2Gi eventLogsPath: /opt/app/datartr/logs + aafCredsMountSubPath: data-router/dr-node/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-node + fqi: dmaap-dr-node@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + + ingress: enabled: false + service: + - baseaddr: "dmaapdrnode" + name: "dmaap-dr-node" + port: 8443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties deleted file mode 100644 index 79abe22a6a..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_key_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=+mzf@J.D^;3!![*Xr.z$c#?b - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index 52f1f3f5c0..c7714d33a4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -23,16 +23,12 @@ #Jetty Server properties -org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.dmaapDrProvExtPort}} -org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.dmaapDrProvExtPort2}} +org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.internalPort}} +org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.internalPort2}} org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc @@ -61,6 +57,3 @@ org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe -# AAF URL to connect to AAF server -org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-locate:8095 - diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index ea487d0571..96839b52d7 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -31,56 +31,109 @@ spec: spec: hostname: {{ .Values.global.dmaapDrProvName }} initContainers: - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.config.dmaapDrDb.mariadbContName }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.config.dmaapDrDb.mariadbContName }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-aaf-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-dr-prov-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + - name: {{ include "common.name" . }}-permission-fixer + image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + command: ["chown","-Rf","1000:1001", "/opt/app/"] + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.global.dmaapDrProvExtPort }} - - containerPort: {{ .Values.global.dmaapDrProvExtPort2 }} + - containerPort: {{ .Values.config.dmaapDrProv.internalPort }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.global.dmaapDrProvExtPort }} + port: {{ .Values.config.dmaapDrProv.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.global.dmaapDrProvExtPort }} + port: {{ .Values.config.dmaapDrProv.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + {{- end }} - mountPath: /etc/localtime name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties name: {{ include "common.fullname" . }}-config subPath: provserver.properties - - mountPath: /opt/app/datartr/etc/drProvCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drProvCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -88,8 +141,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -111,8 +164,6 @@ spec: items: - key: provserver.properties path: provserver.properties - - key: drProvCadi.properties - path: drProvCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -123,5 +174,14 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-config-vol + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-aaf-props + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/ingress.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index 7b71bb03a2..acf87b81a9 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -39,12 +39,10 @@ spec: {{ end }} - name: REQUESTID value: "{{.Chart.Name}}-post-install" - volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath # NOTE: the basename of the subdirectory is important - it matches the DBCL API URI diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml similarity index 55% rename from kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml rename to kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml index 016a6ea023..fba1bf9036 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml @@ -17,45 +17,29 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= */}} - +{{- if .Values.global.aafEnabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-spool-data-pv + name: {{ include "common.fullname" . }}-aaf-props namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.name" . }}-aaf-props chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-spool-data-pv + name: {{ include "common.fullname" . }}-aaf-props spec: capacity: - storage: {{ .Values.persistence.spoolSize }} + storage: {{ .Values.persistence.aafCredsSize}} accessModes: - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-spool-data-stcl" + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.spoolMountSubPath }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-event-logs-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-event-logs-pv -spec: - capacity: - storage: {{ .Values.persistence.eventLogSize }} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }} \ No newline at end of file + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }} +{{ end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml new file mode 100644 index 0000000000..b75daf5f12 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml @@ -0,0 +1,44 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} +{{- if .Values.global.aafEnabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} +{{ end -}} +{{ end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 7a94fdb2cd..734ab72c03 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -38,7 +38,7 @@ metadata: spec: type: {{ .Values.config.dmaapDrProv.servicetype }} ports: - {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} + {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} {{- if .Values.global.allow_http }} - port: {{ .Values.global.dmaapDrProvExtPort }} targetPort: {{ .Values.config.dmaapDrProv.internalPort }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 195bcb47be..80b15c7063 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.2 +image: onap/dmaap/datarouter-prov:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -52,30 +52,22 @@ readiness: ## Persist data to a persitent volume persistence: - enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountPath: /dockerdata-nfs + + aafCredsMountSubPath: data-router/dr-prov/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local ingress: enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} + service: + - baseaddr: "dmaapdrprov" + name: "dmaap-dr-prov" + port: 8443 + config: + ssl: "redirect" config: # dr provisioning server configuration @@ -111,3 +103,33 @@ mariadb: size: 1Gi mountSubPath: data-router/dr-db-data disableNfsProvisioner: true + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-prov + fqi: dmaap-dr-prov@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml index 44c9576abe..3dca738273 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml @@ -12,28 +12,30 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- $root := . -}} +{{- $global := . -}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{ range $i, $e := until (atoi (quote $global.Values.replicaCount) | default 3) }} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + namespace: {{ $global.Release.Namespace }} labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + app: {{ $global.Values.service.name }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} spec: capacity: - storage: {{ $root.Values.persistence.size }} + storage: {{ $global.Values.persistence.size }} accessModes: - - {{ $root.Values.persistence.accessMode }} + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} +{{ end }} {{ end }} {{ end }} - diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index bfe4b11ba7..104a46bd51 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -113,12 +113,14 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: HOST_IP valueFrom: @@ -185,15 +187,10 @@ spec: spec: accessModes: - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" - app: {{ .Values.service.name }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index f5a7c7ebb5..873e72e0d2 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -71,6 +71,7 @@ tolerations: {} liveness: initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -78,6 +79,7 @@ liveness: readiness: initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 1 ## Persist data to a persitent volume persistence: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml index 51c4149094..64e51339c4 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -73,6 +73,7 @@ spec: - "rm /tmp/lprobe.txt" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -83,6 +84,7 @@ spec: - "rm /tmp/rprobe.txt" initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: KAFKA_HEAP_OPTS value: "{{ .Values.kafkaHeapOptions }}" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml index 2f63406a08..676f6342f4 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -56,6 +56,7 @@ affinity: {} liveness: initialDelaySeconds: 60 periodSeconds: 20 + timeoutSeconds: 5 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -63,6 +64,7 @@ liveness: readiness: initialDelaySeconds: 60 periodSeconds: 20 + timeoutSeconds: 5 service: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml index 44c9576abe..3dca738273 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml @@ -12,28 +12,30 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- $root := . -}} +{{- $global := . -}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{ range $i, $e := until (atoi (quote $global.Values.replicaCount) | default 3) }} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + namespace: {{ $global.Release.Namespace }} labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + app: {{ $global.Values.service.name }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} spec: capacity: - storage: {{ $root.Values.persistence.size }} + storage: {{ $global.Values.persistence.size }} accessModes: - - {{ $root.Values.persistence.accessMode }} + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} +{{ end }} {{ end }} {{ end }} - diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml index 50b047a906..17b87f8b09 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml @@ -86,6 +86,7 @@ spec: - "zookeeper-ready.sh 2181" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -95,6 +96,7 @@ spec: - "zookeeper-ready.sh 2181" initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: ZK_REPLICAS value: "{{ .Values.replicaCount }}" @@ -131,17 +133,10 @@ spec: spec: accessModes: - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" - app: {{ .Values.service.name }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - - diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index 734736d193..eeb77ba7fd 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -61,6 +61,7 @@ tolerations: {} liveness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -68,6 +69,7 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 1 #Zookeeper properties zk: diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f7b51d1b9e..21524ef30c 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -60,15 +60,17 @@ spec: port: {{ .Values.service.externalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end -}} readinessProbe: tcpSocket: port: {{ .Values.service.externalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: enableCadi - value: "true" + value: "{{ .Values.global.aafEnabled }}" volumeMounts: - mountPath: /etc/localtime name: localtime @@ -86,7 +88,7 @@ spec: subPath: mykey name: mykey resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 7561bc24a3..06c966997f 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -55,6 +55,7 @@ affinity: {} liveness: initialDelaySeconds: 70 periodSeconds: 10 + timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -62,6 +63,7 @@ liveness: readiness: initialDelaySeconds: 70 periodSeconds: 10 + timeoutSeconds: 1 service: type: NodePort diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 89c8baa1a4..4c0d8d584e 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -25,6 +25,8 @@ global: loggingImage: beats/filebeat:5.5.0 clientImage: onap/dmaap/dbc-client:1.0.9 repository: nexus3.onap.org:10001 + busyBoxImage: busybox:1.30 + busyBoxRepository: docker.io #Global DMaaP app config allow_http: true @@ -35,8 +37,15 @@ global: #dmaap-dr-prov server configuration dmaapDrProvName: dmaap-dr-prov - dmaapDrProvExtPort2: 8443 - dmaapDrProvExtPort: 8080 + dmaapDrProvExtPort2: 443 + dmaapDrProvExtPort: 80 + + #AAF global config overrides + aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.15 + aafAppNs: org.osaaf.aaf + aafLocatorContainer: oom + #Component overrides diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 1622689386..3da189b908 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -140,13 +140,12 @@ deploy() { # actual upgrade/install of parent and subcharts. DEPLOY_FLAGS=$(resolve_deploy_flags "$FLAGS") - # determine if upgrading individual subchart or entire parent + subcharts + # determine if upgrading individual subchart or entire parent + subcharts SUBCHART_RELEASE="$(cut -d'-' -f2 <<<"$RELEASE")" - if [[ ! -d "$CACHE_SUBCHART_DIR/$SUBCHART_RELEASE" ]]; then + # update specified subchart without parent + RELEASE="$(cut -d'-' -f1 <<<"$RELEASE")" + if [[ $SUBCHART_RELEASE == $RELEASE ]]; then SUBCHART_RELEASE= - else - # update specified subchart without parent - RELEASE="$(cut -d'-' -f1 <<<"$RELEASE")" fi # clear previously cached charts diff --git a/kubernetes/log/charts/log-elasticsearch/templates/ingress.yaml b/kubernetes/log/charts/log-elasticsearch/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/log/charts/log-elasticsearch/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml b/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml index fd21cdfc1f..fdea287cbd 100644 --- a/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml +++ b/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml @@ -17,7 +17,7 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -31,6 +31,7 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} diff --git a/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml b/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml index abab145a8f..d2eddc227d 100644 --- a/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml +++ b/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml @@ -29,11 +29,9 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/log/charts/log-elasticsearch/values.yaml b/kubernetes/log/charts/log-elasticsearch/values.yaml index 9c3525aec8..d43a66afe1 100644 --- a/kubernetes/log/charts/log-elasticsearch/values.yaml +++ b/kubernetes/log/charts/log-elasticsearch/values.yaml @@ -75,7 +75,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: log/elasticsearch/data @@ -94,7 +94,12 @@ service: ingress: enabled: false - + service: + - baseaddr: "loges" + name: "log-es" + port: 9200 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) @@ -113,4 +118,4 @@ resources: requests: cpu: 1 memory: 4Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/log/charts/log-kibana/templates/ingress.yaml b/kubernetes/log/charts/log-kibana/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/log/charts/log-kibana/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/log/charts/log-kibana/values.yaml b/kubernetes/log/charts/log-kibana/values.yaml index 5132768206..d69ab8ef42 100644 --- a/kubernetes/log/charts/log-kibana/values.yaml +++ b/kubernetes/log/charts/log-kibana/values.yaml @@ -77,8 +77,15 @@ service: externalPort: 5601 internalPort: 5601 nodePort: 53 + ingress: enabled: false + service: + - baseaddr: "logkibana" + name: "log-kibana" + port: 5601 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/log/charts/log-logstash/templates/ingress.yaml b/kubernetes/log/charts/log-logstash/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/log/charts/log-logstash/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/log/charts/log-logstash/values.yaml b/kubernetes/log/charts/log-logstash/values.yaml index 246b812d42..a6e6c966ab 100644 --- a/kubernetes/log/charts/log-logstash/values.yaml +++ b/kubernetes/log/charts/log-logstash/values.yaml @@ -74,6 +74,15 @@ service: internalPort2: 9600 ingress: enabled: false + service: + - baseaddr: "logls" + name: "log-ls" + port: 5044 + - baseaddr: "loglshttp" + name: "log-ls" + port: 9600 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml index d1e1b04121..68696fbccd 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml @@ -14,6 +14,7 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -31,6 +32,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml index 74ba690fa6..d3d5d9e0a4 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml @@ -29,19 +29,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml index 217e6af759..7f0a3ad15c 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml @@ -31,7 +31,7 @@ metadata: "protocol": "REST", "port": "{{.Values.service.externalPort}}", "visualRange":"1" - } + }, { "serviceName": "etsicatalog", "version": "v1", @@ -39,7 +39,7 @@ metadata: "protocol": "REST", "port": "{{.Values.service.externalPort}}", "visualRange":"1" - } + }, { "serviceName": "nsd", "version": "v1", @@ -47,7 +47,7 @@ metadata: "protocol": "REST", "port": "{{.Values.service.externalPort}}", "visualRange":"1" - } + }, { "serviceName": "vnfpkgm", "version": "v1", diff --git a/kubernetes/msb/charts/msb-consul/templates/ingress.yaml b/kubernetes/msb/charts/msb-consul/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-consul/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-consul/values.yaml b/kubernetes/msb/charts/msb-consul/values.yaml index 3cb5c74c14..d11649754f 100644 --- a/kubernetes/msb/charts/msb-consul/values.yaml +++ b/kubernetes/msb/charts/msb-consul/values.yaml @@ -49,7 +49,7 @@ readiness: periodSeconds: 10 service: - type: NodePort + type: ClusterIP name: msb-consul externalPort: 8500 internalPort: 8500 @@ -57,6 +57,12 @@ service: ingress: enabled: false + service: + - baseaddr: "msbconsul" + name: "msb-consul" + port: 8500 + config: + ssl: "none" flavor: small diff --git a/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml b/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index b47127865d..abb12775e8 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -51,7 +51,7 @@ readiness: periodSeconds: 10 service: - type: NodePort + type: ClusterIP name: msb-discovery externalPort: 10081 internalPort: 10081 @@ -59,6 +59,12 @@ service: ingress: enabled: false + service: + - baseaddr: "msbdiscovery" + name: "msb-discovery" + port: 10081 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/msb/charts/msb-eag/templates/ingress.yaml b/kubernetes/msb/charts/msb-eag/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-eag/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-eag/templates/service.yaml b/kubernetes/msb/charts/msb-eag/templates/service.yaml index 2055b21392..bc5e661c54 100644 --- a/kubernetes/msb/charts/msb-eag/templates/service.yaml +++ b/kubernetes/msb/charts/msb-eag/templates/service.yaml @@ -26,9 +26,6 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: http-{{ .Values.service.name }} - port: {{ .Values.service.externalPortHttps }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }} name: https-{{ .Values.service.name }} diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index e25fa28685..535c135d25 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -56,13 +56,18 @@ service: name: msb-eag externalPort: 80 internalPort: 80 - nodePort: 82 externalPortHttps: 443 internalPortHttps: 443 nodePortHttps: 84 ingress: enabled: false + service: + - baseaddr: "msbeag" + name: "msb-eag" + port: 443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/msb/charts/msb-iag/templates/ingress.yaml b/kubernetes/msb/charts/msb-iag/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-iag/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-iag/templates/service.yaml b/kubernetes/msb/charts/msb-iag/templates/service.yaml index 2055b21392..bc5e661c54 100644 --- a/kubernetes/msb/charts/msb-iag/templates/service.yaml +++ b/kubernetes/msb/charts/msb-iag/templates/service.yaml @@ -26,9 +26,6 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: http-{{ .Values.service.name }} - port: {{ .Values.service.externalPortHttps }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }} name: https-{{ .Values.service.name }} diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index 4aaeaeadc3..6d1f7ac3e6 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -63,6 +63,12 @@ service: ingress: enabled: false + service: + - baseaddr: "msbiag" + name: "msb-iag" + port: 443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml index dced27d69f..49e532065d 100644 --- a/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/fcaps/fcaps.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml index e7117d7e9f..3c7b1d3a65 100644 --- a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml @@ -26,8 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image -repository: registry.hub.docker.com -image: onap/multicloud-k8s:0.5.0 +repository: nexus3.onap.org:10001 +image: onap/multicloud/k8s:0.5.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/.helmignore b/kubernetes/multicloud/charts/multicloud-lenovo/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/Chart.yaml b/kubernetes/multicloud/charts/multicloud-lenovo/Chart.yaml deleted file mode 100644 index fc682be388..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP multicloud OpenStack Lenovo Plugin -name: multicloud-lenovo -version: 5.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-lenovo/resources/config/log/log.yml deleted file mode 100644 index 08a9348fd4..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/resources/config/log/log.yml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright (c) 2019 Lenovo Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -version: 1 -disable_existing_loggers: False - -loggers: - thinkcloud: - handlers: [thinkcloud_handler] - level: "DEBUG" - propagate: False - newton_base: - handlers: [thinkcloud_handler] - level: "DEBUG" - propagate: False - common: - handlers: [thinkcloud_handler] - level: "DEBUG" - propagate: False - -handlers: - thinkcloud_handler: - level: "DEBUG" - class: "logging.handlers.RotatingFileHandler" - filename: "/var/log/onap/multicloud/openstack/lenovo/thinkcloud.log" - formatter: "mdcFormat" - maxBytes: 1024*1024*50 - backupCount: 10 - -formatters: - standard: - format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" - mdcFormat: - format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" - mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" - datefmt: "%Y-%m-%d %H:%M:%S" - (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-lenovo/templates/NOTES.txt deleted file mode 100644 index 7df04139e2..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-lenovo/templates/deployment.yaml deleted file mode 100644 index 3be4d7cef7..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/deployment.yaml +++ /dev/null @@ -1,110 +0,0 @@ -{{/* -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - annotations: - sidecar.istio.io/inject: "{{.Values.istioSidecar}}" - spec: - containers: - - env: - - name: MSB_ADDR - value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" - - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} - - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" - - name: AAI_SCHEMA_VERSION - value: "{{ .Values.config.aai.schemaVersion }}" - - name: AAI_USERNAME - value: "{{ .Values.config.aai.username }}" - - name: AAI_PASSWORD - value: "{{ .Values.config.aai.password }}" - name: {{ include "common.name" . }} - volumeMounts: - - mountPath: /var/log/onap - name: lenovo-log - - mountPath: /opt/lenovo/thinkcloud/pub/config/log.yml - name: lenovo-logconfig - subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - httpGet: - path: /api/multicloud-thinkcloud/v1/swagger.json - port: {{ .Values.service.internalPort }} - scheme: HTTP - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - successThreshold: {{ .Values.liveness.successThreshold }} - failureThreshold: {{ .Values.liveness.failureThreshold }} - {{ end }} - # side car containers - - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: lenovo-log - - mountPath: /usr/share/filebeat/data - name: lenovo-data-filebeat - - volumes: - - name: lenovo-log - emptyDir: {} - - name: lenovo-data-filebeat - emptyDir: {} - - name: filebeat-conf - configMap: - name: multicloud-filebeat-configmap - - name: lenovo-logconfig - configMap: - name: {{ include "common.fullname" . }}-log-configmap - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/values.yaml b/kubernetes/multicloud/charts/multicloud-lenovo/values.yaml deleted file mode 100644 index 953f35503a..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/values.yaml +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 304 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-lenovo:1.3.4 -pullPolicy: Always - -#Istio sidecar injection policy -istioSidecar: true - -# application configuration -config: - msbgateway: msb-iag - msbPort: 80 - aai: - port: 8443 - schemaVersion: v13 - username: AAI - password: AAI - -service: - type: ClusterIP - name: multicloud-thinkcloud - portName: multicloud-thinkcloud - externalPort: 9010 - internalPort: 9010 - nodePort: 86 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 5 - enabled: true - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 4Gi - requests: - cpu: 10m - memory: 1Gi - large: - limits: - cpu: 2 - memory: 8Gi - requests: - cpu: 20m - memory: 2Gi - unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml index 935d9ca62e..8e40564093 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/pike/pike.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml index 62203fb329..db801e0987 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml @@ -15,8 +15,8 @@ */}} {{- if .Values.global.alertmanager.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -34,8 +34,9 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml index 8ea5faca82..f4e237c6f1 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml @@ -32,21 +32,12 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml index aa3a956c06..6cc1b938b8 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml @@ -15,8 +15,8 @@ */}} {{- if .Values.global.grafana.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,9 +33,10 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml index 2900395d17..e629fc290a 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml @@ -32,21 +32,12 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml index 961b6bba63..6a75441843 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml @@ -15,8 +15,8 @@ */}} {{- if .Values.global.prometheus.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,9 +33,10 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml index 73fcc30ba6..4cc525a465 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml @@ -32,21 +32,12 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml index 30445572d9..8ec5449266 100644 --- a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml index e606d03ce3..7e1735df08 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/windriver/titanium_cloud.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml index e2e326d34f..d7464b1a01 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,6 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml index 5bc04cdfd3..d138732565 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml @@ -30,11 +30,9 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 9fd0789e32..645b826efb 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -23,6 +23,7 @@ global: artifactImage: onap/multicloud/framework-artifactbroker:1.4.2 prometheus: enabled: false + persistence: {} ################################################################# # Application configuration defaults. diff --git a/kubernetes/nbi/charts/mariadb/requirements.yaml b/kubernetes/nbi/charts/mariadb/requirements.yaml deleted file mode 100644 index 56097c0af4..0000000000 --- a/kubernetes/nbi/charts/mariadb/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~5.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/nbi/charts/mariadb/templates/NOTES.txt b/kubernetes/nbi/charts/mariadb/templates/NOTES.txt deleted file mode 100644 index 4d3c96fcd9..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/NOTES.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada , Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/nbi/charts/mariadb/templates/deployment.yaml b/kubernetes/nbi/charts/mariadb/templates/deployment.yaml deleted file mode 100644 index b432d0e431..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/deployment.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_DATABASE - value: "{{ .Values.config.db.database }}" - - name: MYSQL_USER - value: "{{ .Values.config.db.user }}" - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/lib/mysql - name: mariadb-data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/nbi/charts/mariadb/templates/pvc.yaml b/kubernetes/nbi/charts/mariadb/templates/pvc.yaml deleted file mode 100644 index 19ea299872..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/nbi/charts/mariadb/templates/service.yaml b/kubernetes/nbi/charts/mariadb/templates/service.yaml deleted file mode 100644 index 99a7128f3e..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/nbi/charts/mariadb/values.yaml b/kubernetes/nbi/charts/mariadb/values.yaml deleted file mode 100644 index 70fa143b9a..0000000000 --- a/kubernetes/nbi/charts/mariadb/values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: mariadb:10.3.14 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -# Example: -config: - db: - user: nbi_user - password: nbi_user - root_password: change_me - database: maria -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mariadb/data - -service: - type: ClusterIP - name: policydb - portName: policydb - internalPort: 3306 - -ingress: - enabled: false - -# Resource Limit flavor -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 20m - memory: 400Mi - unlimited: {} diff --git a/kubernetes/nbi/requirements.yaml b/kubernetes/nbi/requirements.yaml index b440b1e30f..f0c4b8e374 100644 --- a/kubernetes/nbi/requirements.yaml +++ b/kubernetes/nbi/requirements.yaml @@ -23,4 +23,11 @@ dependencies: - name: mongo version: ~5.x-0 repository: '@local' - + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' + condition: global.mariadbGalera.localCluster + - name: mariadb-init + version: ~5.x-0 + repository: '@local' + condition: not global.mariadbGalera.localCluster diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index 889e25e623..7f9220d98b 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -30,7 +30,7 @@ spec: labels: app: {{ include "common.name" . }} release: {{ .Release.Name }} - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }} spec: containers: - name: {{ include "common.name" . }} @@ -54,14 +54,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: SPRING_DATASOURCE_URL - value: jdbc:mariadb://{{ .Values.mariadb.service.name }}.{{ include "common.namespace" . }}:{{.Values.mariadb.service.internalPort }}/{{ .Values.mariadb.config.db.database }} + value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} - name: SPRING_DATASOURCE_USERNAME - value: {{ .Values.mariadb.config.db.user }} + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password + name: {{ include "common.mariadbSecret" . }} + key: {{ include "common.mariadbSecretParam" . }} - name: SPRING_DATA_MONGODB_HOST value: {{ .Values.mongo.service.name }}.{{ include "common.namespace" . }} - name: SPRING_DATA_MONGODB_PORT @@ -77,7 +77,7 @@ spec: - name: NBI_URL value: "http://nbi.{{ include "common.namespace" . }}:8080/nbi/api/v4" - name: SDC_HOST - value: "http://sdc-be.{{ include "common.namespace" . }}:8080" + value: "https://sdc-be.{{ include "common.namespace" . }}:8443" - name: SDC_HEADER_ECOMPINSTANCEID value: {{ .Values.config.ecompInstanceId }} - name: SDC_HEADER_AUTHORIZATION @@ -93,7 +93,7 @@ spec: value: {{ .Values.so_authorization }} {{- end }} - name: DMAAP_HOST - value: "http://message-router.{{ include "common.namespace" . }}:3904" + value: "https://message-router.{{ include "common.namespace" . }}:3905" - name: LOGGING_LEVEL_ORG_ONAP_NBI value: {{ .Values.config.loglevel }} - name: MSB_ENABLED diff --git a/kubernetes/nbi/tests/deployment_test.yaml b/kubernetes/nbi/tests/deployment_test.yaml new file mode 100644 index 0000000000..7c8a1b0dbb --- /dev/null +++ b/kubernetes/nbi/tests/deployment_test.yaml @@ -0,0 +1,205 @@ +--- +suite: test deployment behavior +templates: + - deployment.yaml +tests: + - it: "should render with default values (global)" + asserts: + - isKind: + of: Deployment + - equal: + path: metadata.name + value: RELEASE-NAME-nbi + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: nbi + - matchRegex: + path: spec.template.metadata.labels.app + pattern: nbi + - equal: + path: spec.template.metadata.name + value: RELEASE-NAME-nbi + - equal: + path: spec.replicas + value: 1 + - isNull: + path: spec.template.spec.nodeSelector + - isNull: + path: spec.template.spec.affinity + + - it: "should render with default value (container)" + asserts: + - equal: + path: spec.template.spec.containers[0].name + value: nbi + - equal: + path: spec.template.spec.containers[0].image + value: nexus3.onap.org:10001/onap/externalapi/nbi:5.0.1 + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: IfNotPresent + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_URL + value: jdbc:mariadb://mariadb-galera:3306/nbi + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_USERNAME + value: rene + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-nbi-config + key: db-user-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATA_MONGODB_HOST + value: nbi-mongohost.NAMESPACE + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATA_MONGODB_PORT + value: "27017" + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATA_MONGODB_DATABASE + value: ServiceOrderDB + - contains: + path: spec.template.spec.containers[0].env + content: + name: ONAP_LCPCLOUDREGIONID + value: RegionOne + - contains: + path: spec.template.spec.containers[0].env + content: + name: ONAP_TENANTID + value: 31047205ce114b60833b23e400d6a535 + - contains: + path: spec.template.spec.containers[0].env + content: + name: ONAP_CLOUDOWNER + value: CloudOwner + - contains: + path: spec.template.spec.containers[0].env + content: + name: NBI_URL + value: http://nbi.NAMESPACE:8080/nbi/api/v4 + - contains: + path: spec.template.spec.containers[0].env + content: + name: SDC_HOST + value: https://sdc-be.NAMESPACE:8443 + - contains: + path: spec.template.spec.containers[0].env + content: + name: SDC_HEADER_ECOMPINSTANCEID + value: OOM + - contains: + path: spec.template.spec.containers[0].env + content: + name: SDC_HEADER_AUTHORIZATION + value: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= + - contains: + path: spec.template.spec.containers[0].env + content: + name: AAI_HOST + value: https://aai.NAMESPACE:8443 + - contains: + path: spec.template.spec.containers[0].env + content: + name: AAI_HEADER_AUTHORIZATION + value: Basic QUFJOkFBSQ== + - contains: + path: spec.template.spec.containers[0].env + content: + name: SO_HOST + value: http://so.NAMESPACE:8080 + - contains: + path: spec.template.spec.containers[0].env + content: + name: DMAAP_HOST + value: http://message-router.NAMESPACE:3904 + - contains: + path: spec.template.spec.containers[0].env + content: + name: LOGGING_LEVEL_ORG_ONAP_NBI + value: INFO + - contains: + path: spec.template.spec.containers[0].env + content: + name: MSB_ENABLED + value: "true" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MSB_DISCOVERY_HOST + value: msb-discovery.NAMESPACE + - contains: + path: spec.template.spec.containers[0].env + content: + name: MSB_DISCOVERY_PORT + value: "10081" + - equal: + path: spec.template.spec.containers[0].livenessProbe + value: + initialDelaySeconds: 180 + periodSeconds: 30 + tcpSocket: + port: 8080 + - equal: + path: spec.template.spec.containers[0].readinessProbe + value: + initialDelaySeconds: 185 + periodSeconds: 30 + tcpSocket: + port: 8080 + - contains: + path: spec.template.spec.containers[0].ports + content: + containerPort: 8080 + - equal: + path: spec.template.spec.containers[0].resources.limits.cpu + value: 1 + - equal: + path: spec.template.spec.containers[0].resources.limits.memory + value: 2Gi + - equal: + path: spec.template.spec.containers[0].resources.requests.cpu + value: 100m + - equal: + path: spec.template.spec.containers[0].resources.requests.memory + value: 1Gi + - it: "should render when deciding to use local cluster (container)" + set: + global: + mariadbGalera: + localCluster: true + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_URL + value: jdbc:mariadb://nbi-galera:3306/nbi + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_USERNAME + value: rene + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-nbi-nbi-galera + key: user-password diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 494cf7372d..30f7d2d18e 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -19,9 +19,15 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + mariadbGalera: &mariadbGalera + #This flag allows SO to instantiate its own mariadb-galera cluster + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera subChartsOnly: enabled: true @@ -29,7 +35,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 image: onap/externalapi/nbi:5.0.1 -pullPolicy: Always +pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== so_authorization: @@ -44,21 +50,27 @@ config: openStackRegion: RegionOne openStackVNFTenantId: 31047205ce114b60833b23e400d6a535 -mariadb: - nameOverride: nbi-mariadb +mariadb-galera: + # '&mariadbConfig' means we "store" the values for later use in the file + # with '*mariadbConfig' pointer. + config: &mariadbConfig + userName: rene + userPassword: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb + mariadbRootPassword: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs + mysqlDatabase: nbi + nameOverride: nbi-galera service: - name: nbi-mariadbhost + name: nbi-galera + portName: nbi-galera internalPort: 3306 - config: - db: - database: nbi - user: rene - password: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb - root_password: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs + replicaCount: 1 persistence: - mountSubPath: nbi/maria/data enabled: true - disableNfsProvisioner: true + mountSubPath: nbi/maria/data + +mariadb-init: + config: *mariadbConfig + nameOverride: nbi-config mongo: nameOverride: nbi-mongo diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 8b186c01d6..314622f4c6 100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -57,7 +57,7 @@ dependencies: repository: '@local' condition: contrib.enabled - name: dcaegen2 - version: ~5.x-0 + version: ~6.x-0 repository: '@local' condition: dcaegen2.enabled - name: dmaap @@ -92,10 +92,6 @@ dependencies: version: ~5.x-0 repository: '@local' condition: nbi.enabled - - name: nfs-provisioner - version: ~5.x-0 - repository: '@local' - condition: nfs-provisioner.enabled - name: pnda version: ~5.x-0 repository: '@local' diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index 989174c1c4..336e93788c 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -13,10 +13,10 @@ # limitations under the License. -# This override file is used to deploy a minmal configuration to -# to onboard and deploy a VNF. +# This override file is used to deploy a minimal configuration to +# onboard and deploy a VNF. # It includes the following components: -# A&AI, DMAAP, Portal, Robot, SDC, SDNC, SO, VID +# A&AI, Cassandra, DMAAP, Portal, Robot, SDC, SDNC, SO, VID # # Minimal resources are also reviewed for the various containers # A&AI: no override => to be fixed @@ -52,7 +52,7 @@ aaf: appc: enabled: false cassandra: - enabled: false + enabled: true replicaCount: 1 clamp: enabled: false diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index 2d4360c579..3062e4e3fa 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -95,11 +95,24 @@ portal: readiness: initialDelaySeconds: 60 sdc: + sdc-fe: + liveness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 + readiness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-cs: liveness: initialDelaySeconds: 120 @@ -107,14 +120,18 @@ sdc: initialDelaySeconds: 120 sdc-es: liveness: - initialDelaySeconds: 60 + initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 sdc-onboarding-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdnc: liveness: initialDelaySeconds: 60 diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml index 75ce8e529b..2788e244e2 100644 --- a/kubernetes/onap/resources/overrides/environment.yaml +++ b/kubernetes/onap/resources/overrides/environment.yaml @@ -157,11 +157,24 @@ portal: readiness: periodSeconds: 60 sdc: + sdc-fe: + liveness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 + readiness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-cs: liveness: initialDelaySeconds: 120 @@ -177,8 +190,12 @@ sdc: sdc-onboarding-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdnc: liveness: initialDelaySeconds: 60 diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml similarity index 78% rename from kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml rename to kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml index 7ef1e02714..291a0321f7 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml @@ -68,16 +68,14 @@ sdnc: enabled: true so: enabled: true + ingress: + enabled: true so-monitoring: + ingress: + enabled: true + so-vnfm-adapter: + ingress: enabled: true - ingress: - enabled: true - service: - - path: "/so-monitoring" - name: "so-monitoring" - port: 9091 - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" uui: enabled: true vfc: @@ -85,15 +83,11 @@ vfc: vid: enabled: true ingress: - enabled: true - service: - - path: "/vid" - name: "vid-http" - port: 8080 - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" + enabled: true vnfsdk: enabled: true -nginx-ingress: - enabled: true +#ingress virtualhost based configuration +global: + ingress: + enabled: true diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml index 323961fba3..a0602eb498 100644 --- a/kubernetes/onap/resources/overrides/onap-vfw.yaml +++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml @@ -52,4 +52,6 @@ sdc: sdnc: enabled: true so: - enabled: true \ No newline at end of file + enabled: true +vid: + enabled: true diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 672ae2ef9e..5344a423f3 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -57,6 +57,12 @@ global: # flag to enable debugging - application support required debugEnabled: false + #Global ingress configuration + ingress: + enabled: false + virtualhost: + enabled: true + baseurl: "simpledemo.onap.org" ################################################################# # Enable/disable and configure helm charts (ie. applications) # to customize the ONAP deployment. @@ -113,8 +119,6 @@ nbi: # openstack configuration openStackRegion: "Yolo" openStackVNFTenantId: "1234" -nfs-provisioner: - enabled: false policy: enabled: false pomba: @@ -169,4 +173,4 @@ vid: vnfsdk: enabled: false modeling: - enabled: false + enabled: false \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties index 6b72dd4360..32636f4b2e 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties @@ -53,6 +53,11 @@ cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn mechid.user=oof@oof.onap.org mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof + cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props aaf.user.roles=/share/etc/certs/AAFUserRoles.properties \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml index 096332ba23..af56717fdc 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml @@ -25,12 +25,12 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-optimizer:2.0.0 +image: onap/optf-cmso-optimizer:2.1.1 pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:2.0.0 + image: onap/optf-cmso-dbinit:2.1.1 # flag to enable debugging - application support required debugEnabled: false @@ -54,7 +54,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties index c6c93eda9c..68b36886e0 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -102,6 +102,11 @@ mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== cmso.dispatch.url=http://localhost:8089 +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof + cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props aaf.user.roles=/share/etc/certs/AAFUserRoles.properties diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py deleted file mode 100644 index b678a4e8d4..0000000000 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py +++ /dev/null @@ -1,83 +0,0 @@ - # ------------------------------------------------------------------------- - # Copyright (c) 2019 AT&T Intellectual Property - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - # - # ------------------------------------------------------------------------- - # - -from flask import Flask -from flask import request -from flask import Response -from flask import json -from flask import send_from_directory -import requests -from threading import Thread -import time - -import os -import fnmatch -import re -import time -import datetime - -app = Flask(__name__) -ROOT_MOCK_DIR = os.path.dirname(os.path.abspath(__file__)) -DATA_DIR = os.path.join(ROOT_MOCK_DIR, "data") -global requestNum -requestNum = 1 - -######################################################################## -######################################################################## -@app.route('/onap/so/infra/orchestrationRequests/v7/schedule/', methods=['GET', 'POST']) -def soSchedule(VNFNAME): - if request.method == 'POST': - testid = request.headers.environ["HTTP_X_TRANSACTIONID"] - response = { - "status" : "202", - "entity" : { - "requestReferences" : { - "requestId" : "000001" - } - } - } - resp = Response(json.dumps(response), 200, mimetype='application/json') - return resp - - - else : - return "Helloooooo!!!!" - -######################################################################## -######################################################################## -@app.route('/onap/so/infra/orchestrationRequests/v7/', methods=['GET']) -def soStatus(REQUESTID): - response = {"request" : { "requestStatus" : { - "requestState" : "COMPLETE", - "statusMessage" : "Done.", - "percentProgress" : 100, - "finishTime" : "" - }}} - now = datetime.datetime.utcnow() - #response["finishTime"] = now.strftime("%Y-%m-%dT%H:%M:%SZ") - response["request"]["requestStatus"]["finishTime"] = now.strftime("%a, %d %b %Y %H:%M:%S GMT") - resp = Response(json.dumps(response), 200, mimetype='application/json') - - return resp - -######################################################################## -######################################################################## -if __name__ == "__main__": - app.run(host= '0.0.0.0',port=5000) - #app.run() - diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh deleted file mode 100644 index c87a26bb7a..0000000000 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -pip install flask -pip install requests -python /share/etc/config/mock.py diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml index b26f6dd6c0..1b17ed2ae4 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -84,16 +84,11 @@ spec: resources: {{ include "common.resources" . }} - name: mso-simulator - image: "{{ .Values.global.pythonRepository }}/{{ .Values.global.pythonImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.robotimage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: {{ include "common.fullname" . }}-config mountPath: /share/etc/config - command: - - /bin/sh - args: - - -x - - /share/etc/config/msosimulator.sh ports: - containerPort: 5000 resources: @@ -179,10 +174,6 @@ spec: path: ticketmgt.properties - key: liquibase.properties path: liquibase.properties - - key: mock.py - path: mock.py - - key: msosimulator.sh - path: msosimulator.sh - name: {{ include "common.fullname" . }}-logs emptyDir: {} - name: {{ include "common.fullname" . }}-filebeat diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index 3dad361b4a..85f6094615 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -19,20 +19,19 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - pythonRepository: library - pythonImage: python:3.6-alpine subChartsOnly: enabled: true # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-service:2.0.0 +image: onap/optf-cmso-service:2.1.1 +robotimage: onap/optf-cmso-robot:2.1.1 pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:2.0.0 + image: onap/optf-cmso-dbinit:2.1.1 # flag to enable debugging - application support required debugEnabled: false @@ -56,7 +55,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties index d687ab376d..e8fb5b6b4f 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties @@ -30,4 +30,9 @@ #------------------------------------------------------------------------------- cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties \ No newline at end of file +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties + +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml index 7d093c1000..300a72cbae 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -26,7 +26,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-ticketmgt:2.0.0 +image: onap/optf-cmso-ticketmgt:2.1.1 pullPolicy: Always @@ -52,7 +52,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties index d687ab376d..e8fb5b6b4f 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties @@ -30,4 +30,9 @@ #------------------------------------------------------------------------------- cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties \ No newline at end of file +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties + +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml index dc8040efaa..c8ac5d7880 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml @@ -25,7 +25,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-topology:2.0.0 +image: onap/optf-cmso-topology:2.1.1 pullPolicy: Always @@ -51,7 +51,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/templates/ingress.yaml b/kubernetes/oof/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/oof/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index a9b2b2a9c5..e540aa096a 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -21,6 +21,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + persistence: {} ################################################################# # Application configuration defaults. ################################################################# @@ -151,3 +152,9 @@ service: nodePort: 48 ingress: enabled: false + service: + - baseaddr: "oofosdf" + name: "oof-osdf" + port: 8698 + config: + ssl: "none" \ No newline at end of file diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml index a98761ffc6..1106f1310b 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml @@ -79,16 +79,9 @@ spec: configMap: name: {{ include "common.fullname" . }}-secrets - name: {{ include "common.fullname" . }}-logs - persitentVolumeClaim: - claimName: {{ include "common.fullname" . }}-logs - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-logs - labels: - name: {{ include "common.fullname" . }} - spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: manual - resources: - requests: - storage: {{ .Values.persistence.size }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml index bf2d40bc65..0d20b9687e 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml @@ -19,7 +19,7 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-logs + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -34,7 +34,7 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 - + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pvc.yaml similarity index 78% rename from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml rename to kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pvc.yaml index e6aacd1b96..4b93a0ed76 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright 2018 Intel Corporation, Inc +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -30,19 +29,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index 01c79be6e3..0989a02e2e 100644 --- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -63,5 +63,5 @@ BRMS_UEB_API_KEY= BRMS_UEB_API_SECRET= #Dependency.json file version -BRMS_DEPENDENCY_VERSION=1.4.2 -BRMS_MODELS_DEPENDENCY_VERSION=2.0.2 +BRMS_DEPENDENCY_VERSION=1.5.3 +BRMS_MODELS_DEPENDENCY_VERSION=2.1.4 diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index ef817f0be6..03b3a3c2af 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ################################################################# # Application configuration defaults. diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml index bf372b3744..f45e9d4b58 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml index 1deed4e92a..a082319789 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml index 2f80892ab2..2024bca973 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/values.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 persistence: {} diff --git a/kubernetes/policy/charts/drools/resources/configmaps/base.conf b/kubernetes/policy/charts/drools/resources/configmaps/base.conf index ba39b0b5ad..0b982fd7d0 100644 --- a/kubernetes/policy/charts/drools/resources/configmaps/base.conf +++ b/kubernetes/policy/charts/drools/resources/configmaps/base.conf @@ -17,7 +17,7 @@ JVM_OPTIONS={{.Values.server.jvmOpts}} -# SYSTEM software configuration +# SYSTEM software configuration POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap/policy/pdpd @@ -35,9 +35,9 @@ SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.n RELEASE_REPOSITORY_ID=policy-nexus-releases RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/releases/ -# Relational (SQL) DB access +# Relational (SQL) DB access -SQL_HOST={{.Values.global.mariadb.nameOverride}} +SQL_HOST={{ .Values.global.mariadb.service.name }} # AAF @@ -57,6 +57,10 @@ PDPD_CONFIGURATION_PARTITION_KEY= POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP +# Symmetric Key for encoded sensitive data + +SYMM_KEY= + # PAP PAP_HOST=policy-pap @@ -90,3 +94,8 @@ VFC_URL= # SDNC SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations + +# CDS + +CDS_GRPC_HOST={{.Values.cds.grpc.svcName}} +CDS_GRPC_PORT={{.Values.cds.grpc.svcPort}} diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf index 36d3c3b376..57269c18af 100644 --- a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf +++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf @@ -54,3 +54,6 @@ SDNC_PASSWORD={{.Values.sdnc.password}} HEALTHCHECK_USER={{.Values.telemetry.user}} HEALTHCHECK_PASSWORD={{.Values.telemetry.password}} + +CDS_GRPC_USERNAME={{.Values.cds.grpc.user}} +CDS_GRPC_PASSWORD={{.Values.cds.grpc.password}} diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 7daf473db2..9a92ad9769 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -18,5 +18,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/configmaps/*{.zip,store}" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/configmaps/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/configmaps/*.{conf,sh,properties,xml,keyfile}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index bb21ae14aa..9f9ca355c3 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -40,7 +40,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config - --container-name - {{ .Values.global.nexus.nameOverride }} env: diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 88e664d22b..fbb4211920 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuImage: ubuntu:16.04 @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pdpd-cl:1.5.2 +image: onap/policy-pdpd-cl:1.5.3 pullPolicy: Always # flag to enable debugging - application support required @@ -127,6 +127,13 @@ dmaap: key: password: +cds: + grpc: + user: ccsdkapps + password: ccsdkapps + svcName: cds-blueprints-processor-grpc + svcPort: 9111 + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/policy/charts/mariadb/Chart.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml deleted file mode 100644 index 59bd592fdd..0000000000 --- a/kubernetes/policy/charts/mariadb/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP Policy MariaDB Service -name: mariadb -version: 5.0.0 diff --git a/kubernetes/policy/charts/mariadb/requirements.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml deleted file mode 100644 index 05d49a8d7b..0000000000 --- a/kubernetes/policy/charts/mariadb/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~5.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/policy/charts/mariadb/templates/NOTES.txt b/kubernetes/policy/charts/mariadb/templates/NOTES.txt deleted file mode 100644 index 5d0107eb99..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/policy/charts/mariadb/templates/configmap.yaml b/kubernetes/policy/charts/mariadb/templates/configmap.yaml deleted file mode 100644 index 87dc6d3fbb..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/configmap.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/mariadb/templates/deployment.yaml b/kubernetes/policy/charts/mariadb/templates/deployment.yaml deleted file mode 100644 index c64fb9ab0f..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/deployment.yaml +++ /dev/null @@ -1,104 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - - name: MYSQL_USER - value: policy_user - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /docker-entrypoint-initdb.d - name: mariadb-conf - - mountPath: /var/lib/mysql - name: mariadb-data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: mariadb-conf - configMap: - name: {{ include "common.fullname" . }}-configmap - defaultMode: 0755 - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/mariadb/templates/service.yaml b/kubernetes/policy/charts/mariadb/templates/service.yaml deleted file mode 100644 index 9d5d13ab04..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018-2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml deleted file mode 100644 index 9b7102dbeb..0000000000 --- a/kubernetes/policy/charts/mariadb/values.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018-2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: mariadb:10.2.25 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -# Example: -config: - mysqlRootPassword: secret - mysqlUserName: policy_user - mysqlPassword: policy_user -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mariadb/data - -service: - type: ClusterIP - name: policydb - portName: policydb - externalPort: 3306 - internalPort: 3306 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 10m - memory: 0.5Gi - large: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 20m - memory: 1Gi - unlimited: {} diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 20f4614b07..af5bb9e383 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml index 937a5b4afd..23fd1b56d0 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,5 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-api/resources/config/config.json b/kubernetes/policy/charts/policy-api/resources/config/config.json index 397f850095..8952ae86d8 100644 --- a/kubernetes/policy/charts/policy-api/resources/config/config.json +++ b/kubernetes/policy/charts/policy-api/resources/config/config.json @@ -29,9 +29,9 @@ "name": "PolicyProviderParameterGroup", "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl", "databaseDriver": "org.mariadb.jdbc.Driver", - "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin", - "databaseUser": "policy_user", - "databasePassword": "cG9saWN5X3VzZXI=", + "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/policyadmin", + "databaseUser": "{{ .Values.global.mariadb.config.userName }}", + "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}", "persistenceUnit": "PolicyMariaDb" } } diff --git a/kubernetes/policy/charts/policy-api/templates/configmap.yaml b/kubernetes/policy/charts/policy-api/templates/configmap.yaml index d90b0c93dc..e2a3de7756 100644 --- a/kubernetes/policy/charts/policy-api/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-api/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,5 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-api/templates/deployment.yaml b/kubernetes/policy/charts/policy-api/templates/deployment.yaml index b79c6bf9c7..505ba891c9 100644 --- a/kubernetes/policy/charts/policy-api/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf index 44e754b90b..571104491e 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -19,10 +19,10 @@ KEYSTORE_PASSWD=Pol1cy_0nap TRUSTSTORE_PASSWD=Pol1cy_0nap JDBC_DRIVER=org.mariadb.jdbc.Driver -JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 -JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 -JDBC_USER=policy_user -JDBC_PASSWORD=policy_user +JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 +JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 +JDBC_USER={{ .Values.global.mariadb.config.userName }} +JDBC_PASSWORD={{ .Values.global.mariadb.config.userPassword }} site_name=site_1 fp_monitor_interval=30 diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh index fc27782a2d..052b6f2c2f 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh +++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh @@ -42,7 +42,7 @@ if [[ -f /opt/app/policy/etc/build.info ]]; then echo "Found existing installation, will not reinstall" . /opt/app/policy/etc/profile.d/env.sh -else +else if [[ -d config ]]; then cp config/*.conf . fi @@ -80,7 +80,7 @@ else # (which does nothing if the db is already up-to-date) dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) - db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.nameOverride}} + db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.service.name}} fi fi diff --git a/kubernetes/policy/charts/policy-common/values.yaml b/kubernetes/policy/charts/policy-common/values.yaml index a098560269..57eacc56f0 100644 --- a/kubernetes/policy/charts/policy-common/values.yaml +++ b/kubernetes/policy/charts/policy-common/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -30,7 +30,6 @@ debugEnabled: false config: logstashServiceName: log-ls logstashPort: 5044 - mariadbPort: 3306 # default number of instances replicaCount: 1 diff --git a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml index 318ad34491..23fd1b56d0 100644 --- a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,6 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} - +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json index 3f33ed95a0..48065aeb4b 100644 --- a/kubernetes/policy/charts/policy-pap/resources/config/config.json +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -40,9 +40,9 @@ "name": "PolicyProviderParameterGroup", "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl", "databaseDriver": "org.mariadb.jdbc.Driver", - "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin", - "databaseUser": "policy_user", - "databasePassword": "cG9saWN5X3VzZXI=", + "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/{{ .Values.global.mariadb.config.mysqlDatabase }}", + "databaseUser": "{{ .Values.global.mariadb.config.userName }}", + "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}", "persistenceUnit": "PolicyMariaDb" }, "topicParameterGroup": { @@ -55,6 +55,11 @@ "topic" : "POLICY-PDP-PAP", "servers" : [ "message-router" ], "topicCommInfrastructure" : "dmaap" + }, + { + "topic" : "POLICY-NOTIFICATION", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" }] } } diff --git a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml index 19ce6a8f20..372bf4dcca 100644 --- a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. +# Copyright (C) 2019-2020 Nordix Foundation. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,6 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} - +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml index 3332f60944..a3adfeebc2 100644 --- a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Values.global.mariadb.service.name }} env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json index 4483a1b51a..7fd8572c1f 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -16,7 +16,8 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= { - "name": "XacmlPdpGroup", + "name": "XacmlPdpParameters", + "pdpGroup": "defaultGroup", "restServerParameters": { "host": "0.0.0.0", "port": 6969, diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties index be9a3faa45..29feeb6e24 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties @@ -48,6 +48,6 @@ xacml.pip.engines=count-recent-operations,get-operation-outcome # JPA Properties # javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver -javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:3306/operationshistory -javax.persistence.jdbc.user=policy_user -javax.persistence.jdbc.password=cG9saWN5X3VzZXI= +javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/operationshistory +javax.persistence.jdbc.user={{ .Values.global.mariadb.config.userName }} +javax.persistence.jdbc.password={{ .Values.global.mariadb.config.userPassword | b64enc }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml index f689f4d6e8..3ca4f82963 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,5 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,properties,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml index da9b0197d3..ced19b9f52 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml index 05d49a8d7b..589dfa4810 100644 --- a/kubernetes/policy/requirements.yaml +++ b/kubernetes/policy/requirements.yaml @@ -20,3 +20,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/resources/config/db.sh similarity index 93% rename from kubernetes/policy/charts/mariadb/resources/config/db.sh rename to kubernetes/policy/resources/config/db.sh index a5eb7f55c2..ef821a11d4 100644 --- a/kubernetes/policy/charts/mariadb/resources/config/db.sh +++ b/kubernetes/policy/resources/config/db.sh @@ -14,7 +14,7 @@ # limitations under the License. #!/bin/bash -xv - +mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; }; for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory do mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml index bd1af397b3..8c804c35ed 100644 --- a/kubernetes/policy/templates/configmap.yaml +++ b/kubernetes/policy/templates/configmap.yaml @@ -36,4 +36,11 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-db-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml index 5feb37415b..355b8fc75d 100644 --- a/kubernetes/policy/templates/deployment.yaml +++ b/kubernetes/policy/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml new file mode 100644 index 0000000000..9ed09e82d7 --- /dev/null +++ b/kubernetes/policy/templates/job.yaml @@ -0,0 +1,77 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Release.Name }}-galera-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} +spec: + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + initContainers: +#This container checks that all galera instances are up before initializing it. + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + - --container-name + - {{ index .Values "mariadb-galera" "service" "name" }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ .Release.Name }}-galera-config + image: {{ .Values.mariadb_image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /dbcmd-config/db.sh + name: {{ include "common.fullname" . }}-config + subPath: db.sh + command: + - /bin/sh + args: + - -x + - /dbcmd-config/db.sh + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-secret + key: db-root-password + - name: MYSQL_HOST + value: "{{ index .Values "mariadb-galera" "service" "name" }}" + - name: MYSQL_USER + value: "{{ index .Values "mariadb-galera" "config" "userName" }}" + - name: MYSQL_PORT + value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" + restartPolicy: Never + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-db-configmap + items: + - key: db.sh + path: db.sh diff --git a/kubernetes/policy/charts/mariadb/templates/secrets.yaml b/kubernetes/policy/templates/secrets.yaml similarity index 78% rename from kubernetes/policy/charts/mariadb/templates/secrets.yaml rename to kubernetes/policy/templates/secrets.yaml index 3efe66c818..eb5b0020ee 100644 --- a/kubernetes/policy/charts/mariadb/templates/secrets.yaml +++ b/kubernetes/policy/templates/secrets.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018 AT&T, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,6 +25,5 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }} - db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }} - + db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }} + db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 3648647483..ca1a8a3c21 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -19,22 +19,32 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuImage: ubuntu:16.04 - mariadb: - nameOverride: policydb pdp: nameOverride: pdp pap: - nameOverride: pap + nameOverride: policy drools: nameOverride: drools brmwgw: nameOverride: brmsgw nexus: nameOverride: nexus + mariadb: + # '&mariadbConfig' means we "store" the values for later use in the file + # with '*mariadbConfig' pointer. + config: &mariadbConfig + userName: policy_user + userPassword: policy_user + mariadbRootPassword: secret + mysqlDatabase: policyadmin + service: &mariadbService + name: policy-mariadb + portName: mysql-policy + internalPort: 3306 ################################################################# # Application configuration defaults. @@ -42,17 +52,16 @@ global: # application image repository: nexus3.onap.org:10001 image: onap/policy-pe:1.5.2 +mariadb_image: library/mariadb:10 pullPolicy: Always subChartsOnly: enabled: true -nameOverride: pap - +pap: + nameOverride: pap pdp: nameOverride: pdp -mariadb: - nameOverride: policydb drools: nameOverride: drools brmwgw: @@ -101,6 +110,20 @@ service: ingress: enabled: false +mariadb-galera: + # mariadb-galera.config and global.mariadb.config must be equals + config: *mariadbConfig + nameOverride: policy-mariadb + # mariadb-galera.service and global.mariadb.service must be equals + service: *mariadbService + replicaCount: 1 + persistence: + enabled: true + mountSubPath: policy/maria/data + externalConfig: |- + [mysqld] + lower_case_table_names = 1 + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/ingress.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml index 184728f8ad..63829cb185 100644 --- a/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -31,7 +32,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml index e27c3311e9..49f1d6886f 100644 --- a/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml @@ -25,24 +25,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index ec70f4b619..f891dce42f 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -24,7 +24,7 @@ global: persistence: {} readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + # application image repository: nexus3.onap.org:10001 image: onap/data-router:1.3.3 @@ -70,6 +70,12 @@ service: ingress: enabled: false + service: + - baseaddr: "pombadatarouter" + name: "pomba-data-router" + port: 9502 + config: + ssl: "none" persistence: enabled: true @@ -88,7 +94,7 @@ persistence: ## GKE, AWS & OpenStack) ## ## storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: pomba/data-router/logs diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml index 93b5539cfc..2e6f1fde54 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml @@ -108,10 +108,18 @@ spec: - key: elasticsearch.yml path: elasticsearch.yml - name: {{ include "common.fullname" . }}-data + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} - name: {{ include "common.fullname" . }}-logs - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-logs + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/pv.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-data.yaml similarity index 89% rename from kubernetes/vid/charts/vid-mariadb-galera/templates/pv.yaml rename to kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-data.yaml index f682196931..7c6cfe543d 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/pv.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-data.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,6 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/nbi/charts/mariadb/templates/pv.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-logs.yaml similarity index 79% rename from kubernetes/nbi/charts/mariadb/templates/pv.yaml rename to kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-logs.yaml index 4645f473a6..a4cccd2af7 100644 --- a/kubernetes/nbi/charts/mariadb/templates/pv.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-logs.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange +# Copyright © 2019 Amdocs, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,23 +15,26 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-logs namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-logs spec: capacity: - storage: {{ .Values.persistence.size }} + storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-logs" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }} +{{- end -}} {{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv.yaml deleted file mode 100644 index 31230a9ed7..0000000000 --- a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-data.yaml similarity index 79% rename from kubernetes/vid/charts/vid-mariadb-galera/templates/pvc.yaml rename to kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-data.yaml index c3de6e8150..b536d7b58d 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/pvc.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-data.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,24 +25,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-logs.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-logs.yaml new file mode 100644 index 0000000000..ec8e75be99 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-logs.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-logs +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-logs" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc.yaml deleted file mode 100644 index c046f4604a..0000000000 --- a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index 00eb921779..8201eff7b1 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -74,7 +74,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: pomba/elasticsearch/data diff --git a/kubernetes/pomba/charts/pomba-kibana/templates/ingress.yaml b/kubernetes/pomba/charts/pomba-kibana/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-kibana/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/charts/pomba-kibana/values.yaml b/kubernetes/pomba/charts/pomba-kibana/values.yaml index 53725b7798..c892f1b85e 100644 --- a/kubernetes/pomba/charts/pomba-kibana/values.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/values.yaml @@ -80,8 +80,15 @@ service: externalPort: 5601 internalPort: 5601 nodePort: 34 + ingress: enabled: false + service: + - baseaddr: "pombakibana" + name: "pomba-kibana" + port: 5601 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/templates/ingress.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml index dba7f59bac..ae613c6034 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml @@ -94,7 +94,13 @@ service: ingress: enabled: false - + service: + - baseaddr: "pombanetworkdiscovery" + name: "pomba-networkdiscovery" + port: 8443 + config: + ssl: "redirect" + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties index 2d600ce41a..cd5c62e96b 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties @@ -5,7 +5,7 @@ trustStorePath=/auth/tomcat_keystore #trustStorePassword intentionally left blank trustStorePassword.x= keyStorePath=/auth/client-cert-onap.p12 -keyStorePassword.x=dfcfd1003bdde18de8efea3c8661510e +keyStorePassword.x=OBF: keyManagerFactoryAlgorithm=SunX509 keyStoreType=PKCS12 securityProtocol=TLS diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties index f15f46dd11..7d335aed50 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties @@ -18,5 +18,5 @@ poa-audit-result.name=POA-AUDIT-RESULT poa-audit-result.host=message-router:3904 poa-audit-result.publisher.partition=1 poa-audit-result.username= -poa-audit-result.password= +poa-audit-result.password=OBF: poa-audit-result.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties index 79aa5398ae..15c60afcc4 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties @@ -17,7 +17,7 @@ poa-rule-validation.name=POA-RULE-VALIDATION poa-rule-validation.host=message-router:3904 poa-rule-validation.username= -poa-rule-validation.password= +poa-rule-validation.password=OBF: poa-rule-validation.consumer.group=poa-validator-test poa-rule-validation.consumer.id=test poa-rule-validation.transport.type=HTTPAUTH diff --git a/kubernetes/portal/charts/portal-app/templates/ingress.yaml b/kubernetes/portal/charts/portal-app/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/portal/charts/portal-app/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 8d9cee0d4e..59a11ad6cf 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -88,6 +88,12 @@ messageRouter: ingress: enabled: false + service: + - baseaddr: portalapp + name: "portal-app" + port: 8443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small @@ -95,11 +101,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 10Gi + cpu: 2.2 + memory: 800Mi requests: - cpu: 1 - memory: 6Gi + cpu: 30m + memory: 460Mi large: limits: cpu: 4 diff --git a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml index 2040794074..96e865d8cf 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml @@ -65,7 +65,7 @@ spec: - name: CASSPASS value: "{{ .Values.config.cassandraPassword }}" - name: JVM_OPTS - value: "{{ .Values.config.cassandraJvmOpts }}" + value: "{{ .Values.config.cassandraJvmOpts }}" - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml b/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml index 252ca76599..f6119246ed 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml b/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml index 1deed4e92a..a082319789 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/portal/charts/portal-cassandra/values.yaml b/kubernetes/portal/charts/portal-cassandra/values.yaml index e08f59b971..65fcdbe84a 100644 --- a/kubernetes/portal/charts/portal-cassandra/values.yaml +++ b/kubernetes/portal/charts/portal-cassandra/values.yaml @@ -98,11 +98,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 8Gi + cpu: 500m + memory: 3.75Gi requests: - cpu: 1 - memory: 4Gi + cpu: 160m + memory: 2.8Gi large: limits: cpu: 4 diff --git a/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml b/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml index 252ca76599..f6119246ed 100644 --- a/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml +++ b/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml b/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml index 1deed4e92a..a082319789 100644 --- a/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml +++ b/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index e6896f17c1..e6aab2a2e3 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -132,11 +132,11 @@ flavor: small resources: small: limits: - cpu: 800m - memory: 1Gi + cpu: 460m + memory: 175Mi requests: - cpu: 400m - memory: 500Mi + cpu: 10m + memory: 100Mi large: limits: cpu: 2 diff --git a/kubernetes/portal/charts/portal-sdk/templates/ingress.yaml b/kubernetes/portal/charts/portal-sdk/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/portal/charts/portal-sdk/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 4a0124d7a5..8572ff83da 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -82,6 +82,12 @@ messageRouter: ingress: enabled: false + service: + - baseaddr: portalsdk + name: "portal-sdk" + port: 8080 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small @@ -89,11 +95,11 @@ flavor: small resources: small: limits: - cpu: 4 - memory: 10Gi + cpu: 600m + memory: 1.6Gi requests: - cpu: 2 - memory: 5Gi + cpu: 10m + memory: 1.3Gi large: limits: cpu: 8 diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index 37f4294fb4..7a02509737 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -75,10 +75,10 @@ resources: small: limits: cpu: 1 - memory: 4Gi + memory: 430Mi requests: - cpu: 500m - memory: 2Gi + cpu: 1m + memory: 360Mi large: limits: cpu: 2 diff --git a/kubernetes/portal/charts/portal-zookeeper/values.yaml b/kubernetes/portal/charts/portal-zookeeper/values.yaml index c7c8030339..6037d246cf 100644 --- a/kubernetes/portal/charts/portal-zookeeper/values.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/values.yaml @@ -62,11 +62,11 @@ flavor: small resources: small: limits: - cpu: 500m - memory: 600Mi + cpu: 100m + memory: 200Mi requests: - cpu: 250m - memory: 300Mi + cpu: 1m + memory: 80Mi large: limits: cpu: 1 diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index 9dbdd7cfd9..8c84cbdbb4 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -52,3 +52,6 @@ zookeeper: messageRouter: service: name: message-router + +ingress: + enabled: false \ No newline at end of file diff --git a/kubernetes/readiness/.gitignore b/kubernetes/readiness/.gitignore new file mode 100644 index 0000000000..90cb66eacd --- /dev/null +++ b/kubernetes/readiness/.gitignore @@ -0,0 +1,15 @@ +# Eclipse +.classpath +.factorypath +.project +.pydevproject +.settings/ + +# IntelliJ +.idea/* +*.iml + +# Mac OS +*DS_Store* + +/target \ No newline at end of file diff --git a/kubernetes/readiness/pom.xml b/kubernetes/readiness/pom.xml new file mode 100644 index 0000000000..af834ff4c2 --- /dev/null +++ b/kubernetes/readiness/pom.xml @@ -0,0 +1,109 @@ + + + 4.0.0 + + org.onap.oparent + oparent + 2.0.0 + + + org.onap.oom.readiness.check + readiness-check-docker + 2.2.1-SNAPSHOT + pom + oom-readiness-check-image + Contains dockerfiles and scrtipts for readiness-ckeck image. + + + 0.31.0 + onap + + + + + + io.fabric8 + docker-maven-plugin + ${docker.fabric.version} + + true + 1.23 + + + ${docker.push.registry}/${oom.docker.namespace}/readiness-check:%l + + @ + + dir + + + + ${project.basedir}/src/main/scripts + / + + **/* + + + + + + + latest + latest-${project.version} + + try + ${project.basedir}/src/main/docker + + + + + + + clean-images + pre-clean + + remove + + + true + + + + generate-images + package + + build + + + + push-images + deploy + + push + + + + + + + \ No newline at end of file diff --git a/kubernetes/readiness/docker/init/Dockerfile b/kubernetes/readiness/src/main/docker/Dockerfile similarity index 68% rename from kubernetes/readiness/docker/init/Dockerfile rename to kubernetes/readiness/src/main/docker/Dockerfile index b060915354..638e8efd67 100644 --- a/kubernetes/readiness/docker/init/Dockerfile +++ b/kubernetes/readiness/src/main/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM python:2-alpine +FROM python:3-alpine3.9 ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST" # Setup Corporate proxy @@ -10,11 +10,8 @@ RUN pip install requests pyyaml kubernetes ENV CERT="/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" ENV TOKEN="/var/run/secrets/kubernetes.io/serviceaccount/token" -COPY ready.py /root/ready.py -RUN chmod a+x /root/ready.py - -COPY job_complete.py /root/job_complete.py -RUN chmod a+x /root/job_complete.py +COPY maven/ /root/ +RUN chmod -R a+x /root/ ENTRYPOINT ["/root/ready.py"] CMD [""] \ No newline at end of file diff --git a/kubernetes/readiness/docker/init/job_complete.py b/kubernetes/readiness/src/main/scripts/job_complete.py similarity index 100% rename from kubernetes/readiness/docker/init/job_complete.py rename to kubernetes/readiness/src/main/scripts/job_complete.py diff --git a/kubernetes/readiness/docker/init/ready.py b/kubernetes/readiness/src/main/scripts/ready.py similarity index 87% rename from kubernetes/readiness/docker/init/ready.py rename to kubernetes/readiness/src/main/scripts/ready.py index db7105a18d..93932073cd 100644 --- a/kubernetes/readiness/docker/init/ready.py +++ b/kubernetes/readiness/src/main/scripts/ready.py @@ -79,7 +79,7 @@ def wait_for_deployment_complete(deployment_name): response = api.read_namespaced_deployment(deployment_name, namespace) s = response.status if (s.unavailable_replicas is None and - s.updated_replicas == response.spec.replicas and + ( s.updated_replicas is None or s.updated_replicas == response.spec.replicas ) and s.replicas == response.spec.replicas and s.ready_replicas == response.spec.replicas and s.observed_generation == response.metadata.generation): @@ -92,6 +92,20 @@ def wait_for_deployment_complete(deployment_name): log.error("Exception when waiting for deployment status: %s\n" % e) +def wait_for_daemonset_complete(daemonset_name): + try: + response = api_instance.read_namespaced_daemon_set(daemonset_name, namespace) + s = response.status + if s.desired_number_scheduled == s.number_ready: + log.info("DaemonSet: " + str(s.number_ready) + "/" + str(s.desired_number_scheduled) + " nodes ready --> " + daemonset_name + " is ready") + return True + else: + log.info("DaemonSet: " + str(s.number_ready) + "/" + str(s.desired_number_scheduled) + " nodes ready --> " + daemonset_name + " is not ready") + return False + except Exception as e: + log.error("Exception when waiting for DaemonSet status: %s\n" % e) + + def is_ready(container_name): ready = False log.info("Checking if " + container_name + " is ready") @@ -112,6 +126,8 @@ def is_ready(container_name): ready = wait_for_deployment_complete(deployment_name) elif i.metadata.owner_references[0].kind == "Job": ready = is_job_complete(name) + elif i.metadata.owner_references[0].kind == "DaemonSet": + ready = wait_for_daemonset_complete(i.metadata.owner_references[0].name) return ready @@ -123,7 +139,7 @@ def is_ready(container_name): def read_name(item): - return item.metadata.owner_reference[0].name + return item.metadata.owner_references[0].name def get_deployment_name(replicaset): diff --git a/kubernetes/robot b/kubernetes/robot index 1d36d59796..4bd799e5db 160000 --- a/kubernetes/robot +++ b/kubernetes/robot @@ -1 +1 @@ -Subproject commit 1d36d59796cf69d8bba1d833a7faa2709bef531c +Subproject commit 4bd799e5dbcbf2131a685bf73319e962ace86f5c diff --git a/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index 5ba797c8ab..8ac6c27dba 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -73,6 +73,13 @@ service: ingress: enabled: false + service: + - baseaddr: "sdcbe" + name: "sdc-be" + port: 8080 + config: + ssl: "none" + # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index 7a1fffcc8e..df0606fdbe 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -61,6 +61,15 @@ service: ingress: enabled: false + service: + - baseaddr: "dcaedt" + name: "sdc-dcae-dt" + port: 8186 + - baseaddr: "dcaedt2" + name: "sdc-dcae-dt" + port: 9446 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index f38ef30196..a5794b28c3 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -66,7 +66,15 @@ service: ingress: enabled: false - + service: + - baseaddr: "dcaedt" + name: "sdc-dcae-fe" + port: 8183 + - baseaddr: "dcaedt2" + name: "sdc-dcae-fe" + port: 9444 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml index 618b23a584..8edf342f3a 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml index e1f01b67fe..5251283ddf 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml index 62dffd6376..ee4da9b7b1 100644 --- a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml @@ -73,12 +73,14 @@ spec: port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} resources: {{ include "common.resources" . | indent 12 }} env: diff --git a/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index 6831555a44..c6f39f9822 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -38,8 +38,8 @@ config: dcae_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30264/dcaed/#/home" dcae_dt_discovery_url: "https://sdc-dcae-dt:9446/dcae/#/dcae/home" dcae_dt_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30266/dcae/#/dcae/home" - workflow_discovery_url: "http://sdc-wfd-fe:8080/workflows" - workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30431/workflows/" + workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows" + workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/" # default number of instances replicaCount: 1 @@ -51,14 +51,16 @@ affinity: {} # probe configuration parameters liveness: initialDelaySeconds: 10 - periodSeconds: 10 + periodSeconds: 60 + timeoutSeconds: 15 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: initialDelaySeconds: 10 - periodSeconds: 10 + periodSeconds: 60 + timeoutSeconds: 15 service: #Example service definition with external, internal and node ports. @@ -78,6 +80,12 @@ service: ingress: enabled: false + service: + - baseaddr: "sdcfe" + name: "sdc-fe" + port: 9443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml index 70895d308d..dee139beb5 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml @@ -60,6 +60,7 @@ spec: - "/var/lib/ready-probe.sh" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -67,6 +68,7 @@ spec: - "/var/lib/ready-probe.sh" initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} resources: {{ include "common.resources" . | indent 12 }} env: diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml index b292ff9448..70f6d959ce 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml @@ -16,10 +16,11 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-cert + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.cert.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml index eb2c372a33..662370d204 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.cert.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.cert.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.cert.persistence.size }} -{{- if .Values.cert.persistence.storageClass }} -{{- if (eq "-" .Values.cert.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.cert.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index ce04d480f0..a6a3f6bd22 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -48,15 +48,17 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 - periodSeconds: 10 + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 60 - periodSeconds: 10 + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 service: type: ClusterIP diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl index c69fb7c81c..298a2cd673 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -1,29 +1 @@ -{{- define "sdc-wfd-be.volumes" }} - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - hostPath: - path: /etc/cassandra-client-truststore/truststore - type: File - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - hostPath: - path: /config/server-https-keystore/keystore - type: File - {{- end }} -{{- end }} - -{{- define "sdc-wfd-be.volumeMounts" }} - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - mountPath: /etc/cassandra-client-truststore/truststore - subPath: truststore - readOnly: true - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - mountPath: /etc/server-https-keystore/keystore - subPath: keystore - readOnly: true - {{- end }} -{{- end }} \ No newline at end of file +{{- define "wfd-be.internalPort" }}{{ if .Values.config.serverSSLEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 0bf1bf5d31..00a986f4d2 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -53,20 +53,19 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ template "wfd-be.internalPort" . }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-be.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-be.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -89,7 +88,8 @@ spec: - name: CS_TRUST_STORE_PATH value: "{{ .Values.config.cassandraTrustStorePath }}" - name: CS_TRUST_STORE_PASSWORD - value: "{{ .Values.config.cassandraTrustStorePassword }}" + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_truststore_password} - name: SDC_PROTOCOL value: "{{ .Values.config.sdcProtocol }}" - name: SDC_ENDPOINT @@ -97,7 +97,8 @@ spec: - name: SDC_USER value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD - value: "{{ .Values.config.sdcExternalUserPassword }}" + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: wf_external_user_password} - name: SERVER_SSL_ENABLED value: "{{ .Values.config.serverSSLEnabled }}" - name: SERVER_SSL_KEYSTORE_TYPE @@ -105,10 +106,14 @@ spec: - name: SERVER_SSL_KEYSTORE_PATH value: "{{ .Values.config.serverSSLKeyStorePath }}" - name: SERVER_SSL_KEY_PASSWORD - value: "{{ .Values.config.serverSSLKeyPassword }}" - volumeMounts: - {{- template "sdc-wfd-be.volumeMounts" . }} - volumes: - {{- template "sdc-wfd-be.volumes" . }} + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password} + - name: SERVER_SSL_TRUSTSTORE_TYPE + value: "{{ .Values.config.serverSSLTrustStoreType }}" + - name: SERVER_SSL_TRUSTSTORE_PATH + value: "{{ .Values.config.serverSSLTrustStorePath }}" + - name: SERVER_SSL_TRUST_PASSWORD + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml index 14a937fe00..fee95ba42e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml @@ -28,13 +28,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} + - port: {{ template "wfd-be.internalPort" . }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} + name: {{ .Values.service.portName }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} + - port: {{ if .Values.config.serverSslEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} + targetPort: {{ template "wfd-be.internalPort" . }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 0a250e4fce..68f487674d 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,13 +28,10 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.5.1 -configInitImage: onap/workflow-init:1.5.1 +image: onap/workflow-backend:1.6.0 +configInitImage: onap/workflow-init:1.6.0 pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - initJob: enabled: true @@ -43,17 +40,21 @@ config: cassandraAuthenticationEnabled: true cassandraThriftClientPort: 9160 cassandraClientPort: 9042 - sdcProtocol: HTTP - sdcEndpoint: sdc-be:8080 + + sdcProtocol: HTTPS + sdcEndpoint: sdc-be:8443 sdcExternalUser: workflow - sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - serverSSLEnabled: false + + serverSSLEnabled: true + serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /etc/server-https-keystore/keystore - serverSSLKeyPassword: password + serverSSLKeyStorePath: /etc/keystore + + serverSSLTrustStoreType: jks + serverSSLTrustStorePath: /etc/truststore + cassandraSSLEnabled: false - cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore - cassandraTrustStorePassword: password + cassandraTrustStorePath: /etc/truststore # default number of instances replicaCount: 1 @@ -76,16 +77,23 @@ readiness: service: type: NodePort + portName: sdc-wfd-be internalPort: 8080 externalPort: 8080 internalPort2: 8443 externalPort2: 8443 - portName: sdc-wfd-be - nodePort: "57" + nodePort: "57" # only one node port. set to http or https port depending on isHttpsEnabled property + ingress: enabled: false - + service: + - baseaddr: "sdcwfdbe" + name: "sdc-wfd-be" + port: 8443 + config: + ssl: "redirect" + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl new file mode 100644 index 0000000000..546bab7ddf --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl @@ -0,0 +1 @@ +{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index 0be06f3985..08ecaa6daa 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -50,18 +50,17 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ template "wfd-fe.internalPort" . }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -75,41 +74,19 @@ spec: value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: KEYSTORE_PASS - {{- if .Values.global.security.keysFromCa }} valueFrom: - secretKeyRef: - name: mft-sdc - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.keyStorePass}} - {{- end }} + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password} - name: TRUSTSTORE_PASS - {{- if .Values.global.security.keysFromCa }} valueFrom: - secretKeyRef: - name: mft-catruststore - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.trustStorePass}} - {{- end }} + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password} - name: TRUSTSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" - name: KEYSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" - - name: TRUSTSTORE_TYPE - value: {{ .Values.security.truststore.type }} - - name: KEYSTORE_TYPE - value: {{ .Values.security.keystore.type }} + - name: TRUST_ALL + value: "{{ .Values.config.isTrustAll}}" {{ end }} volumeMounts: - {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - - name: {{ include "common.fullname" . }}-jetty-https-truststore - mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} - subPath: {{ .Values.security.truststoreFilename }} - - name: {{ include "common.fullname" . }}-jetty-https-keystore - mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} - subPath: {{ .Values.security.keystoreFilename }} - {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -123,7 +100,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml index e10de6df20..8f87c68f1e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml @@ -1,59 +1 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{- define "rules.wf" -}} -- http: - paths: - - path: /workflows/ - backend: - serviceName: {{.Values.service.name}} - servicePort: {{.Values.service.internalPort}} -{{- end -}} - -{{- if .Values.ingress.enabled }} - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ include "common.fullname" . }}-ingress - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - rules: -{{- if .Values.ingress.hosts}} -{{- range .Values.ingress.hosts}} -{{- include "rules.wf" $ | nindent 2}} -{{- if .}} - host: {{. | quote}} -{{- end}} -{{- end}} - tls: - - hosts: -{{- range .Values.ingress.hosts}} -{{- if .}} - - {{ . | quote }} -{{- end}} -{{- end }} -{{- else}} -{{- include "rules.wf" . | nindent 2}} -{{- end}} -{{ end }} +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml index 87ca3607d7..d8a105513a 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml @@ -29,7 +29,7 @@ metadata: "version": "v1", "url": "/", "protocol": "UI", - "port": "{{ .Values.service.internalPort }}", + "port": "{{ .Values.service.internalPort2 }}", "visualRange":"0|1" } ]' @@ -37,19 +37,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} + - port: {{ template "wfd-fe.internalPort" . }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 | default "https" }} + name: {{ .Values.service.portName }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 | default "https" }} + - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} + targetPort: {{ template "wfd-fe.internalPort" . }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 91cdead023..fc30297885 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.5.1 +image: onap/workflow-frontend:1.6.0 pullPolicy: Always # flag to enable debugging - application support required @@ -36,16 +36,15 @@ debugEnabled: false config: javaOptions: "-Xmx256m -Xms256m" - backendServerURL: "http://sdc-wfd-be:8080" + backendServerURL: "https://sdc-wfd-be:8443" isHttpsEnabled: true - + # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties + isTrustAll: true # https relevant settings. Change in case you have other trust files then default ones. security: - isDefaultStore: true - truststoreType: "JKS" - keystoreType: "JKS" - truststoreFilename: "truststore" - keystoreFilename: "keystore" + isDefaultStore: false + truststoreFilename: "org.onap.sdc.trust.jks" + keystoreFilename: "org.onap.sdc.p12" storePath: "etc" # default number of instances @@ -71,25 +70,24 @@ service: type: NodePort internalPort: 8080 externalPort: 8080 - portName: sdc-wfd-fe - nodePort: "56" - portName2: sdc-wfd-fe2 internalPort2: 8443 externalPort2: 8443 - nodePort2: "31" + portName: sdc-wfd-fe + nodePort: "56" # only one node port. set to http or https port depending on isHttpsEnabled property ingress: enabled: false - hosts: ~ + service: + - baseaddr: "sdcwfdfe" + name: "sdc-wfd-fe" + port: 8443 annotations: ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/rewrite-target: /workflows/ - nginx.ingress.kubernetes.io/server-snippet: | - underscores_in_headers on; + nginx.ingress.kubernetes.io/rewrite-target: "/workflows/" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/sdc/templates/secrets.yaml b/kubernetes/sdc/templates/secrets.yaml index b3470e2ea2..1f59ab27c1 100644 --- a/kubernetes/sdc/templates/secrets.yaml +++ b/kubernetes/sdc/templates/secrets.yaml @@ -30,3 +30,9 @@ data: sdc_password: "{{ .Values.global.secrets.sdc_password }}" #default user: cs_password: "{{ .Values.global.secrets.cs_password }}" + cs_truststore_password: "{{ .Values.global.secrets.cs_truststore_password }}" + # ssl - stores + truststore_password: "{{ .Values.global.secrets.truststore_password }}" + keystore_password: "{{ .Values.global.secrets.keystore_password }}" + # workflow + wf_external_user_password: "{{ .Values.global.secrets.wf_external_user_password }}" \ No newline at end of file diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index cafa59ad77..a7006bc56c 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -22,6 +22,10 @@ global: sdc_password: QWExMjM0JV4h #Should be the password of shared cassandra instance/chart cs_password: Y2Fzc2FuZHJh + cs_truststore_password: XS5dW3hndHplXWhCaHoqd3ldfW0jbGYq + truststore_password: XS5dW3hndHplXWhCaHoqd3ldfW0jbGYq + keystore_password: IXBwSi5KdlduMGhHaClvVkZdKFtLdile + wf_external_user_password: S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ== ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 cassandra: diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index 1e2d74aa15..4965d96908 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-dmaap-listener-image:1.7.3 +image: onap/sdnc-dmaap-listener-image:1.7.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index d681807040..db7c63cfa4 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ansible-server-image:1.7.3 +image: onap/sdnc-ansible-server-image:1.7.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json index 28da59ea29..8560ca1acc 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json @@ -2,9 +2,9 @@ "MainMenu": "gamma", "dbConnLimit": "100", "home": "/opt/admportal", - "sslEnabled": "false", - "nonSslPort": "{{.Values.service.internalPort}}", - "ConexusNetworkPort": "8443", + "sslEnabled": "true", + "nonSslPort": "8543", + "ConexusNetworkPort": "{{.Values.service.internalPort}}", "AppNetworkPort": "8543", "clusterPort": "8443", "serviceHomingServiceType": "SDN-ETHERNET-INTERNET", @@ -45,8 +45,8 @@ "odlConexusPort": "8181", "odlUser": "admin", "odlPasswd": "{{.Values.config.odlPassword}}", - "ConexusNetwork_sslCert": "", - "ConexusNetwork_sslKey": "", + "ConexusNetwork_sslCert": "{{.Values.config.storesDir}}/org.onap.sdnc.p12", + "ConexusNetwork_sslKey": "{{.Values.config.keystorePwd}}", "AppNetwork_sslCert": "", "AppNetwork_sslKey": "", "hostnameList": [ diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index 28db0d5836..7ff000e8cb 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.7.3 +image: onap/admportal-sdnc-image:1.7.6 config: dbRootPassword: secretpassword dbSdnctlPassword: gamma @@ -35,14 +35,14 @@ config: configDir: /opt/onap/sdnc/data/properties storesDir: /opt/onap/sdnc/data/stores odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - keystorePwd: ?w5&!M;8v1XF;:Xd;g*%S$IY + keystorePwd: ff^G9D]yf&r}Ktum@BJ0YB?N mariadbGalera: chartName: mariadb-galera serviceName: mariadb-galera internalPort: 3306 # default number of instances -replicaCount: 1 +replicaCount: 0 nodeSelector: {} diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index 352069d3d5..b4b42fdbc5 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ueb-listener-image:1.7.3 +image: onap/sdnc-ueb-listener-image:1.7.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index 5586ebbca6..5f5f811fd0 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -120,6 +120,7 @@ SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} +SDNC_AAF_ENABLED=${SDNC_AAF_ENABLED:-false} SDNRWT=${SDNRWT:-false} SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} export ODL_ADMIN_PASSWORD ODL_ADMIN_USERNAME @@ -128,8 +129,24 @@ echo "Settings:" echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" echo " SDNC_REPLICAS=$SDNC_REPLICAS" echo " SDNRWT=$SDNRWT" - - +echo " AAF_ENABLED=$SDNC_AAF_ENABLED" + + +if $SDNC_AAF_ENABLED; then + export SDNC_STORE_DIR=/opt/app/osaaf/local + export SDNC_CONFIG_DIR=/opt/app/osaaf/local + export SDNC_KEYPASS=`cat /opt/app/osaaf/local/.pass` + export SDNC_KEYSTORE=org.onap.sdnc.p12 + sed -i '/cadi_prop_files/d' $ODL_HOME/etc/system.properties + echo "cadi_prop_files=$SDNC_CONFIG_DIR/org.onap.sdnc.props" >> $ODL_HOME/etc/system.properties + + sed -i '/org.ops4j.pax.web.ssl.keystore/d' $ODL_HOME/etc/custom.properties + sed -i '/org.ops4j.pax.web.ssl.password/d' $ODL_HOME/etc/custom.properties + sed -i '/org.ops4j.pax.web.ssl.keypassword/d' $ODL_HOME/etc/custom.properties + echo org.ops4j.pax.web.ssl.keystore=$SDNC_STORE_DIR/$SDNC_KEYSTORE >> $ODL_HOME/etc/custom.properties + echo org.ops4j.pax.web.ssl.password=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties + echo org.ops4j.pax.web.ssl.keypassword=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties +fi if [ ! -f ${SDNC_HOME}/.installed ] then diff --git a/kubernetes/sdnc/resources/env.yaml b/kubernetes/sdnc/resources/env.yaml index 2ad42f79a6..6e38ae99d6 100644 --- a/kubernetes/sdnc/resources/env.yaml +++ b/kubernetes/sdnc/resources/env.yaml @@ -12,6 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +SDNC_AAF_ENABLED: "{{ .Values.global.aafEnabled }}" SDNC_GEO_ENABLED: "{{ .Values.config.geoEnabled }}" SDNC_IS_PRIMARY_CLUSTER: "{{ .Values.config.isPrimaryCluster }}" SDNC_ODL_COUNT: "{{ .Values.replicaCount }}" diff --git a/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml b/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml index d457bd8f98..78cd1865e9 100644 --- a/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml +++ b/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml @@ -89,7 +89,11 @@ spec: name: {{ include "common.fullname" . }}-scripts defaultMode: 0755 - name: core-dns-keyfile - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: {{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/mariadb/templates/pv.yaml b/kubernetes/sdnc/sdnc-prom/templates/pv.yaml similarity index 79% rename from kubernetes/policy/charts/mariadb/templates/pv.yaml rename to kubernetes/sdnc/sdnc-prom/templates/pv.yaml index bf372b3744..ccd990ffb1 100644 --- a/kubernetes/policy/charts/mariadb/templates/pv.yaml +++ b/kubernetes/sdnc/sdnc-prom/templates/pv.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,25 +13,27 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size }} + storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/pvc.yaml b/kubernetes/sdnc/sdnc-prom/templates/pvc.yaml similarity index 78% rename from kubernetes/common/mariadb-galera/templates/pvc.yaml rename to kubernetes/sdnc/sdnc-prom/templates/pvc.yaml index e27c3311e9..64e96218ed 100644 --- a/kubernetes/common/mariadb-galera/templates/pvc.yaml +++ b/kubernetes/sdnc/sdnc-prom/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -25,24 +24,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: {{ include "common.storageClass" . }} {{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/sdnc/templates/ingress.yaml b/kubernetes/sdnc/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdnc/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdnc/templates/pv-certs.yaml b/kubernetes/sdnc/templates/pv-certs.yaml new file mode 100644 index 0000000000..54266d1c52 --- /dev/null +++ b/kubernetes/sdnc/templates/pv-certs.yaml @@ -0,0 +1,38 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{ if .Values.certpersistence.enabled }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-certs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-certs +spec: + capacity: + storage: {{ .Values.certpersistence.size }} + accessModes: + - {{ .Values.certpersistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-certs" + persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Release.Name }}/{{ .Values.certpersistence.mountSubPath }} +{{ end }} diff --git a/kubernetes/sdnc/templates/pv-data.yaml b/kubernetes/sdnc/templates/pv-data.yaml new file mode 100644 index 0000000000..a6324e4545 --- /dev/null +++ b/kubernetes/sdnc/templates/pv-data.yaml @@ -0,0 +1,46 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdnc/templates/pv.yaml b/kubernetes/sdnc/templates/pv.yaml deleted file mode 100644 index 5a6566a80b..0000000000 --- a/kubernetes/sdnc/templates/pv.yaml +++ /dev/null @@ -1,116 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{ $pvNum := default 1 .Values.replicaCount | int }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mdsal0 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mdsal" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 -{{ if gt $pvNum 1 }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mdsal1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mdsal" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 -{{ end }} -{{ if gt $pvNum 2 }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mdsal2 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mdsal" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2 -{{ end }} -{{- end -}} -{{ if .Values.certpersistence.enabled }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-pv-certs - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-pv-certs - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-certs -spec: - capacity: - storage: {{ .Values.certpersistence.size }} - accessModes: - - {{ .Values.certpersistence.accessMode }} -{{- if .Values.certpersistence.storageClass }} -{{- if (eq "-" .Values.certpersistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.certpersistence.storageClass }}" -{{- end }} -{{- end }} - persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Values.certpersistence.mountSubPath }} -{{ end }} - - - diff --git a/kubernetes/sdnc/templates/pvc.yaml b/kubernetes/sdnc/templates/pvc.yaml index aa9515b6b5..21c2dbc8cc 100644 --- a/kubernetes/sdnc/templates/pvc.yaml +++ b/kubernetes/sdnc/templates/pvc.yaml @@ -2,31 +2,27 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" .}}-pvc-certs + name: {{ include "common.fullname" .}}-certs namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }}-pvc-certs + app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-certs {{- if .Values.certpersistence.annotations }} annotations: {{ toYaml .Values.certpersistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-pv-certs accessModes: - {{ .Values.certpersistence.accessMode }} resources: requests: storage: {{ .Values.certpersistence.size }} -{{- if .Values.certpersistence.storageClass }} -{{- if (eq "-" .Values.certpersistence.storageClass) }} - storageClassName: "" +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-certs" {{- else }} - storageClassName: "{{ .Values.certpersistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file + storageClassName: {{ include "common.storageClass" . }} + {{- end }} +{{- end -}} diff --git a/kubernetes/sdnc/templates/secret-aaf.yaml b/kubernetes/sdnc/templates/secret-aaf.yaml new file mode 100644 index 0000000000..cd2e539b28 --- /dev/null +++ b/kubernetes/sdnc/templates/secret-aaf.yaml @@ -0,0 +1,15 @@ +{{ if .Values.global.aafEnabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + aaf-password: {{ .Values.aaf_init.deploy_pass | b64enc | quote }} +{{ end }} diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index db6d73a3c5..d2136ccb0b 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -40,6 +40,9 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} + {{ if not .Values.global.aafEnabled }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ end }} name: "{{ .Values.service.portName }}-8282" - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} @@ -50,7 +53,9 @@ spec: name: "{{ .Values.service.portName }}-8280" - port: {{ .Values.service.externalPort4 }} targetPort: {{ .Values.service.internalPort4 }} + {{ if .Values.global.aafEnabled }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ end }} name: "{{ .Values.service.portName }}-8443" {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index e3ac50fc61..536eaaf552 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -46,13 +46,66 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + name: {{ include "common.name" . }}-readiness + {{ if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-aaf-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-aaf + image: {{ .Values.global.repository }}/{{ .Values.aaf_init.agentImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.certpersistence.certPath }} + name: {{ include "common.fullname" . }}-certs + command: + - bash + - -c + - | + /opt/app/aaf_config/bin/agent.sh && + cd /opt/app/osaaf/local && + /opt/app/aaf_config/bin/agent.sh local showpass | grep cadi_keystore_password= | cut -d= -f 2 > /opt/app/osaaf/local/.pass 2>&1 + env: + - name: APP_FQI + value: "{{ .Values.aaf_init.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:8095" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aaf_init.fqdn }}" + - name: aaf_locator_app_ns + value: "{{ .Values.aaf_init.app_ns }}" + - name: DEPLOY_FQI + value: "{{ .Values.aaf_init.deploy_fqi }}" + - name: DEPLOY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" .}}-aaf + key: aaf-password + - name: cadi_longitude + value: "{{ .Values.aaf_init.cadi_longitude }}" + - name: cadi_latitude + value: "{{ .Values.aaf_init.cadi_latitude }}" + {{ end }} - name: {{ include "common.name" . }}-chown image: "busybox" command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"] volumeMounts: - mountPath: {{ .Values.persistence.mdsalPath }} - name: {{ include "common.fullname" . }}-mdsal + name: {{ include "common.fullname" . }}-data - mountPath: {{ .Values.certpersistence.certPath }} name: {{ include "common.fullname" . }}-certs containers: @@ -99,6 +152,8 @@ spec: value: "{{ .Values.config.isPrimaryCluster }}" - name: GEO_ENABLED value: "{{ .Values.config.geoEnabled}}" + - name: SDNC_AAF_ENABLED + value: "{{ .Values.global.aafEnabled}}" - name: SDNC_REPLICAS value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST @@ -140,7 +195,7 @@ spec: name: properties subPath: blueprints-processor-adaptor.properties - mountPath: {{ .Values.persistence.mdsalPath }} - name: {{ include "common.fullname" . }}-mdsal + name: {{ include "common.fullname" . }}-data - mountPath: /var/log/onap name: logs - mountPath: {{ .Values.certpersistence.certPath }} @@ -204,26 +259,27 @@ spec: - name: {{ include "common.fullname" . }}-certs {{ if .Values.certpersistence.enabled }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-pvc-certs + claimName: {{ include "common.fullname" . }}-certs {{ else }} emptyDir: {} {{ end }} {{ if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-mdsal + - name: {{ include "common.fullname" . }}-data emptyDir: {} {{ else }} volumeClaimTemplates: - metadata: - name: {{ include "common.fullname" . }}-mdsal + name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-mdsal + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} - {{ end }} + {{- end }} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index e0dc1302b2..4447a7dfaa 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -25,6 +25,7 @@ global: loggingImage: beats/filebeat:5.5.0 persistence: mountPath: /dockerdata-nfs + aafEnabled: true ################################################################# # Application configuration defaults. @@ -32,7 +33,7 @@ global: # application images repository: nexus3.onap.org:10001 pullPolicy: Always -image: onap/sdnc-image:1.7.3 +image: onap/sdnc-image:1.7.6 # flag to enable debugging - application support required @@ -102,6 +103,17 @@ config: internalPort: 3306 # dependency / sub-chart configuration +aaf_init: + agentImage: onap/aaf/aaf_agent:2.1.15 + app_ns: "org.osaaf.aaf" + fqi: "sdnc@sdnc.onap.org" + fqdn: "sdnc" + public_fqdn: "sdnc.onap.org" + deploy_fqi: "deployer@people.osaaf.org" + deploy_pass: "demo123456!" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + cds: enabled: false @@ -250,11 +262,17 @@ certpersistence: size: 50Mi mountPath: /dockerdata-nfs mountSubPath: sdnc/certs - certPath: /opt/opendaylight/current/certs + certPath: /opt/app/osaaf ##storageClass: "manual" ingress: enabled: false + service: + - baseaddr: "sdnc" + name: "sdnc" + port: 8443 + config: + ssl: "redirect" #Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index d1f23e9a10..5930b5d5be 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -360,7 +360,7 @@ spring: so: vnfm: adapter: - url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ auth: Basic dm5mbTpwYXNzd29yZDEk org: onap: diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index 89b0eb4183..a7925b79e5 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.5.2 +image: onap/so/bpmn-infra:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index b643c4ae9e..2ea2cffe27 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -58,6 +58,8 @@ cloud_config: tenant_metadata: true identity_server_type: "KEYSTONE" identity_authentication_type: "RACKSPACE_APIKEY" + project_domain_name: "PROJECT_DOMAIN_NAME" + user_domain_name: "USER_DOMAIN_NAME" DEFAULT_KEYSTONE: identity_url: "{{ .Values.config.openStackKeyStoneUrl }}" mso_id: "{{ .Values.config.openStackUserName }}" @@ -67,6 +69,8 @@ cloud_config: tenant_metadata: true identity_server_type: "KEYSTONE" identity_authentication_type: "USERNAME_PASSWORD" + project_domain_name: "{{ .Values.config.openStackProjectDomainName }}" + user_domain_name: "{{ .Values.config.openStackUserDomainName }}" cloud_sites: Dallas: region_id: "DFW" diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index 57b7fe50b2..4685fd166a 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.5.2 +image: onap/so/catalog-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 @@ -81,6 +81,8 @@ config: openStackServiceTenantName: "service" openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" openStackTenantId: "d570c718cbc545029f40e50b75eb13df" + openStackProjectDomainName: "openStackProjectDomainName" + openStackUserDomainName: "openStackUserDomainName" nodeSelector: {} tolerations: [] affinity: {} diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh new file mode 100755 index 0000000000..b6d30e405b --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating camundabpmn database . . ." 1>/tmp/mariadb-camundabpmn.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP DATABASE IF EXISTS `camundabpmn`; +CREATE DATABASE `camundabpmn`; +DROP USER IF EXISTS 'camundauser'; +CREATE USER 'camundauser'; +GRANT ALL on camundabpmn.* to 'camundauser' identified by 'camunda123' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +cd /docker-entrypoint-initdb.d/db-sql-scripts + +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_engine_7.10.0.sql || exit 1 +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_identity_7.10.0.sql || exit 1 + +echo "Created camundabpmn database . . ." 1>>/tmp/mariadb-camundabpmn.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/02-create-requestdb.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/02-create-requestdb.sh new file mode 100755 index 0000000000..b27760552d --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/02-create-requestdb.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating requestdb database . . ." 1>/tmp/mariadb-requestdb.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP DATABASE IF EXISTS `requestdb`; +CREATE DATABASE /*!32312 IF NOT EXISTS*/ `requestdb` /*!40100 DEFAULT CHARACTER SET latin1 */; +DROP USER IF EXISTS 'requestuser'; +CREATE USER 'requestuser'; +GRANT ALL on requestdb.* to 'requestuser' identified by 'request123' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created requestdb database . . ." 1>>/tmp/mariadb-requestdb.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/03-create-catalogdb.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/03-create-catalogdb.sh new file mode 100755 index 0000000000..10fb4b18db --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/03-create-catalogdb.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating catalogdb database . . ." 1>/tmp/mariadb-catalogdb.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP DATABASE IF EXISTS `catalogdb`; +CREATE DATABASE /*!32312 IF NOT EXISTS*/ `catalogdb` /*!40100 DEFAULT CHARACTER SET latin1 */; +DROP USER IF EXISTS 'cataloguser'; +CREATE USER 'cataloguser'; +GRANT ALL on catalogdb.* to 'cataloguser' identified by 'catalog123' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created catalogdb database . . ." 1>>/tmp/mariadb-catalogdb.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/04-create-so-user.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/04-create-so-user.sh new file mode 100755 index 0000000000..9c96720775 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/04-create-so-user.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating so user . . ." 1>/tmp/mariadb-so-user.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP USER IF EXISTS 'so_user'; +CREATE USER 'so_user'; +GRANT USAGE ON *.* TO 'so_user'@'%' IDENTIFIED BY 'so_User123'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `requestdb`.* TO 'so_user'@'%'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `catalogdb`.* TO 'so_user'@'%'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `camundabpmn`.* TO 'so_user'@'%'; +FLUSH PRIVILEGES; +EOF + +echo "Created so user . . ." 1>>/tmp/mariadb-so-user.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-so-admin.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-so-admin.sh new file mode 100755 index 0000000000..6eb3baaffa --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-so-admin.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating so admin user . . ." 1>/tmp/mariadb-so-admin.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP USER IF EXISTS 'so_admin'; +CREATE USER 'so_admin'; +GRANT USAGE ON *.* TO 'so_admin'@'%' IDENTIFIED BY 'so_Admin123'; +GRANT ALL PRIVILEGES ON `camundabpmn`.* TO 'so_admin'@'%' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON `requestdb`.* TO 'so_admin'@'%' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON `catalogdb`.* TO 'so_admin'@'%' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created so admin user . . ." 1>>/tmp/mariadb-so-admin.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql new file mode 100644 index 0000000000..41377fb9eb --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql @@ -0,0 +1,1299 @@ +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +use camundabpmn; + +create table ACT_GE_PROPERTY ( + NAME_ varchar(64), + VALUE_ varchar(300), + REV_ integer, + primary key (NAME_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +insert into ACT_GE_PROPERTY +values ('schema.version', 'fox', 1); + +insert into ACT_GE_PROPERTY +values ('schema.history', 'create(fox)', 1); + +insert into ACT_GE_PROPERTY +values ('next.dbid', '1', 1); + +insert into ACT_GE_PROPERTY +values ('deployment.lock', '0', 1); + +insert into ACT_GE_PROPERTY +values ('history.cleanup.job.lock', '0', 1); + +insert into ACT_GE_PROPERTY +values ('startup.lock', '0', 1); + +create table ACT_GE_BYTEARRAY ( + ID_ varchar(64), + REV_ integer, + NAME_ varchar(255), + DEPLOYMENT_ID_ varchar(64), + BYTES_ LONGBLOB, + GENERATED_ TINYINT, + TENANT_ID_ varchar(64), + TYPE_ integer, + CREATE_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RE_DEPLOYMENT ( + ID_ varchar(64), + NAME_ varchar(255), + DEPLOY_TIME_ timestamp(3), + SOURCE_ varchar(255), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_EXECUTION ( + ID_ varchar(64), + REV_ integer, + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + BUSINESS_KEY_ varchar(255), + PARENT_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + SUPER_EXEC_ varchar(64), + SUPER_CASE_EXEC_ varchar(64), + CASE_INST_ID_ varchar(64), + ACT_ID_ varchar(255), + ACT_INST_ID_ varchar(64), + IS_ACTIVE_ TINYINT, + IS_CONCURRENT_ TINYINT, + IS_SCOPE_ TINYINT, + IS_EVENT_SCOPE_ TINYINT, + SUSPENSION_STATE_ integer, + CACHED_ENT_STATE_ integer, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_JOB ( + ID_ varchar(64) NOT NULL, + REV_ integer, + TYPE_ varchar(255) NOT NULL, + LOCK_EXP_TIME_ timestamp(3) NULL, + LOCK_OWNER_ varchar(255), + EXCLUSIVE_ boolean, + EXECUTION_ID_ varchar(64), + PROCESS_INSTANCE_ID_ varchar(64), + PROCESS_DEF_ID_ varchar(64), + PROCESS_DEF_KEY_ varchar(255), + RETRIES_ integer, + EXCEPTION_STACK_ID_ varchar(64), + EXCEPTION_MSG_ varchar(4000), + DUEDATE_ timestamp(3) NULL, + REPEAT_ varchar(255), + HANDLER_TYPE_ varchar(255), + HANDLER_CFG_ varchar(4000), + DEPLOYMENT_ID_ varchar(64), + SUSPENSION_STATE_ integer NOT NULL DEFAULT 1, + JOB_DEF_ID_ varchar(64), + PRIORITY_ bigint NOT NULL DEFAULT 0, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_JOBDEF ( + ID_ varchar(64) NOT NULL, + REV_ integer, + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + ACT_ID_ varchar(255), + JOB_TYPE_ varchar(255) NOT NULL, + JOB_CONFIGURATION_ varchar(255), + SUSPENSION_STATE_ integer, + JOB_PRIORITY_ bigint, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RE_PROCDEF ( + ID_ varchar(64) not null, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) not null, + VERSION_ integer not null, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + HAS_START_FORM_KEY_ TINYINT, + SUSPENSION_STATE_ integer, + TENANT_ID_ varchar(64), + VERSION_TAG_ varchar(64), + HISTORY_TTL_ integer, + STARTABLE_ boolean NOT NULL default TRUE, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_TASK ( + ID_ varchar(64), + REV_ integer, + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_DEF_ID_ varchar(64), + NAME_ varchar(255), + PARENT_TASK_ID_ varchar(64), + DESCRIPTION_ varchar(4000), + TASK_DEF_KEY_ varchar(255), + OWNER_ varchar(255), + ASSIGNEE_ varchar(255), + DELEGATION_ varchar(64), + PRIORITY_ integer, + CREATE_TIME_ timestamp(3), + DUE_DATE_ datetime(3), + FOLLOW_UP_DATE_ datetime(3), + SUSPENSION_STATE_ integer, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_IDENTITYLINK ( + ID_ varchar(64), + REV_ integer, + GROUP_ID_ varchar(255), + TYPE_ varchar(255), + USER_ID_ varchar(255), + TASK_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_VARIABLE ( + ID_ varchar(64) not null, + REV_ integer, + TYPE_ varchar(255) not null, + NAME_ varchar(255) not null, + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + TASK_ID_ varchar(64), + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + VAR_SCOPE_ varchar(64) not null, + SEQUENCE_COUNTER_ bigint, + IS_CONCURRENT_LOCAL_ TINYINT, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_EVENT_SUBSCR ( + ID_ varchar(64) not null, + REV_ integer, + EVENT_TYPE_ varchar(255) not null, + EVENT_NAME_ varchar(255), + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + ACTIVITY_ID_ varchar(255), + CONFIGURATION_ varchar(255), + CREATED_ timestamp(3) not null, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_INCIDENT ( + ID_ varchar(64) not null, + REV_ integer not null, + INCIDENT_TIMESTAMP_ timestamp(3) not null, + INCIDENT_MSG_ varchar(4000), + INCIDENT_TYPE_ varchar(255) not null, + EXECUTION_ID_ varchar(64), + ACTIVITY_ID_ varchar(255), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + CAUSE_INCIDENT_ID_ varchar(64), + ROOT_CAUSE_INCIDENT_ID_ varchar(64), + CONFIGURATION_ varchar(255), + TENANT_ID_ varchar(64), + JOB_DEF_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_AUTHORIZATION ( + ID_ varchar(64) not null, + REV_ integer not null, + TYPE_ integer not null, + GROUP_ID_ varchar(255), + USER_ID_ varchar(255), + RESOURCE_TYPE_ integer not null, + RESOURCE_ID_ varchar(255), + PERMS_ integer, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_FILTER ( + ID_ varchar(64) not null, + REV_ integer not null, + RESOURCE_TYPE_ varchar(255) not null, + NAME_ varchar(255) not null, + OWNER_ varchar(255), + QUERY_ LONGTEXT not null, + PROPERTIES_ LONGTEXT, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_METER_LOG ( + ID_ varchar(64) not null, + NAME_ varchar(64) not null, + REPORTER_ varchar(255), + VALUE_ bigint, + TIMESTAMP_ timestamp(3), + MILLISECONDS_ bigint DEFAULT 0, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_EXT_TASK ( + ID_ varchar(64) not null, + REV_ integer not null, + WORKER_ID_ varchar(255), + TOPIC_NAME_ varchar(255), + RETRIES_ integer, + ERROR_MSG_ varchar(4000), + ERROR_DETAILS_ID_ varchar(64), + LOCK_EXP_TIME_ timestamp(3) NULL, + SUSPENSION_STATE_ integer, + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + ACT_ID_ varchar(255), + ACT_INST_ID_ varchar(64), + TENANT_ID_ varchar(64), + PRIORITY_ bigint NOT NULL DEFAULT 0, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_BATCH ( + ID_ varchar(64) not null, + REV_ integer not null, + TYPE_ varchar(255), + TOTAL_JOBS_ integer, + JOBS_CREATED_ integer, + JOBS_PER_SEED_ integer, + INVOCATIONS_PER_JOB_ integer, + SEED_JOB_DEF_ID_ varchar(64), + BATCH_JOB_DEF_ID_ varchar(64), + MONITOR_JOB_DEF_ID_ varchar(64), + SUSPENSION_STATE_ integer, + CONFIGURATION_ varchar(255), + TENANT_ID_ varchar(64), + CREATE_USER_ID_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create index ACT_IDX_EXEC_ROOT_PI on ACT_RU_EXECUTION(ROOT_PROC_INST_ID_); +create index ACT_IDX_EXEC_BUSKEY on ACT_RU_EXECUTION(BUSINESS_KEY_); +create index ACT_IDX_EXEC_TENANT_ID on ACT_RU_EXECUTION(TENANT_ID_); +create index ACT_IDX_TASK_CREATE on ACT_RU_TASK(CREATE_TIME_); +create index ACT_IDX_TASK_ASSIGNEE on ACT_RU_TASK(ASSIGNEE_); +create index ACT_IDX_TASK_TENANT_ID on ACT_RU_TASK(TENANT_ID_); +create index ACT_IDX_IDENT_LNK_USER on ACT_RU_IDENTITYLINK(USER_ID_); +create index ACT_IDX_IDENT_LNK_GROUP on ACT_RU_IDENTITYLINK(GROUP_ID_); +create index ACT_IDX_EVENT_SUBSCR_CONFIG_ on ACT_RU_EVENT_SUBSCR(CONFIGURATION_); +create index ACT_IDX_EVENT_SUBSCR_TENANT_ID on ACT_RU_EVENT_SUBSCR(TENANT_ID_); +create index ACT_IDX_VARIABLE_TASK_ID on ACT_RU_VARIABLE(TASK_ID_); +create index ACT_IDX_VARIABLE_TENANT_ID on ACT_RU_VARIABLE(TENANT_ID_); +create index ACT_IDX_ATHRZ_PROCEDEF on ACT_RU_IDENTITYLINK(PROC_DEF_ID_); +create index ACT_IDX_INC_CONFIGURATION on ACT_RU_INCIDENT(CONFIGURATION_); +create index ACT_IDX_INC_TENANT_ID on ACT_RU_INCIDENT(TENANT_ID_); +-- CAM-5914 +create index ACT_IDX_JOB_EXECUTION_ID on ACT_RU_JOB(EXECUTION_ID_); +-- this index needs to be limited in mariadb see CAM-6938 +create index ACT_IDX_JOB_HANDLER on ACT_RU_JOB(HANDLER_TYPE_(100),HANDLER_CFG_(155)); +create index ACT_IDX_JOB_PROCINST on ACT_RU_JOB(PROCESS_INSTANCE_ID_); +create index ACT_IDX_JOB_TENANT_ID on ACT_RU_JOB(TENANT_ID_); +create index ACT_IDX_JOBDEF_TENANT_ID on ACT_RU_JOBDEF(TENANT_ID_); + +-- new metric milliseconds column +CREATE INDEX ACT_IDX_METER_LOG_MS ON ACT_RU_METER_LOG(MILLISECONDS_); +CREATE INDEX ACT_IDX_METER_LOG_NAME_MS ON ACT_RU_METER_LOG(NAME_, MILLISECONDS_); +CREATE INDEX ACT_IDX_METER_LOG_REPORT ON ACT_RU_METER_LOG(NAME_, REPORTER_, MILLISECONDS_); + +-- old metric timestamp column +CREATE INDEX ACT_IDX_METER_LOG_TIME ON ACT_RU_METER_LOG(TIMESTAMP_); +CREATE INDEX ACT_IDX_METER_LOG ON ACT_RU_METER_LOG(NAME_, TIMESTAMP_); + +create index ACT_IDX_EXT_TASK_TOPIC on ACT_RU_EXT_TASK(TOPIC_NAME_); +create index ACT_IDX_EXT_TASK_TENANT_ID on ACT_RU_EXT_TASK(TENANT_ID_); +create index ACT_IDX_EXT_TASK_PRIORITY ON ACT_RU_EXT_TASK(PRIORITY_); +create index ACT_IDX_EXT_TASK_ERR_DETAILS ON ACT_RU_EXT_TASK(ERROR_DETAILS_ID_); +create index ACT_IDX_AUTH_GROUP_ID ON ACT_RU_AUTHORIZATION(GROUP_ID_); +create index ACT_IDX_JOB_JOB_DEF_ID on ACT_RU_JOB(JOB_DEF_ID_); + +alter table ACT_GE_BYTEARRAY + add constraint ACT_FK_BYTEARR_DEPL + foreign key (DEPLOYMENT_ID_) + references ACT_RE_DEPLOYMENT (ID_); + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION (ID_) on delete cascade on update cascade; + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_PARENT + foreign key (PARENT_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_SUPER + foreign key (SUPER_EXEC_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_PROCDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF (ID_); + +alter table ACT_RU_IDENTITYLINK + add constraint ACT_FK_TSKASS_TASK + foreign key (TASK_ID_) + references ACT_RU_TASK (ID_); + +alter table ACT_RU_IDENTITYLINK + add constraint ACT_FK_ATHRZ_PROCEDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF(ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_PROCDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF (ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION(ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_BYTEARRAY + foreign key (BYTEARRAY_ID_) + references ACT_GE_BYTEARRAY (ID_); + +alter table ACT_RU_JOB + add constraint ACT_FK_JOB_EXCEPTION + foreign key (EXCEPTION_STACK_ID_) + references ACT_GE_BYTEARRAY (ID_); + +alter table ACT_RU_EVENT_SUBSCR + add constraint ACT_FK_EVENT_EXEC + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION(ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_PROCDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF (ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_CAUSE + foreign key (CAUSE_INCIDENT_ID_) + references ACT_RU_INCIDENT (ID_) on delete cascade on update cascade; + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_RCAUSE + foreign key (ROOT_CAUSE_INCIDENT_ID_) + references ACT_RU_INCIDENT (ID_) on delete cascade on update cascade; + +alter table ACT_RU_EXT_TASK + add constraint ACT_FK_EXT_TASK_ERROR_DETAILS + foreign key (ERROR_DETAILS_ID_) + references ACT_GE_BYTEARRAY (ID_); + +create index ACT_IDX_INC_JOB_DEF on ACT_RU_INCIDENT(JOB_DEF_ID_); +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_JOB_DEF + foreign key (JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +alter table ACT_RU_AUTHORIZATION + add constraint ACT_UNIQ_AUTH_USER + unique (USER_ID_,TYPE_,RESOURCE_TYPE_,RESOURCE_ID_); + +alter table ACT_RU_AUTHORIZATION + add constraint ACT_UNIQ_AUTH_GROUP + unique (GROUP_ID_,TYPE_,RESOURCE_TYPE_,RESOURCE_ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_UNIQ_VARIABLE + unique (VAR_SCOPE_, NAME_); + +alter table ACT_RU_EXT_TASK + add constraint ACT_FK_EXT_TASK_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +create index ACT_IDX_BATCH_SEED_JOB_DEF ON ACT_RU_BATCH(SEED_JOB_DEF_ID_); +alter table ACT_RU_BATCH + add constraint ACT_FK_BATCH_SEED_JOB_DEF + foreign key (SEED_JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +create index ACT_IDX_BATCH_MONITOR_JOB_DEF ON ACT_RU_BATCH(MONITOR_JOB_DEF_ID_); +alter table ACT_RU_BATCH + add constraint ACT_FK_BATCH_MONITOR_JOB_DEF + foreign key (MONITOR_JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +create index ACT_IDX_BATCH_JOB_DEF ON ACT_RU_BATCH(BATCH_JOB_DEF_ID_); +alter table ACT_RU_BATCH + add constraint ACT_FK_BATCH_JOB_DEF + foreign key (BATCH_JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +-- indexes for deadlock problems - https://app.camunda.com/jira/browse/CAM-2567 -- +create index ACT_IDX_INC_CAUSEINCID on ACT_RU_INCIDENT(CAUSE_INCIDENT_ID_); +create index ACT_IDX_INC_EXID on ACT_RU_INCIDENT(EXECUTION_ID_); +create index ACT_IDX_INC_PROCDEFID on ACT_RU_INCIDENT(PROC_DEF_ID_); +create index ACT_IDX_INC_PROCINSTID on ACT_RU_INCIDENT(PROC_INST_ID_); +create index ACT_IDX_INC_ROOTCAUSEINCID on ACT_RU_INCIDENT(ROOT_CAUSE_INCIDENT_ID_); +-- index for deadlock problem - https://app.camunda.com/jira/browse/CAM-4440 -- +create index ACT_IDX_AUTH_RESOURCE_ID on ACT_RU_AUTHORIZATION(RESOURCE_ID_); +-- index to prevent deadlock on fk constraint - https://app.camunda.com/jira/browse/CAM-5440 -- +create index ACT_IDX_EXT_TASK_EXEC on ACT_RU_EXT_TASK(EXECUTION_ID_); + +-- indexes to improve deployment +create index ACT_IDX_BYTEARRAY_ROOT_PI on ACT_GE_BYTEARRAY(ROOT_PROC_INST_ID_); +create index ACT_IDX_BYTEARRAY_RM_TIME on ACT_GE_BYTEARRAY(REMOVAL_TIME_); +create index ACT_IDX_BYTEARRAY_NAME on ACT_GE_BYTEARRAY(NAME_); +create index ACT_IDX_DEPLOYMENT_NAME on ACT_RE_DEPLOYMENT(NAME_); +create index ACT_IDX_DEPLOYMENT_TENANT_ID on ACT_RE_DEPLOYMENT(TENANT_ID_); +create index ACT_IDX_JOBDEF_PROC_DEF_ID ON ACT_RU_JOBDEF(PROC_DEF_ID_); +create index ACT_IDX_JOB_HANDLER_TYPE ON ACT_RU_JOB(HANDLER_TYPE_); +create index ACT_IDX_EVENT_SUBSCR_EVT_NAME ON ACT_RU_EVENT_SUBSCR(EVENT_NAME_); +create index ACT_IDX_PROCDEF_DEPLOYMENT_ID ON ACT_RE_PROCDEF(DEPLOYMENT_ID_); +create index ACT_IDX_PROCDEF_TENANT_ID ON ACT_RE_PROCDEF(TENANT_ID_); +create index ACT_IDX_PROCDEF_VER_TAG ON ACT_RE_PROCDEF(VERSION_TAG_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +-- create case definition table -- +create table ACT_RE_CASE_DEF ( + ID_ varchar(64) not null, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) not null, + VERSION_ integer not null, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + TENANT_ID_ varchar(64), + HISTORY_TTL_ integer, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create case execution table -- +create table ACT_RU_CASE_EXECUTION ( + ID_ varchar(64) NOT NULL, + REV_ integer, + CASE_INST_ID_ varchar(64), + SUPER_CASE_EXEC_ varchar(64), + SUPER_EXEC_ varchar(64), + BUSINESS_KEY_ varchar(255), + PARENT_ID_ varchar(64), + CASE_DEF_ID_ varchar(64), + ACT_ID_ varchar(255), + PREV_STATE_ integer, + CURRENT_STATE_ integer, + REQUIRED_ boolean, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create case sentry part table -- + +create table ACT_RU_CASE_SENTRY_PART ( + ID_ varchar(64) NOT NULL, + REV_ integer, + CASE_INST_ID_ varchar(64), + CASE_EXEC_ID_ varchar(64), + SENTRY_ID_ varchar(255), + TYPE_ varchar(255), + SOURCE_CASE_EXEC_ID_ varchar(64), + STANDARD_EVENT_ varchar(255), + SOURCE_ varchar(255), + VARIABLE_EVENT_ varchar(255), + VARIABLE_NAME_ varchar(255), + SATISFIED_ boolean, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create index on business key -- +create index ACT_IDX_CASE_EXEC_BUSKEY on ACT_RU_CASE_EXECUTION(BUSINESS_KEY_); + +-- https://app.camunda.com/jira/browse/CAM-9165 +create index ACT_IDX_CASE_EXE_CASE_INST on ACT_RU_CASE_EXECUTION(CASE_INST_ID_); + +-- create foreign key constraints on ACT_RU_CASE_EXECUTION -- +alter table ACT_RU_CASE_EXECUTION + add constraint ACT_FK_CASE_EXE_CASE_INST + foreign key (CASE_INST_ID_) + references ACT_RU_CASE_EXECUTION(ID_) on delete cascade on update cascade; + +alter table ACT_RU_CASE_EXECUTION + add constraint ACT_FK_CASE_EXE_PARENT + foreign key (PARENT_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_CASE_EXECUTION + add constraint ACT_FK_CASE_EXE_CASE_DEF + foreign key (CASE_DEF_ID_) + references ACT_RE_CASE_DEF(ID_); + +-- create foreign key constraints on ACT_RU_VARIABLE -- +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_CASE_EXE + foreign key (CASE_EXECUTION_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_CASE_INST + foreign key (CASE_INST_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +-- create foreign key constraints on ACT_RU_TASK -- +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_CASE_EXE + foreign key (CASE_EXECUTION_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_CASE_DEF + foreign key (CASE_DEF_ID_) + references ACT_RE_CASE_DEF(ID_); + +-- create foreign key constraints on ACT_RU_CASE_SENTRY_PART -- +alter table ACT_RU_CASE_SENTRY_PART + add constraint ACT_FK_CASE_SENTRY_CASE_INST + foreign key (CASE_INST_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_CASE_SENTRY_PART + add constraint ACT_FK_CASE_SENTRY_CASE_EXEC + foreign key (CASE_EXEC_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +create index ACT_IDX_CASE_DEF_TENANT_ID on ACT_RE_CASE_DEF(TENANT_ID_); +create index ACT_IDX_CASE_EXEC_TENANT_ID on ACT_RU_CASE_EXECUTION(TENANT_ID_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +-- create decision definition table -- +create table ACT_RE_DECISION_DEF ( + ID_ varchar(64) not null, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) not null, + VERSION_ integer not null, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + DEC_REQ_ID_ varchar(64), + DEC_REQ_KEY_ varchar(255), + TENANT_ID_ varchar(64), + HISTORY_TTL_ integer, + VERSION_TAG_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create decision requirements definition table -- +create table ACT_RE_DECISION_REQ_DEF ( + ID_ varchar(64) NOT NULL, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) NOT NULL, + VERSION_ integer NOT NULL, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +alter table ACT_RE_DECISION_DEF + add constraint ACT_FK_DEC_REQ + foreign key (DEC_REQ_ID_) + references ACT_RE_DECISION_REQ_DEF(ID_); + +create index ACT_IDX_DEC_DEF_TENANT_ID on ACT_RE_DECISION_DEF(TENANT_ID_); +create index ACT_IDX_DEC_DEF_REQ_ID on ACT_RE_DECISION_DEF(DEC_REQ_ID_); +create index ACT_IDX_DEC_REQ_DEF_TENANT_ID on ACT_RE_DECISION_REQ_DEF(TENANT_ID_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +create table ACT_HI_PROCINST ( + ID_ varchar(64) not null, + PROC_INST_ID_ varchar(64) not null, + BUSINESS_KEY_ varchar(255), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64) not null, + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + REMOVAL_TIME_ datetime(3), + DURATION_ bigint, + START_USER_ID_ varchar(255), + START_ACT_ID_ varchar(255), + END_ACT_ID_ varchar(255), + SUPER_PROCESS_INSTANCE_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + SUPER_CASE_INSTANCE_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + DELETE_REASON_ varchar(4000), + TENANT_ID_ varchar(64), + STATE_ varchar(255), + primary key (ID_), + unique (PROC_INST_ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_ACTINST ( + ID_ varchar(64) not null, + PARENT_ACT_INST_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64) not null, + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64) not null, + EXECUTION_ID_ varchar(64) not null, + ACT_ID_ varchar(255) not null, + TASK_ID_ varchar(64), + CALL_PROC_INST_ID_ varchar(64), + CALL_CASE_INST_ID_ varchar(64), + ACT_NAME_ varchar(255), + ACT_TYPE_ varchar(255) not null, + ASSIGNEE_ varchar(64), + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + DURATION_ bigint, + ACT_INST_STATE_ integer, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_TASKINST ( + ID_ varchar(64) not null, + TASK_DEF_KEY_ varchar(255), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + NAME_ varchar(255), + PARENT_TASK_ID_ varchar(64), + DESCRIPTION_ varchar(4000), + OWNER_ varchar(255), + ASSIGNEE_ varchar(255), + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + DURATION_ bigint, + DELETE_REASON_ varchar(4000), + PRIORITY_ integer, + DUE_DATE_ datetime(3), + FOLLOW_UP_DATE_ datetime(3), + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_VARINST ( + ID_ varchar(64) not null, + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + TASK_ID_ varchar(64), + NAME_ varchar(255) not null, + VAR_TYPE_ varchar(100), + CREATE_TIME_ datetime(3), + REV_ integer, + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + TENANT_ID_ varchar(64), + STATE_ varchar(20), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_DETAIL ( + ID_ varchar(64) not null, + TYPE_ varchar(255) not null, + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + TASK_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + VAR_INST_ID_ varchar(64), + NAME_ varchar(255) not null, + VAR_TYPE_ varchar(255), + REV_ integer, + TIME_ datetime(3) not null, + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + OPERATION_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_IDENTITYLINK ( + ID_ varchar(64) not null, + TIMESTAMP_ timestamp(3) not null, + TYPE_ varchar(255), + USER_ID_ varchar(255), + GROUP_ID_ varchar(255), + TASK_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + OPERATION_TYPE_ varchar(64), + ASSIGNER_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_COMMENT ( + ID_ varchar(64) not null, + TYPE_ varchar(255), + TIME_ datetime(3) not null, + USER_ID_ varchar(255), + TASK_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + ACTION_ varchar(255), + MESSAGE_ varchar(4000), + FULL_MSG_ LONGBLOB, + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_ATTACHMENT ( + ID_ varchar(64) not null, + REV_ integer, + USER_ID_ varchar(255), + NAME_ varchar(255), + DESCRIPTION_ varchar(4000), + TYPE_ varchar(255), + TASK_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + URL_ varchar(4000), + CONTENT_ID_ varchar(64), + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_OP_LOG ( + ID_ varchar(64) not null, + DEPLOYMENT_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + TASK_ID_ varchar(64), + JOB_ID_ varchar(64), + JOB_DEF_ID_ varchar(64), + BATCH_ID_ varchar(64), + USER_ID_ varchar(255), + TIMESTAMP_ timestamp(3) not null, + OPERATION_TYPE_ varchar(64), + OPERATION_ID_ varchar(64), + ENTITY_TYPE_ varchar(30), + PROPERTY_ varchar(64), + ORG_VALUE_ varchar(4000), + NEW_VALUE_ varchar(4000), + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_INCIDENT ( + ID_ varchar(64) not null, + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CREATE_TIME_ timestamp(3) not null, + END_TIME_ timestamp(3) null, + INCIDENT_MSG_ varchar(4000), + INCIDENT_TYPE_ varchar(255) not null, + ACTIVITY_ID_ varchar(255), + CAUSE_INCIDENT_ID_ varchar(64), + ROOT_CAUSE_INCIDENT_ID_ varchar(64), + CONFIGURATION_ varchar(255), + INCIDENT_STATE_ integer, + TENANT_ID_ varchar(64), + JOB_DEF_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_JOB_LOG ( + ID_ varchar(64) not null, + TIMESTAMP_ timestamp(3) not null, + JOB_ID_ varchar(64) not null, + JOB_DUEDATE_ timestamp(3) NULL, + JOB_RETRIES_ integer, + JOB_PRIORITY_ bigint NOT NULL DEFAULT 0, + JOB_EXCEPTION_MSG_ varchar(4000), + JOB_EXCEPTION_STACK_ID_ varchar(64), + JOB_STATE_ integer, + JOB_DEF_ID_ varchar(64), + JOB_DEF_TYPE_ varchar(255), + JOB_DEF_CONFIGURATION_ varchar(255), + ACT_ID_ varchar(255), + ROOT_PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + PROCESS_INSTANCE_ID_ varchar(64), + PROCESS_DEF_ID_ varchar(64), + PROCESS_DEF_KEY_ varchar(255), + DEPLOYMENT_ID_ varchar(64), + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_BATCH ( + ID_ varchar(64) not null, + TYPE_ varchar(255), + TOTAL_JOBS_ integer, + JOBS_PER_SEED_ integer, + INVOCATIONS_PER_JOB_ integer, + SEED_JOB_DEF_ID_ varchar(64), + MONITOR_JOB_DEF_ID_ varchar(64), + BATCH_JOB_DEF_ID_ varchar(64), + TENANT_ID_ varchar(64), + CREATE_USER_ID_ varchar(255), + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_EXT_TASK_LOG ( + ID_ varchar(64) not null, + TIMESTAMP_ timestamp(3) not null, + EXT_TASK_ID_ varchar(64) not null, + RETRIES_ integer, + TOPIC_NAME_ varchar(255), + WORKER_ID_ varchar(255), + PRIORITY_ bigint NOT NULL DEFAULT 0, + ERROR_MSG_ varchar(4000), + ERROR_DETAILS_ID_ varchar(64), + ACT_ID_ varchar(255), + ACT_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + TENANT_ID_ varchar(64), + STATE_ integer, + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create index ACT_IDX_HI_PRO_INST_END on ACT_HI_PROCINST(END_TIME_); +create index ACT_IDX_HI_PRO_I_BUSKEY on ACT_HI_PROCINST(BUSINESS_KEY_); +create index ACT_IDX_HI_PRO_INST_TENANT_ID on ACT_HI_PROCINST(TENANT_ID_); +create index ACT_IDX_HI_PRO_INST_PROC_DEF_KEY on ACT_HI_PROCINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_PRO_INST_PROC_TIME on ACT_HI_PROCINST(START_TIME_, END_TIME_); +create index ACT_IDX_HI_PI_PDEFID_END_TIME on ACT_HI_PROCINST(PROC_DEF_ID_, END_TIME_); +create index ACT_IDX_HI_PRO_INST_ROOT_PI on ACT_HI_PROCINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_PRO_INST_RM_TIME on ACT_HI_PROCINST(REMOVAL_TIME_); + +create index ACT_IDX_HI_ACTINST_ROOT_PI on ACT_HI_ACTINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_ACT_INST_START on ACT_HI_ACTINST(START_TIME_); +create index ACT_IDX_HI_ACT_INST_END on ACT_HI_ACTINST(END_TIME_); +create index ACT_IDX_HI_ACT_INST_PROCINST on ACT_HI_ACTINST(PROC_INST_ID_, ACT_ID_); +create index ACT_IDX_HI_ACT_INST_COMP on ACT_HI_ACTINST(EXECUTION_ID_, ACT_ID_, END_TIME_, ID_); +create index ACT_IDX_HI_ACT_INST_STATS on ACT_HI_ACTINST(PROC_DEF_ID_, PROC_INST_ID_, ACT_ID_, END_TIME_, ACT_INST_STATE_); +create index ACT_IDX_HI_ACT_INST_TENANT_ID on ACT_HI_ACTINST(TENANT_ID_); +create index ACT_IDX_HI_ACT_INST_PROC_DEF_KEY on ACT_HI_ACTINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_AI_PDEFID_END_TIME on ACT_HI_ACTINST(PROC_DEF_ID_, END_TIME_); +create index ACT_IDX_HI_ACT_INST_RM_TIME on ACT_HI_ACTINST(REMOVAL_TIME_); + +create index ACT_IDX_HI_TASKINST_ROOT_PI on ACT_HI_TASKINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_TASK_INST_TENANT_ID on ACT_HI_TASKINST(TENANT_ID_); +create index ACT_IDX_HI_TASK_INST_PROC_DEF_KEY on ACT_HI_TASKINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_TASKINST_PROCINST on ACT_HI_TASKINST(PROC_INST_ID_); +create index ACT_IDX_HI_TASKINSTID_PROCINST on ACT_HI_TASKINST(ID_,PROC_INST_ID_); +create index ACT_IDX_HI_TASK_INST_RM_TIME on ACT_HI_TASKINST(REMOVAL_TIME_); +create index ACT_IDX_HI_TASK_INST_START on ACT_HI_TASKINST(START_TIME_); +create index ACT_IDX_HI_TASK_INST_END on ACT_HI_TASKINST(END_TIME_); + +create index ACT_IDX_HI_DETAIL_ROOT_PI on ACT_HI_DETAIL(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DETAIL_PROC_INST on ACT_HI_DETAIL(PROC_INST_ID_); +create index ACT_IDX_HI_DETAIL_ACT_INST on ACT_HI_DETAIL(ACT_INST_ID_); +create index ACT_IDX_HI_DETAIL_CASE_INST on ACT_HI_DETAIL(CASE_INST_ID_); +create index ACT_IDX_HI_DETAIL_CASE_EXEC on ACT_HI_DETAIL(CASE_EXECUTION_ID_); +create index ACT_IDX_HI_DETAIL_TIME on ACT_HI_DETAIL(TIME_); +create index ACT_IDX_HI_DETAIL_NAME on ACT_HI_DETAIL(NAME_); +create index ACT_IDX_HI_DETAIL_TASK_ID on ACT_HI_DETAIL(TASK_ID_); +create index ACT_IDX_HI_DETAIL_TENANT_ID on ACT_HI_DETAIL(TENANT_ID_); +create index ACT_IDX_HI_DETAIL_PROC_DEF_KEY on ACT_HI_DETAIL(PROC_DEF_KEY_); +create index ACT_IDX_HI_DETAIL_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_); +create index ACT_IDX_HI_DETAIL_RM_TIME on ACT_HI_DETAIL(REMOVAL_TIME_); +create index ACT_IDX_HI_DETAIL_TASK_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_, TASK_ID_); + +create index ACT_IDX_HI_IDENT_LNK_ROOT_PI on ACT_HI_IDENTITYLINK(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_IDENT_LNK_USER on ACT_HI_IDENTITYLINK(USER_ID_); +create index ACT_IDX_HI_IDENT_LNK_GROUP on ACT_HI_IDENTITYLINK(GROUP_ID_); +create index ACT_IDX_HI_IDENT_LNK_TENANT_ID on ACT_HI_IDENTITYLINK(TENANT_ID_); +create index ACT_IDX_HI_IDENT_LNK_PROC_DEF_KEY on ACT_HI_IDENTITYLINK(PROC_DEF_KEY_); +create index ACT_IDX_HI_IDENT_LINK_TASK on ACT_HI_IDENTITYLINK(TASK_ID_); +create index ACT_IDX_HI_IDENT_LINK_RM_TIME on ACT_HI_IDENTITYLINK(REMOVAL_TIME_); + +create index ACT_IDX_HI_VARINST_ROOT_PI on ACT_HI_VARINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_PROCVAR_PROC_INST on ACT_HI_VARINST(PROC_INST_ID_); +create index ACT_IDX_HI_PROCVAR_NAME_TYPE on ACT_HI_VARINST(NAME_, VAR_TYPE_); +create index ACT_IDX_HI_CASEVAR_CASE_INST on ACT_HI_VARINST(CASE_INST_ID_); +create index ACT_IDX_HI_VAR_INST_TENANT_ID on ACT_HI_VARINST(TENANT_ID_); +create index ACT_IDX_HI_VAR_INST_PROC_DEF_KEY on ACT_HI_VARINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_VARINST_BYTEAR on ACT_HI_VARINST(BYTEARRAY_ID_); +create index ACT_IDX_HI_VARINST_RM_TIME on ACT_HI_VARINST(REMOVAL_TIME_); + +create index ACT_IDX_HI_INCIDENT_TENANT_ID on ACT_HI_INCIDENT(TENANT_ID_); +create index ACT_IDX_HI_INCIDENT_PROC_DEF_KEY on ACT_HI_INCIDENT(PROC_DEF_KEY_); +create index ACT_IDX_HI_INCIDENT_ROOT_PI on ACT_HI_INCIDENT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_INCIDENT_PROCINST on ACT_HI_INCIDENT(PROC_INST_ID_); +create index ACT_IDX_HI_INCIDENT_RM_TIME on ACT_HI_INCIDENT(REMOVAL_TIME_); + +create index ACT_IDX_HI_JOB_LOG_ROOT_PI on ACT_HI_JOB_LOG(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_JOB_LOG_PROCINST on ACT_HI_JOB_LOG(PROCESS_INSTANCE_ID_); +create index ACT_IDX_HI_JOB_LOG_PROCDEF on ACT_HI_JOB_LOG(PROCESS_DEF_ID_); +create index ACT_IDX_HI_JOB_LOG_TENANT_ID on ACT_HI_JOB_LOG(TENANT_ID_); +create index ACT_IDX_HI_JOB_LOG_JOB_DEF_ID on ACT_HI_JOB_LOG(JOB_DEF_ID_); +create index ACT_IDX_HI_JOB_LOG_PROC_DEF_KEY on ACT_HI_JOB_LOG(PROCESS_DEF_KEY_); +create index ACT_IDX_HI_JOB_LOG_EX_STACK on ACT_HI_JOB_LOG(JOB_EXCEPTION_STACK_ID_); +create index ACT_IDX_HI_JOB_LOG_RM_TIME on ACT_HI_JOB_LOG(REMOVAL_TIME_); + +create index ACT_HI_BAT_RM_TIME on ACT_HI_BATCH(REMOVAL_TIME_); + +create index ACT_HI_EXT_TASK_LOG_ROOT_PI on ACT_HI_EXT_TASK_LOG(ROOT_PROC_INST_ID_); +create index ACT_HI_EXT_TASK_LOG_PROCINST on ACT_HI_EXT_TASK_LOG(PROC_INST_ID_); +create index ACT_HI_EXT_TASK_LOG_PROCDEF on ACT_HI_EXT_TASK_LOG(PROC_DEF_ID_); +create index ACT_HI_EXT_TASK_LOG_PROC_DEF_KEY on ACT_HI_EXT_TASK_LOG(PROC_DEF_KEY_); +create index ACT_HI_EXT_TASK_LOG_TENANT_ID on ACT_HI_EXT_TASK_LOG(TENANT_ID_); +create index ACT_IDX_HI_EXTTASKLOG_ERRORDET on ACT_HI_EXT_TASK_LOG(ERROR_DETAILS_ID_); +create index ACT_HI_EXT_TASK_LOG_RM_TIME on ACT_HI_EXT_TASK_LOG(REMOVAL_TIME_); + +create index ACT_IDX_HI_OP_LOG_ROOT_PI on ACT_HI_OP_LOG(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_OP_LOG_PROCINST on ACT_HI_OP_LOG(PROC_INST_ID_); +create index ACT_IDX_HI_OP_LOG_PROCDEF on ACT_HI_OP_LOG(PROC_DEF_ID_); +create index ACT_IDX_HI_OP_LOG_TASK on ACT_HI_OP_LOG(TASK_ID_); +create index ACT_IDX_HI_OP_LOG_RM_TIME on ACT_HI_OP_LOG(REMOVAL_TIME_); +create index ACT_IDX_HI_OP_LOG_TIMESTAMP on ACT_HI_OP_LOG(TIMESTAMP_); + +create index ACT_IDX_HI_COMMENT_TASK on ACT_HI_COMMENT(TASK_ID_); +create index ACT_IDX_HI_COMMENT_ROOT_PI on ACT_HI_COMMENT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_COMMENT_PROCINST on ACT_HI_COMMENT(PROC_INST_ID_); +create index ACT_IDX_HI_COMMENT_RM_TIME on ACT_HI_COMMENT(REMOVAL_TIME_); + +create index ACT_IDX_HI_ATTACHMENT_CONTENT on ACT_HI_ATTACHMENT(CONTENT_ID_); +create index ACT_IDX_HI_ATTACHMENT_ROOT_PI on ACT_HI_ATTACHMENT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_ATTACHMENT_PROCINST on ACT_HI_ATTACHMENT(PROC_INST_ID_); +create index ACT_IDX_HI_ATTACHMENT_TASK on ACT_HI_ATTACHMENT(TASK_ID_); +create index ACT_IDX_HI_ATTACHMENT_RM_TIME on ACT_HI_ATTACHMENT(REMOVAL_TIME_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +create table ACT_HI_CASEINST ( + ID_ varchar(64) not null, + CASE_INST_ID_ varchar(64) not null, + BUSINESS_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64) not null, + CREATE_TIME_ datetime(3) not null, + CLOSE_TIME_ datetime(3), + DURATION_ bigint, + STATE_ integer, + CREATE_USER_ID_ varchar(255), + SUPER_CASE_INSTANCE_ID_ varchar(64), + SUPER_PROCESS_INSTANCE_ID_ varchar(64), + TENANT_ID_ varchar(64), + primary key (ID_), + unique (CASE_INST_ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_CASEACTINST ( + ID_ varchar(64) not null, + PARENT_ACT_INST_ID_ varchar(64), + CASE_DEF_ID_ varchar(64) not null, + CASE_INST_ID_ varchar(64) not null, + CASE_ACT_ID_ varchar(255) not null, + TASK_ID_ varchar(64), + CALL_PROC_INST_ID_ varchar(64), + CALL_CASE_INST_ID_ varchar(64), + CASE_ACT_NAME_ varchar(255), + CASE_ACT_TYPE_ varchar(255), + CREATE_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + DURATION_ bigint, + STATE_ integer, + REQUIRED_ boolean, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create index ACT_IDX_HI_CAS_I_CLOSE on ACT_HI_CASEINST(CLOSE_TIME_); +create index ACT_IDX_HI_CAS_I_BUSKEY on ACT_HI_CASEINST(BUSINESS_KEY_); +create index ACT_IDX_HI_CAS_I_TENANT_ID on ACT_HI_CASEINST(TENANT_ID_); +create index ACT_IDX_HI_CAS_A_I_CREATE on ACT_HI_CASEACTINST(CREATE_TIME_); +create index ACT_IDX_HI_CAS_A_I_END on ACT_HI_CASEACTINST(END_TIME_); +create index ACT_IDX_HI_CAS_A_I_COMP on ACT_HI_CASEACTINST(CASE_ACT_ID_, END_TIME_, ID_); +create index ACT_IDX_HI_CAS_A_I_CASEINST on ACT_HI_CASEACTINST(CASE_INST_ID_, CASE_ACT_ID_); +create index ACT_IDX_HI_CAS_A_I_TENANT_ID on ACT_HI_CASEACTINST(TENANT_ID_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +-- create history decision instance table -- +create table ACT_HI_DECINST ( + ID_ varchar(64) NOT NULL, + DEC_DEF_ID_ varchar(64) NOT NULL, + DEC_DEF_KEY_ varchar(255) NOT NULL, + DEC_DEF_NAME_ varchar(255), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + ACT_ID_ varchar(255), + EVAL_TIME_ datetime(3) not null, + REMOVAL_TIME_ datetime(3), + COLLECT_VALUE_ double, + USER_ID_ varchar(255), + ROOT_DEC_INST_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + DEC_REQ_ID_ varchar(64), + DEC_REQ_KEY_ varchar(255), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create history decision input table -- +create table ACT_HI_DEC_IN ( + ID_ varchar(64) NOT NULL, + DEC_INST_ID_ varchar(64) NOT NULL, + CLAUSE_ID_ varchar(64), + CLAUSE_NAME_ varchar(255), + VAR_TYPE_ varchar(100), + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create history decision output table -- +create table ACT_HI_DEC_OUT ( + ID_ varchar(64) NOT NULL, + DEC_INST_ID_ varchar(64) NOT NULL, + CLAUSE_ID_ varchar(64), + CLAUSE_NAME_ varchar(255), + RULE_ID_ varchar(64), + RULE_ORDER_ integer, + VAR_NAME_ varchar(255), + VAR_TYPE_ varchar(100), + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + + +create index ACT_IDX_HI_DEC_INST_ID on ACT_HI_DECINST(DEC_DEF_ID_); +create index ACT_IDX_HI_DEC_INST_KEY on ACT_HI_DECINST(DEC_DEF_KEY_); +create index ACT_IDX_HI_DEC_INST_PI on ACT_HI_DECINST(PROC_INST_ID_); +create index ACT_IDX_HI_DEC_INST_CI on ACT_HI_DECINST(CASE_INST_ID_); +create index ACT_IDX_HI_DEC_INST_ACT on ACT_HI_DECINST(ACT_ID_); +create index ACT_IDX_HI_DEC_INST_ACT_INST on ACT_HI_DECINST(ACT_INST_ID_); +create index ACT_IDX_HI_DEC_INST_TIME on ACT_HI_DECINST(EVAL_TIME_); +create index ACT_IDX_HI_DEC_INST_TENANT_ID on ACT_HI_DECINST(TENANT_ID_); +create index ACT_IDX_HI_DEC_INST_ROOT_ID on ACT_HI_DECINST(ROOT_DEC_INST_ID_); +create index ACT_IDX_HI_DEC_INST_REQ_ID on ACT_HI_DECINST(DEC_REQ_ID_); +create index ACT_IDX_HI_DEC_INST_REQ_KEY on ACT_HI_DECINST(DEC_REQ_KEY_); +create index ACT_IDX_HI_DEC_INST_ROOT_PI on ACT_HI_DECINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DEC_INST_RM_TIME on ACT_HI_DECINST(REMOVAL_TIME_); + + +create index ACT_IDX_HI_DEC_IN_INST on ACT_HI_DEC_IN(DEC_INST_ID_); +create index ACT_IDX_HI_DEC_IN_CLAUSE on ACT_HI_DEC_IN(DEC_INST_ID_, CLAUSE_ID_); +create index ACT_IDX_HI_DEC_IN_ROOT_PI on ACT_HI_DEC_IN(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DEC_IN_RM_TIME on ACT_HI_DEC_IN(REMOVAL_TIME_); + +create index ACT_IDX_HI_DEC_OUT_INST on ACT_HI_DEC_OUT(DEC_INST_ID_); +create index ACT_IDX_HI_DEC_OUT_RULE on ACT_HI_DEC_OUT(RULE_ORDER_, CLAUSE_ID_); +create index ACT_IDX_HI_DEC_OUT_ROOT_PI on ACT_HI_DEC_OUT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DEC_OUT_RM_TIME on ACT_HI_DEC_OUT(REMOVAL_TIME_); diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql new file mode 100644 index 0000000000..35cb979781 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql @@ -0,0 +1,105 @@ +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +use camundabpmn; + +create table ACT_ID_GROUP ( + ID_ varchar(64), + REV_ integer, + NAME_ varchar(255), + TYPE_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_MEMBERSHIP ( + USER_ID_ varchar(64), + GROUP_ID_ varchar(64), + primary key (USER_ID_, GROUP_ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_USER ( + ID_ varchar(64), + REV_ integer, + FIRST_ varchar(255), + LAST_ varchar(255), + EMAIL_ varchar(255), + PWD_ varchar(255), + SALT_ varchar(255), + LOCK_EXP_TIME_ timestamp(3) NULL, + ATTEMPTS_ integer, + PICTURE_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_INFO ( + ID_ varchar(64), + REV_ integer, + USER_ID_ varchar(64), + TYPE_ varchar(64), + KEY_ varchar(255), + VALUE_ varchar(255), + PASSWORD_ LONGBLOB, + PARENT_ID_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_TENANT ( + ID_ varchar(64), + REV_ integer, + NAME_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_TENANT_MEMBER ( + ID_ varchar(64) not null, + TENANT_ID_ varchar(64) not null, + USER_ID_ varchar(64), + GROUP_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +alter table ACT_ID_MEMBERSHIP + add constraint ACT_FK_MEMB_GROUP + foreign key (GROUP_ID_) + references ACT_ID_GROUP (ID_); + +alter table ACT_ID_MEMBERSHIP + add constraint ACT_FK_MEMB_USER + foreign key (USER_ID_) + references ACT_ID_USER (ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_UNIQ_TENANT_MEMB_USER + unique (TENANT_ID_, USER_ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_UNIQ_TENANT_MEMB_GROUP + unique (TENANT_ID_, GROUP_ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_FK_TENANT_MEMB + foreign key (TENANT_ID_) + references ACT_ID_TENANT (ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_FK_TENANT_MEMB_USER + foreign key (USER_ID_) + references ACT_ID_USER (ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_FK_TENANT_MEMB_GROUP + foreign key (GROUP_ID_) + references ACT_ID_GROUP (ID_); diff --git a/kubernetes/so/charts/so-mariadb/templates/configmap.yaml b/kubernetes/so/charts/so-mariadb/templates/configmap.yaml new file mode 100644 index 0000000000..8f10b2eb27 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/templates/configmap.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-mariadb-sh + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-mariadb-sql + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/docker-entrypoint-initdb.d/db-sql-scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/charts/so-mariadb/templates/job.yaml b/kubernetes/so/charts/so-mariadb/templates/job.yaml old mode 100755 new mode 100644 index a20564e513..7e10e48945 --- a/kubernetes/so/charts/so-mariadb/templates/job.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/job.yaml @@ -111,21 +111,6 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-inject-testlab-project - command: - - /bin/bash - - -c - - > - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; - cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; - chmod -R 755 /docker-entrypoint-initdb.d; - echo "Done."; - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: docker-entrypoint-initdb-d - mountPath: "/docker-entrypoint-initdb.d" containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -161,8 +146,10 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - name: docker-entrypoint-initdb-d + - name: docker-entrypoint-initdb-d-sh mountPath: "/docker-entrypoint-initdb.d" + - name: docker-entrypoint-initdb-d-sql + mountPath: "/docker-entrypoint-initdb.d/db-sql-scripts" {{- if .Values.global.migration.enabled }} - name: backup-storage mountPath: /var/data/mariadb @@ -181,8 +168,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: docker-entrypoint-initdb-d - emptyDir: {} + - name: docker-entrypoint-initdb-d-sh + configMap: + name: {{ include "common.fullname" . }}-mariadb-sh + - name: docker-entrypoint-initdb-d-sql + configMap: + name: {{ include "common.fullname" . }}-mariadb-sql {{- if .Values.global.migration.enabled }} - name: backup-storage persistentVolumeClaim: diff --git a/kubernetes/so/charts/so-mariadb/templates/pv.yaml b/kubernetes/so/charts/so-mariadb/templates/pv.yaml old mode 100755 new mode 100644 index 5f5d09e2eb..f8315ef5f9 --- a/kubernetes/so/charts/so-mariadb/templates/pv.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pv.yaml @@ -36,6 +36,7 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml old mode 100755 new mode 100644 index 92d5eed0c4..17ff7730c7 --- a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml @@ -33,20 +33,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-migration accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: {{ include "common.storageClass" . }} {{- end }} -{{- end }} -{{- end }} - diff --git a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml old mode 100755 new mode 100644 diff --git a/kubernetes/so/charts/so-monitoring/templates/ingress.yaml b/kubernetes/so/charts/so-monitoring/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index 7539e47af9..240ca1511d 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.5.2 +image: onap/so/so-monitoring:1.5.3 pullPolicy: Always replicaCount: 1 @@ -81,7 +81,13 @@ livenessProbe: successThreshold: 1 failureThreshold: 3 ingress: - enabled: false + enabled: false + service: + - baseaddr: "somonitoring" + name: "so-monitoring" + port: 9091 + config: + ssl: "none" nodeSelector: {} tolerations: [] -affinity: {} +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index c570f5eb45..8dc7e830d2 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.5.2 +image: onap/so/openstack-adapter:1.5.3 pullPolicy: Always repository: nexus3.onap.org:10001 diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index 028d123a31..58e6412847 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.5.2 +image: onap/so/request-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 1259435ec9..2cce8bb2dd 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.5.2 +image: onap/so/sdc-controller:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml index c313dd563c..5062a1f8f0 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -136,7 +136,7 @@ org: mobility: '': query: GET|60000|sdncurl5| - myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify + myurl: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify rest: bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage sdncauth: ED07A7EE5F099FA53369C3DF2240AD68A00154676EEDBC6F8C16BAA83B1912941B8941ABD48683D2C1072DA7040659692DE936A59BBF42A038CF71DE67B4A375190071EC76EA657801B033C135 diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index e48c9c93e2..d1be03b541 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.5.2 +image: onap/so/sdnc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 1663fb350c..b15a67ffe8 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.5.2 +image: onap/so/vfc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml index 8650f05897..5213700df0 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -25,7 +25,17 @@ spring: password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR server: - port: {{ index .Values.containerPort }} + port: {{ index .Values.containerPort }} + ssl: + key-alias: so@so.onap.org + key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L' + key-store: classpath:so-vnfm-adapter.p12 + key-store-type: PKCS12 +http: + client: + ssl: + trust-store: classpath:org.onap.so.trust.jks + trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H' mso: key: 07a7159d3bf51a0e53be7a8f89699be7 site-name: localSite @@ -38,4 +48,12 @@ sdc: key: 566B754875657232314F5548556D3665 endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 vnfmadapter: - endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 + endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 +etsi-catalog-manager: + vnfpkgm: + {{- if .Values.global.msbEnabled }} + endpoint: http://msb-iag.{{ include "common.namespace" . }}:80/api/vnfpkgm/v1 + {{- else }} + endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1 + {{- end }} + diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/ingress.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index d29bff28aa..78333767f6 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -26,7 +26,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vnfm-adapter:1.5.2 +image: onap/so/vnfm-adapter:1.5.3 pullPolicy: Always replicaCount: 1 @@ -72,6 +72,12 @@ livenessProbe: failureThreshold: 3 ingress: enabled: false + service: + - baseaddr: "sovnfmadapter" + name: "so-vnfm-adapter" + port: 9092 + config: + ssl: "redirect" nodeSelector: {} tolerations: [] -affinity: {} +affinity: {} \ No newline at end of file diff --git a/kubernetes/so/templates/ingress.yaml b/kubernetes/so/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index ae126fa78e..9af34af88e 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -38,12 +38,13 @@ global: dbPort: 3306 dbUser: root dbPassword: secretpassword + msbEnabled: true ################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.5.2 +image: onap/so/api-handler-infra:1.5.3 pullPolicy: Always replicaCount: 1 @@ -105,3 +106,12 @@ mariadb-galera: persistence: mountSubPath: so/mariadb-galera/data enabled: true + +ingress: + enabled: false + service: + - baseaddr: "so" + name: "so" + port: 8080 + config: + ssl: "none" diff --git a/kubernetes/uui/charts/uui-server/templates/ingress.yaml b/kubernetes/uui/charts/uui-server/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/uui/charts/uui-server/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/uui/charts/uui-server/values.yaml b/kubernetes/uui/charts/uui-server/values.yaml index c58eb81f37..e7856d3a4d 100644 --- a/kubernetes/uui/charts/uui-server/values.yaml +++ b/kubernetes/uui/charts/uui-server/values.yaml @@ -64,6 +64,12 @@ service: ingress: enabled: false + service: + - baseaddr: uuiserver + name: "uui-server" + port: 8082 + config: + ssl: "none" # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/uui/templates/ingress.yaml b/kubernetes/uui/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/uui/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 4d1f8887df..bfecdb7d4f 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -64,6 +64,12 @@ service: ingress: enabled: false + service: + - baseaddr: uui + name: "uui" + port: 8080 + config: + ssl: "none" # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml index d1e1b04121..68696fbccd 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml @@ -14,6 +14,7 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -31,6 +32,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml index 74ba690fa6..d3d5d9e0a4 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml @@ -29,19 +29,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml b/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml deleted file mode 100644 index 041914734f..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP VID MariaDB Galera cluster -name: vid_mariadb_galera -version: 5.0.0 -keywords: - - mariadb - - mysql - - database - - sql - - galera - - cluster \ No newline at end of file diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/NOTES.txt b/kubernetes/vid/charts/vid-mariadb-galera/templates/NOTES.txt deleted file mode 100644 index c44fa8948e..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/NOTES.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -MariaDB-Galera service can be accessed via port 3306 on the following DNS name from within your cluster: -{{ include "common.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - -To connect to your database: - -1. Run a pod that you can use as a client: - - kubectl run {{ include "common.fullname" . }}-client --rm --tty -i --image mariadb --command -- bash - -2. Connect using the mysql cli, then provide your password: - $ mysql -h {{ include "common.fullname" . }} {{- if .Values.mysqlRootPassword }} -p {{ .Values.mysqlRootPassword }}{{- end -}} - diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml deleted file mode 100644 index ba6adc0018..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-confd - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} ---- -{{- if .Values.externalConfig }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-externalconfig - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - my_extra.cnf: |- - [mysqld] - lower_case_table_names = 1 - -#{{ toYaml .Values.externalConfig | indent 4 }} -#{{- end -}} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/service.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/service.yaml deleted file mode 100644 index ae11a26629..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/service.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -# name: {{ include "common.servicename" . }} - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -spec: - ports: - - name: {{ .Values.service.portName }} - port: {{ .Values.service.internalPort }} - clusterIP: None - selector: - app: {{ include "common.fullname" . }} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml deleted file mode 100644 index e90b1564e8..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -spec: -# serviceName: {{ include "common.fullname" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.fullname" . }} - release: {{ .Release.Name }} - annotations: - pod.alpha.kubernetes.io/initialized: "true" - spec: - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - volumes: - {{- if .Values.externalConfig }} - - name: config - configMap: - name: {{ include "common.fullname" . }}-externalconfig - {{- end}} - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: {{ include "common.namespace" . }}-docker-registry-key - containers: - - name: {{ include "common.fullname" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: MYSQL_USER - value: {{ default "" .Values.config.userName | quote }} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: user-password - - name: MYSQL_DATABASE - value: {{ default "" .Values.config.mysqlDatabase | quote }} - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - - containerPort: {{ .Values.service.sstPort }} - name: {{ .Values.service.sstName }} - - containerPort: {{ .Values.service.replicationPort }} - name: {{ .Values.service.replicationName }} - - containerPort: {{ .Values.service.istPort }} - name: {{ .Values.service.istName }} - readinessProbe: - exec: - command: - - /usr/share/container-scripts/mysql/readiness-probe.sh - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ["mysqladmin", "ping"] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} - volumeMounts: - {{- if .Values.externalConfig }} - - mountPath: /etc/config - name: config - {{- end}} - - mountPath: /etc/localtime - name: localtime - readOnly: true -{{- if .Values.persistence.enabled }} - - mountPath: /var/lib/mysql - name: {{ include "common.fullname" . }}-data - subPath: data - initContainers: - - name: mariadb-galera-prepare - image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}" - command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"] - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/mysql - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - annotations: - {{- if .Values.persistence.storageClass }} - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }} - {{- else }} - volume.alpha.kubernetes.io/storage-class: default - {{- end }} - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -{{- end }} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/values.yaml b/kubernetes/vid/charts/vid-mariadb-galera/values.yaml deleted file mode 100644 index e0da745ebe..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/values.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - repository: nexus3.onap.org:10001 - - -################################################################# -# Application configuration defaults. -################################################################# - -#repository: mysql -repository: nexus3.onap.org:10001 -image: adfinissygroup/k8s-mariadb-galera-centos:v004 -imageInit: busybox -pullPolicy: IfNotPresent - -# application configuration -config: - mariadbRootPassword: secretpassword -# userName: my-user -# userPassword: my-password -# mysqlDatabase: my-database - userName: vidadmin - userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - mysqlDatabase: vid_openecomp_epsdk - - -# default number of instances in the StatefulSet -replicaCount: 2 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 15 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: false - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - - -service: - internalPort: 3306 - name: vid-galera - portName: vid-galera - sstPort: 4444 - sstName: sst - replicationPort: 4567 - replicationName: replication - istPort: 4568 - istName: ist - -ingress: - enabled: false - - -## Configure MariaDB-Galera with a custom my.cnf file -## ref: https://mariadb.com/kb/en/mariadb/configuring-mariadb-with-mycnf/#example-of-configuration-file -## -#externalConfig: {} -externalConfig: |- - lower_case_table_names = 1 -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 10m - memory: 1Gi - requests: - cpu: 10m - memory: 500Mi - large: - limits: - cpu: 20m - memory: 2Gi - requests: - cpu: 20m - memory: 1Gi - unlimited: {} -# Name for mariadb-galera cluster - should be unique accross all projects or other clusters -nameOverride: vid-mariadb-galera - -# DNS name for mariadb-galera cluster - should be unique accross all projects other clusters -#dnsnameOverride: mariadb-galera diff --git a/kubernetes/vid/requirements.yaml b/kubernetes/vid/requirements.yaml index 6a748bee0c..6e5fe9dae2 100644 --- a/kubernetes/vid/requirements.yaml +++ b/kubernetes/vid/requirements.yaml @@ -19,3 +19,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/vid/resources/config/log/vid/logback.xml b/kubernetes/vid/resources/config/log/vid/logback.xml index 49db781b3e..018cca8a43 100644 --- a/kubernetes/vid/resources/config/log/vid/logback.xml +++ b/kubernetes/vid/resources/config/log/vid/logback.xml @@ -1,299 +1,386 @@ - - - - - - - - - - - - - - - - - - - - - - - - - ${pattern} - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - - ${queueSize} - true - - - - - - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${errorLogName}.log - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${debugLoggerPattern} + + + + + + + + + + ${logDirectory}/${generalLogName}.log + + ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${applicationLoggerPattern} + + + + + + ${queueSize} + true + + + + + + + + + + + + + + ${logDirectory}/${auditLogName}.log + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${auditLoggerPattern} + + + + ${queueSize} + + true + + + + + + INVOKE + INVOKE-RETURN + + DENY + ACCEPT + + ${logDirectory}/${metricsLogName}.log + + ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${metricsLoggerPattern} + + + + ${queueSize} + + true + + + + + ERROR + ACCEPT + NEUTRAL + + + WARN + ACCEPT + DENY + + ${logDirectory}/${errorLogName}.log + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${errorLoggerPattern} + + + + + ${queueSize} + + true + + + + ${logDirectory}/${debugLogName}.log + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${debugLoggerPattern} + + + + ${queueSize} + + true + + + + ${logDirectory}/${outgoingRequestsLogName}.log + + ${logDirectory}/${outgoingRequestsLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${debugLoggerPattern} + + + + ${queueSize} + + true + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 9221af7dcf..3c52b9d03f 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -96,20 +96,21 @@ spec: value: "{{ .Values.config.vidcontactuslink }}" - name: VID_KEYSTORE_PASSWORD value: {{ .Values.config.vidkeystorepassword | quote }} - - name: CATALINA_OPTS - value: "-Dvid.keystore.password=$(VID_KEYSTORE_PASSWORD) -Dvid.keyalias=vid@vid.onap.org -Dvid.keystore.filename=/opt/app/vid/etc/org.onap.vid.jks -Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/tmp" - name: VID_UEB_URL_LIST value: message-router.{{ include "common.namespace" . }} - name: VID_MYSQL_HOST - value: "{{ .Values.config.vidmysqlhost }}" + value: {{ index .Values "mariadb-galera" "service" "name" }} - name: VID_MYSQL_PORT - value: "{{ .Values.config.vidmysqlport }}" + value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" - name: VID_MYSQL_DBNAME - value: "{{ .Values.config.vidmysqldbname }}" + value: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} - name: VID_MYSQL_USER - value: "{{ .Values.config.vidmysqluser }}" + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: VID_MYSQL_PASS - value: "{{ .Values.config.vidmysqlpassword }}" + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-db + key: db-user-password #valueFrom: # secretKeyRef: {name: {{ include "common.fullname" . }}, key: vid-password} - name: VID_MYSQL_MAXCONNECTIONS @@ -166,4 +167,3 @@ spec: name: {{ include "common.fullname" . }}-log-configmap imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - diff --git a/kubernetes/vid/templates/ingress.yaml b/kubernetes/vid/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/vid/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/vid/templates/job.yaml b/kubernetes/vid/templates/job.yaml index 5214e71130..c2a1858d0c 100644 --- a/kubernetes/vid/templates/job.yaml +++ b/kubernetes/vid/templates/job.yaml @@ -34,11 +34,8 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /root/ready.py -{{- $fullname := include "common.fullname" . -}} -{{- range $i,$t := until (int .Values.vid_mariadb_galera.replicaCount)}} - --container-name - - {{ $fullname }}-mariadb-galera-{{$i}} -{{- end }} + - {{ index .Values "mariadb-galera" "service" "name" }} env: - name: NAMESPACE valueFrom: @@ -63,13 +60,16 @@ spec: - /dbcmd-config/db_cmd.sh env: - name: MYSQL_PASSWORD - value: "{{ .Values.config.vidmysqlpassword }}" + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-db + key: db-user-password - name: MYSQL_HOST - value: "{{ .Values.config.vidmysqlhost }}" + value: {{ index .Values "mariadb-galera" "service" "name" }} - name: MYSQL_USER - value: "{{ .Values.config.vidmysqluser }}" + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: MYSQL_PORT - value: "{{ .Values.config.vidmysqlport }}" + value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" restartPolicy: Never volumes: - name: {{ include "common.fullname" . }}-config @@ -80,4 +80,3 @@ spec: path: db_cmd.sh - key: vid-pre-init.sql path: vid-pre-init.sql - diff --git a/kubernetes/vid/templates/secrets.yaml b/kubernetes/vid/templates/secrets.yaml index 222a3d582a..e0c1992d93 100644 --- a/kubernetes/vid/templates/secrets.yaml +++ b/kubernetes/vid/templates/secrets.yaml @@ -39,3 +39,18 @@ metadata: type: Opaque data: {{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-db + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }} + db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 61002778fd..805e337f57 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.1 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:5.0.3 +image: onap/vid:6.0.2 pullPolicy: Always # mariadb image for initializing @@ -47,19 +47,29 @@ config: vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz msodme2serverurl: http://localhost:8081 vidcontactuslink: https://todo_contact_us_link.com - vidmysqlhost: vid-galera - vidmysqlport: "3306" - vidmysqldbname: vid_openecomp_epsdk - vidmysqluser: vidadmin vidmysqlmaxconnections: "5" logstashServiceName: log-ls logstashPort: 5044 roleaccesscentralized: remote -# subchart configuration -vid_mariadb_galera: -# nameOverride: vid-mariadb-galera - replicaCount: 1 +mariadb-galera: + config: + userName: vidadmin + userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + mariadbRootPassword: kjgsdhjqhawxvnbpoiawsfgjsqhsgjhjhdqihhjqdvcbxkjchizpw + mysqlDatabase: vid_openecomp_epsdk + nameOverride: vid-galera + service: + name: vid-galera + portName: mysql-vid + internalPort: "3306" + replicaCount: 3 + persistence: + enabled: true + mountSubPath: vid/maria/data + externalConfig: |- + [mysqld] + lower_case_table_names = 1 # default number of instances replicaCount: 1 @@ -92,6 +102,12 @@ service: ingress: enabled: false + service: + - baseaddr: "vid" + name: "vid-http" + port: 8080 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/vnfsdk/templates/ingress.yaml b/kubernetes/vnfsdk/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/vnfsdk/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index 2b6fd99b2e..55f81acc24 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -113,3 +113,9 @@ service: ingress: enabled: false + service: + - baseaddr: "refrepo" + name: "refrepo" + port: 97 + config: + ssl: "none"