From: Mike Elliott <mike.elliott@amdocs.com>
Date: Thu, 18 Apr 2019 12:36:10 +0000 (+0000)
Subject: Merge "AAI Rolling upgrade using helm hooks"
X-Git-Tag: 4.0.0-ONAP~215
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=cf993f640aedbd2e37ff54864df1db58958ef96b;hp=f645b7f17b5751f37cbfdbae7c7dc59b474adab7;p=oom.git

Merge "AAI Rolling upgrade using helm hooks"
---

diff --git a/docs/example-integration-override.yaml b/docs/example-integration-override.yaml
new file mode 100644
index 0000000000..9c336d69ce
--- /dev/null
+++ b/docs/example-integration-override.yaml
@@ -0,0 +1,36 @@
+global:
+  repository: 10.12.5.2:5000
+  pullPolicy: IfNotPresent
+robot:
+  enabled: true
+  flavor: large
+  appcUsername: "appc@appc.onap.org"
+  appcPassword: "APPC_PASSWORD_HERE"
+  openStackKeyStoneUrl: "http://10.12.25.2:5000"
+  openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4"
+  openStackTenantId: "09d8566ea45e43aa974cf447ed591d77"
+  openStackUserName: "OPENSTACK_USERNAME_HERE"
+  ubuntu14Image: "ubuntu-14-04-cloud-amd64"
+  ubuntu16Image: "ubuntu-16-04-cloud-amd64"
+  openStackPrivateNetId: "d4ab89ff-c735-4ce4-93f6-cff445157b98"
+  openStackPrivateSubnetId: "46c2391c-ed98-4fb0-8ab7-88678bc55b9f"
+  openStackPrivateNetCidr: "10.0.0.0/16"
+  openStackSecurityGroup: "3914301b-2996-414f-ba0a-da4b2275a753"
+  openStackOamNetworkCidrPrefix: "10.0"
+  dcaeCollectorIp: "10.12.5.46"
+  vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh"
+  demoArtifactsVersion: "1.3.0"
+  demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
+  scriptVersion: "1.3.0"
+  rancherIpAddress: "10.12.6.38"
+  config:
+    openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HEREXXXXXXXXXXXXXXXX"
+so:
+  enabled: true
+  so-catalog-db-adapter:
+    config:
+      openStackUserName: "OPENSTACK_USERNAME_HERE"
+      openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0"
+      openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HEREXXXXXXXXXXXXXXXX"
+
+
diff --git a/docs/helm-search.txt b/docs/helm-search.txt
new file mode 100644
index 0000000000..db95e4f7d7
--- /dev/null
+++ b/docs/helm-search.txt
@@ -0,0 +1,31 @@
+NAME                	CHART VERSION	APP VERSION	DESCRIPTION                                 
+local/onap          	4.0.0        	Dublin     	Open Network Automation Platform (ONAP)     
+local/aaf           	4.0.0        	           	ONAP Application Authorization Framework    
+local/aai           	4.0.0        	           	ONAP Active and Available Inventory         
+local/cassandra     	4.0.0        	           	ONAP cassandra                              
+local/cds           	4.0.0        	           	ONAP Common Design Studio                   
+local/clamp         	4.0.0        	           	ONAP Clamp                                  
+local/cli           	4.0.0        	           	ONAP Command Line Interface                 
+local/consul        	4.0.0        	           	ONAP Consul Agent                           
+local/contrib       	4.0.0        	           	ONAP optional tools                         
+local/dcaegen2      	4.0.0        	           	ONAP DCAE Gen2                              
+local/dmaap         	4.0.1        	           	ONAP DMaaP components                       
+local/esr           	4.0.0        	           	ONAP External System Register               
+local/log           	4.0.0        	           	ONAP Logging ElasticStack                   
+local/msb           	4.0.0        	           	ONAP MicroServices Bus                      
+local/multicloud    	4.0.0        	           	ONAP multicloud broker                      
+local/nbi           	4.0.0        	           	ONAP Northbound Interface                   
+local/oof           	4.0.0        	           	ONAP Optimization Framework                 
+local/pnda          	4.0.0        	           	ONAP DCAE PNDA                              
+local/policy        	4.0.0        	           	ONAP Policy Administration Point            
+local/pomba         	4.0.0        	           	ONAP Post Orchestration Model Based Audit   
+local/portal        	4.0.0        	           	ONAP Web Portal                             
+local/postgres      	4.0.0        	           	ONAP Postgres Server                        
+local/robot         	4.0.0        	           	A helm Chart for kubernetes-ONAP Robot      
+local/sdnc-prom     	4.0.0        	           	ONAP SDNC Policy Driven Ownership Management
+local/sniro-emulator	4.0.0        	           	ONAP Mock Sniro Emulator                    
+local/so            	4.0.0        	           	ONAP Service Orchestrator                   
+local/uui           	4.0.0        	           	ONAP uui                                    
+local/vfc           	4.0.0        	           	ONAP Virtual Function Controller (VF-C)     
+local/vid           	4.0.0        	           	ONAP Virtual Infrastructure Deployment      
+local/vnfsdk        	4.0.0        	           	ONAP VNF SDK 
diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst
index a965603efd..0e1d3591f7 100644
--- a/docs/oom_quickstart_guide.rst
+++ b/docs/oom_quickstart_guide.rst
@@ -1,4 +1,5 @@
-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. This work is licensed under a
+.. Creative Commons Attribution 4.0 International License.
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2018 Amdocs, Bell Canada
 
@@ -16,28 +17,79 @@ available), follow the following instructions to deploy ONAP.
 
 **Step 1.** Clone the OOM repository from ONAP gerrit::
 
-  > git clone -b casablanca http://gerrit.onap.org/r/oom
+  > git clone -b 4.0.0-ONAP http://gerrit.onap.org/r/oom
   > cd oom/kubernetes
 
 **Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release::
 
   > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
 
-**Step 3.** Customize the onap/values.yaml file to suit your deployment. You
-may want to selectively enable or disable ONAP components by changing the
-`enabled: true/false` flags as shown below:
+
+**Step 3.** Customize the helm charts like onap.values.yaml or an override.yaml
+like integration-override.yaml file to suit your deployment with items like the
+OpenStack tenant information.
+
+
+ a. You may want to selectively enable or disable ONAP components by changing
+    the `enabled: true/false` flags.
+
+
+ b. Encyrpt the OpenStack password using the shell tool for robot and put it in
+    the robot helm charts or robot section of integration-override.yaml
+
+
+ c. Encrypt the OpenStack password using the java based script for SO helm charts
+    or SO section of integration-override.yaml.
+
+
+ d. Update the OpenStack parameters that will be used by robot, SO and APPC helm
+    charts or use an override file to replace them.
+
+
+
+
+a. Enabling/Disabling Components:
+Here is an example of the nominal entries that need to be provided. We have different
+values file available for different contexts.
 
 .. literalinclude:: onap-values.yaml
    :language: yaml
 
+
+b. Generating ROBOT Encrypted Password:
+The ROBOT encrypted Password uses the same encryption.key as SO but an
+openssl algorithm that works with the python based Robot Framework.
+
 .. note::
-  To generate openStackEncryptedPasswordHere :
+  To generate ROBOT openStackEncryptedPasswordHere :
 
   ``root@olc-rancher:~# cd so/resources/config/mso/``
 
   ``root@olc-rancher:~/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
 
-**Step 3.** To setup a local Helm server to server up the ONAP charts::
+c. Generating SO Encrypted Password:
+The SO Encrypted Password uses a java based encryption utility since the
+Java encryption library is not easy to integrate with openssl/python that
+ROBOT uses in Dublin.
+
+.. note::
+  To generate SO openStackEncryptedPasswordHere :
+
+  SO_ENCRYPTION_KEY=`cat ~/oom/kubenertes/so/resources/config/mso/encrypt.key`
+  OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
+
+  git clone http://gerrit.onap.org/r/integration
+  cd integration/deployment/heat/onap-oom/scripts
+  javac Crypto.java
+  java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
+
+
+d. Update the OpenStack parameters:
+
+.. literalinclude:: example-integration-override.yaml
+   :language: yaml
+
+**Step 4.** To setup a local Helm server to server up the ONAP charts::
 
   > helm serve &
 
@@ -46,31 +98,48 @@ follows::
 
   > helm repo add local http://127.0.0.1:8879
 
-**Step 4.** Verify your Helm repository setup with::
+**Step 5.** Verify your Helm repository setup with::
 
   > helm repo list
   NAME   URL
   local  http://127.0.0.1:8879
 
-**Step 5.** Build a local Helm repository (from the kubernetes directory)::
+**Step 6.** Build a local Helm repository (from the kubernetes directory)::
 
   > make all; make onap
 
-**Step 6.** Display the charts that available to be deployed::
+**Step 7.** Display the onap charts that available to be deployed::
+
+  > helm search onap -l
 
-  > helm search -l
 .. literalinclude:: helm-search.txt
 
 .. note::
   The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository.
 
-**Step 7.** Once the repo is setup, installation of ONAP can be done with a
-single command::
+**Step 8.** Once the repo is setup, installation of ONAP can be done with a
+single command
+
+ a. If you updated the values directly use this command::
+
+    > helm deploy dev local/onap --namespace onap
+
+
+ b. If you are using an integration-override.yaml file use this command::
+
+    > helm deploy dev local/onap -f /root/integration-override.yaml --namespace onap
+
+
+ c. If you have a slower cloud environment you may want to use the public-cloud.yaml
+    which has longer delay intervals on database updates.::
+
+    > helm deploy dev local/onap -f /root/oom/kubernetes/onap/resources/environments/public-cloud.yaml -f /root/integration-override.yaml --namespace onap
 
-  > helm deploy dev local/onap --namespace onap
 
+**Step 9.** Commands to interact with the OOM installation
 
-Use the following to monitor your deployment and determine when ONAP is ready for use::
+Use the following to monitor your deployment and determine when ONAP is
+ready for use::
 
   > kubectl get pods --all-namespaces -o=wide
 
@@ -79,4 +148,4 @@ Undeploying onap can be done using the following command::
   > helm undeploy dev --purge
 
 
-More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
\ No newline at end of file
+More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
index 601057ff6f..6dc5a7aad6 100644
--- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml
+++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
@@ -113,6 +113,7 @@ spec:
       initContainers:
         - name: mariadb-galera-prepare
           image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
           command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
           volumeMounts:
             - name: {{ include "common.fullname" . }}-data
diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
index 61c265fe64..ff249ee683 100644
--- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
@@ -19,3 +19,4 @@ dependencies:
   - name: postgres
     version: ~4.x-0
     repository: '@local'
+    condition: PG.enabled
diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties
index 294ffa6bc3..f9c4d9e446 100644
--- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties
+++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties
@@ -54,8 +54,8 @@ Feed.deleteHandling: SimulateDelete
 # Settings for Soutbound API: Postgresql
 #
 #####################################################
-# flag indieonapdemodbates if we are using postgresql
-UsePGSQL: true
+# flag indicates if we are using postgresql
+UsePGSQL: {{ .Values.PG.enabled  }}
 
 # postgres host name
 # Need to connect to PG primary service, designated by service.name2
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
index 0ecdc1c0e8..fb31454c63 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2018  AT&T Intellectual Property.  All rights reserved.
+
 # Modifications Copyright © 2018 Amdocs,Bell Canada
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,10 +32,25 @@ spec:
         release: {{ .Release.Name }}
     spec:
       hostAliases:
-      - ip: "10.12.6.214"
+      - ip: "10.12.5.145"
         hostnames:
         - "aaf-onap-test.osaaf.org"
       initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - aaf-locate
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-aaf-readiness
+{{ if .Values.PG.enabled }}
       - command:
         - /root/ready.py
         args:
@@ -49,7 +64,8 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
+        name: {{ include "common.name" . }}-postgres-readiness
+{{- end}}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml
index a7fc3d88db..e59c4d657f 100644
--- a/kubernetes/dmaap/components/dmaap-bc/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml
@@ -36,11 +36,11 @@ image: onap/dmaap/dmaap-bc:1.1.2
 # application configuration
 dmaapMessageRouterService: message-router
 # change the following value to point to Windriver instance maintained
-# but AAF team.
+# by AAF team.
 # e.g.
 #aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/
 aafURL: https://aaf-service:8100/
-topicMgrUser: dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org
+topicMgrUser: dmaap-bc@dmaap-bc.onap.org
 topicMgrPwd: demo123456!
 adminUser: aaf_admin@people.osaaf.org
 adminPwd: demo123456!
@@ -50,6 +50,10 @@ adminPwd: demo123456!
 # it will compose the topic namespace using the kubernetes namespace value
 fixedTopicNamespace: true
 
+# for quicker deployments in dev, ability to disable using postgres
+PG:
+  enabled: true
+
 nodeSelector: {}
 
 affinity: {}
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
index f2896ccafa..08e3fd0018 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
@@ -83,11 +83,11 @@ KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
 #
 #    The password for the https keystore
 #
-KeyStorePassword=]3V)($O&.Mv]W{f8^]6SxGNL
+KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8
 #
 #    The password for the private key in the https keystore
 #
-KeyPassword=]3V)($O&.Mv]W{f8^]6SxGNL
+KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8
 #
 #    The type of truststore for https
 #
@@ -99,7 +99,7 @@ TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
 #
 #    The password for the https truststore
 #
-TrustStorePassword=(Rd,&{]%ePdp}4JZjqoJ2G+g
+TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1&
 #
 #    The path to the file used to trigger an orderly shutdown
 #
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
index ec31f3f750..a508886f10 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
@@ -45,6 +45,15 @@ spec:
               fieldRef:
                 apiVersion: v1
                 fieldPath: metadata.namespace
+        - name: {{ include "common.name" . }}-permission-fixer
+          image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          volumeMounts:
+          - mountPath: {{ .Values.persistence.spoolPath }}
+            name: {{ include "common.fullname" . }}-spool-data-pvc
+          - mountPath: {{ .Values.persistence.eventLogsPath }}
+            name: {{ include "common.fullname" . }}-event-logs-pvc
+          command: ["chown","-Rf","1000:1001", "/opt/app/datartr"]
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -100,7 +109,7 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
         # Filebeat sidecar container
-        - name: {{ include "common.fullname" . }}-filebeat-onap
+        - name: {{ include "common.name" . }}-filebeat-onap
           image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           volumeMounts:
@@ -139,7 +148,7 @@ spec:
             name: {{ include "common.fullname" . }}-log
         - name: {{ include "common.fullname" . }}-filebeat-conf
           configMap:
-            name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+            name: {{ .Release.Name }}-dmaap-filebeat-configmap
         - name: {{ include "common.fullname" . }}-data-filebeat
           emptyDir: {}
         - name:  {{ include "common.fullname" . }}-event-logs-pvc
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
index c6087e8852..3b1532f999 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
@@ -21,13 +21,15 @@ global:
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   loggingDirectory: /opt/app/datartr/logs
+  busyBoxImage: busybox:1.30
+  busyBoxRepository: docker.io
 
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:2.0.2
+image: onap/dmaap/datarouter-node:2.1.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
index 2b78b8eb2c..6a6f49cc24 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
@@ -25,14 +25,14 @@
 #Jetty Server properties
 org.onap.dmaap.datarouter.provserver.http.port           = {{.Values.config.dmaapDrProv.externalPort}}
 org.onap.dmaap.datarouter.provserver.https.port          = {{.Values.config.dmaapDrProv.externalPort2}}
-org.onap.dmaap.datarouter.provserver.https.relaxation	 = true
+org.onap.dmaap.datarouter.provserver.https.relaxation    = true
 
-org.onap.dmaap.datarouter.provserver.keymanager.password = AT{];bvaDiytVD&oWhMZj0N5
+org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX
 org.onap.dmaap.datarouter.provserver.keystore.type       = jks
 org.onap.dmaap.datarouter.provserver.keystore.path       = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-org.onap.dmaap.datarouter.provserver.keystore.password   = AT{];bvaDiytVD&oWhMZj0N5
+org.onap.dmaap.datarouter.provserver.keystore.password   = FZNkU,B%NJzcT1v7;^v]M#ZX
 org.onap.dmaap.datarouter.provserver.truststore.path     = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-org.onap.dmaap.datarouter.provserver.truststore.password = ljlS@Y}0]{UO(TnwvEWkgJ%]
+org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b
 org.onap.dmaap.datarouter.provserver.accesslog.dir       = /opt/app/datartr/logs
 org.onap.dmaap.datarouter.provserver.spooldir            = /opt/app/datartr/spool
 org.onap.dmaap.datarouter.provserver.dbscripts           = /opt/app/datartr/etc/misc
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index afd34d92bc..b9c144de72 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
         # Filebeat sidecar container
-        - name: {{ include "common.fullname" . }}-filebeat-onap
+        - name: {{ include "common.name" . }}-filebeat-onap
           image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           volumeMounts:
@@ -115,7 +115,7 @@ spec:
           name: {{ include "common.fullname" . }}-log
       - name: {{ include "common.fullname" . }}-filebeat-conf
         configMap:
-          name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+          name: {{ .Release.Name }}-dmaap-filebeat-configmap
       - name: {{ include "common.fullname" . }}-data-filebeat
         emptyDir: {}
       - name:  {{ include "common.fullname" . }}-logs
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
index 3d65e911cf..7dca42e746 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -28,7 +28,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:2.0.2
+image: onap/dmaap/datarouter-prov:2.1.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required
diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json b/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json
new file mode 100644
index 0000000000..8edca606e4
--- /dev/null
+++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json
@@ -0,0 +1,16 @@
+{
+    "name":"OnapPfParameterGroup",
+    "restServerParameters": {
+      "host": "0.0.0.0",
+      "port": 6969,
+      "userName": "healthcheck",
+      "password": "zb!XztG34",
+      "https": true
+    },
+    "pdpStatusParameters":{
+        "timeIntervalMs": 120000,
+        "pdpType":"apex",
+        "description":"Pdp Heartbeat",
+        "supportedPolicyTypes":[{"name":"onap.policies.controlloop.Operational","version":"1.0.0"}]
+    }
+}
diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties b/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties
new file mode 100644
index 0000000000..b61626b2da
--- /dev/null
+++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dmaap.source.topics=POLICY-PDP-PAP
+dmaap.sink.topics=POLICY-PDP-PAP
+
+dmaap.source.topics.POLICY-PDP-PAP.servers= message-router
+dmaap.sink.topics.POLICY-PDP-PAP.servers= message-router
\ No newline at end of file
diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml
index 318ad34491..937a5b4afd 100644
--- a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml
+++ b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml
@@ -22,5 +22,4 @@ metadata:
   name: {{ include "common.fullname" . }}-configmap
   namespace: {{ include "common.namespace" . }}
 data:
-{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
-
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml
index 29a24e66bf..f1c024bc4e 100644
--- a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml
@@ -42,9 +42,11 @@ spec:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           command:
-          - /opt/app/policy/apex-pdp/bin/apexEngine.sh
+          - /opt/app/policy/apex-pdp/bin/apexOnapPf.sh
           - -c
-          - /home/apexuser/config/config.json
+          - /home/apexuser/config/OnapPfConfig.json
+          - -p
+          - /home/apexuser/config/topic.properties
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           ports:
           - containerPort: {{ .Values.service.externalPort }}
diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml
index 95b2d2c28d..70994300db 100644
--- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml
@@ -59,7 +59,7 @@ service:
   type: NodePort
   name: policy-apex-pdp
   portName: policy-apex-pdp
-  externalPort: 12345
+  externalPort: 6969
   nodePort: 37
 
 ingress:
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json
index 7fb864bb31..789dde4491 100644
--- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json
+++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json
@@ -16,11 +16,14 @@
 #  SPDX-License-Identifier: Apache-2.0
 #  ============LICENSE_END=========================================================
 {
-    "name":"XacmlPdpGroup",
-    "restServerParameters":{
-        "host":"0.0.0.0",
-        "port":6969,
-        "userName":"healthcheck",
-        "password":"zb!XztG34"
-    }
-}
+    "name": "XacmlPdpGroup",
+    "restServerParameters": {
+        "host": "0.0.0.0",
+        "port": 6969,
+        "userName": "healthcheck",
+        "password": "zb!XztG34",
+        "https": true,
+        "aaf": false
+    },
+    "applicationPath": "/opt/app/policy/pdpx/apps"
+}
\ No newline at end of file
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties
new file mode 100644
index 0000000000..a56de8bc5e
--- /dev/null
+++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties
@@ -0,0 +1,22 @@
+# ============LICENSE_START=======================================================
+# ONAP PAP
+# ================================================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.sink.topics=POLICY-PDP-PAP
+dmaap.sink.topics.POLICY-PDP-PAP.servers=message-router
+dmaap.source.topics=POLICY-PDP-PAP
+dmaap.source.topics.POLICY-PDP-PAP.servers=message-router
\ No newline at end of file
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml
index d90b0c93dc..f689f4d6e8 100644
--- a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml
+++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml
@@ -22,4 +22,4 @@ metadata:
   name: {{ include "common.fullname" . }}-configmap
   namespace: {{ include "common.namespace" . }}
 data:
-{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml
index 20b2afbf50..e5e94ccc95 100644
--- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml
+++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml
@@ -16,12 +16,27 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ .Release.Name }}
     spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.mariadb.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
-          args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
+          args: ["/opt/app/policy/pdpx/etc/mounted/config.json","/opt/app/policy/pdpx/etc/mounted/topic.properties"]
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           # disable liveness probe when breakpoints set in debugger
diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh
index d253ec7f4f..31b86436f0 100755
--- a/kubernetes/robot/demo-k8s.sh
+++ b/kubernetes/robot/demo-k8s.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
 # Copyright (C) 2018 Amdocs, Bell Canada
+# Modifications Copyright (C) 2019 Samsung
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,40 +14,40 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-# Execute tags built to support the hands on demo,
+# Execute tags built to support the hands-on demo
 #
 function usage
 {
-	echo "Usage: demo.sh namespace <command> [<parameters>]"
+	echo "Usage: demo-k8s.sh <namespace> <command> [<parameters>]"
 	echo " "
-	echo "       demo.sh <namespace> init"
+	echo "       demo-k8s.sh <namespace> init"
 	echo "               - Execute both init_customer + distribute"
 	echo " "
-	echo "       demo.sh <namespace> init_customer"
+	echo "       demo-k8s.sh <namespace> init_customer"
 	echo "               - Create demo customer (Demonstration) and services, etc."
 	echo " "
-	echo "       demo.sh <namespace> distribute  [<prefix>]"
+	echo "       demo-k8s.sh <namespace> distribute  [<prefix>]"
 	echo "               - Distribute demo models (demoVFW and demoVLB)"
 	echo " "
-	echo "       demo.sh <namespace> preload <vnf_name> <module_name>"
+	echo "       demo-k8s.sh <namespace> preload <vnf_name> <module_name>"
 	echo "               - Preload data for VNF for the <module_name>"
 	echo " "
-	echo "       demo.sh <namespace> appc <module_name>"
-    echo "               - provide APPC with vFW module mount point for closed loop"
+	echo "       demo-k8s.sh <namespace> appc <module_name>"
+	echo "               - provide APPC with vFW module mount point for closed loop"
 	echo " "
-	echo "       demo.sh <namespace> init_robot [ <etc_hosts_prefix> ]"
-    echo "               - Initialize robot after all ONAP VMs have started"
+	echo "       demo-k8s.sh <namespace> init_robot [ <etc_hosts_prefix> ]"
+	echo "               - Initialize robot after all ONAP VMs have started"
 	echo " "
-	echo "       demo.sh <namespace> instantiateVFW"
-    echo "               - Instantiate vFW module for the a demo customer (DemoCust<uuid>)"
+	echo "       demo-k8s.sh <namespace> instantiateVFW"
+	echo "               - Instantiate vFW module for the demo customer (DemoCust<uuid>)"
 	echo " "
-	echo "       demo.sh <namespace> deleteVNF <module_name from instantiateVFW>"
-    echo "               - Delete the module created by instantiateVFW"
+	echo "       demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>"
+	echo "               - Delete the module created by instantiateVFW"
 	echo " "
-	echo "       demo.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>"
-    echo "               - Run heatbridge against the stack for the given service instance and service"
+	echo "       demo-k8s.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>"
+	echo "               - Run heatbridge against the stack for the given service instance and service"
 	echo " "
-	echo "       demo.sh <namespace> vfwclosedloop <pgn-ip-address>"
+	echo "       demo-k8s.sh <namespace> vfwclosedloop <pgn-ip-address>"
         echo "           - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy "
         echo "             kicks in to modulate the rates back to medium"
 	echo " "
@@ -110,7 +111,7 @@ do
 			TAG="PreloadDemo"
 			shift
 			if [ $# -ne 2 ];then
-				echo "Usage: demo.sh <namespace> preload <vnf_name> <module_name>"
+				echo "Usage: demo-k8s.sh <namespace> preload <vnf_name> <module_name>"
 				exit
 			fi
 			VARIABLES="$VARIABLES -v VNF_NAME:$1"
@@ -122,7 +123,7 @@ do
 			TAG="APPCMountPointDemo"
 			shift
 			if [ $# -ne 1 ];then
-					echo "Usage: demo.sh <namespace> appc <module_name>"
+					echo "Usage: demo-k8s.sh <namespace> appc <module_name>"
 					exit
 				fi
 			VARIABLES="$VARIABLES -v MODULE_NAME:$1"
@@ -137,7 +138,7 @@ do
 			TAG="deleteVNF"
 			shift
 			if [ $# -ne 1 ];then
-				echo "Usage: demo.sh <namespace> deleteVNF <module_name from instantiateVFW>"
+				echo "Usage: demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>"
 				exit
 			fi
 			VARFILE=$1.py
@@ -153,7 +154,7 @@ do
 			TAG="heatbridge"
 			shift
 			if [ $# -ne 4 ];then
-				echo "Usage: demo.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>"
+				echo "Usage: demo-k8s.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>"
 				exit
 			fi
 			VARIABLES="$VARIABLES -v HB_STACK:$1"
diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties
index 9e4c88a879..8a0a102396 100644
--- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties
@@ -18,7 +18,7 @@
 ###
 org.onap.ccsdk.sli.dbtype=jdbc
 org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
 org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
 org.onap.ccsdk.sli.jdbc.database=sdnctl
 org.onap.ccsdk.sli.jdbc.user=sdnctl
diff --git a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
index 7a5b1f217c..03169427f0 100644
--- a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
@@ -35,7 +35,7 @@ spec:
         - /root/ready.py
         args:
         - --container-name
-        - {{ .Values.config.mysqlChartName }}
+        - {{ .Values.config.mariadbGalera.chartName }}
         - --container-name
         - {{ .Values.config.sdncChartName }}
         - --container-name
diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
index f88b6adfc5..4b30d432d4 100644
--- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
@@ -18,7 +18,7 @@
 global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
+  readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
 
@@ -36,12 +36,15 @@ debugEnabled: false
 # application configuration
 config:
   dmaapPort: 3904
-  mysqlChartName: sdnc-db
   sdncChartName: sdnc
   sdncPort: 8282
   msgRouterContainerName: message-router
   configDir: /opt/onap/sdnc/data/properties
   odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+  mariadbGalera:
+    chartName: mariadb-galera
+    serviceName: mariadb-galera
+    internalPort: 3306
 
 # default number of instances
 replicaCount: 1
@@ -68,10 +71,6 @@ ingress:
 service:
   name: sdnc-dmaap-listener
 
-mysql:
-  service:
-    name: sdnc-dbhost
-    internalPort: 3306
 #Resource limit flavor -By default using small
 flavor: small
 #Segregation for different environment (small and large)
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
index f63fe211f6..eb88d7236b 100644
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
@@ -29,7 +29,7 @@ id:	sdnc
 psswd:	sdnc
 
 # Mysql
-host:	{{.Values.config.mysqlServiceName}}
+host:	{{.Values.config.mariadbGalera.serviceName}}
 user:	sdnc
 passwd:	sdnc
 db:	ansible
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index 44a3f96355..d7c33a6e86 100644
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -18,7 +18,7 @@
 global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
+  readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
 
@@ -37,7 +37,8 @@ debugEnabled: false
 config:
   sdncChartName: sdnc
   configDir: /opt/onap/sdnc
-  mysqlServiceName: sdnc-dbhost
+  mariadbGalera:
+    serviceName: mariadb-galera
 
 
 # default number of instances
diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json
index a6950fdd70..28da59ea29 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json
+++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json
@@ -27,7 +27,7 @@
   },
   "svclogicPropertiesDb01": "{{.Values.config.configDir}}/svclogic.properties.sdnctldb01",
   "databases": [
-    "sdnc-dbhost.{{.Release.Namespace}}|sdnc-sdnctldb01.{{.Release.Namespace}}"
+    "{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}|sdnc-sdnctldb01.{{.Release.Namespace}}"
   ],
   "dbFabricServer": "localhost",
   "dbFabricPort": "32275",
diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties
index 68357baae6..7a5475ed20 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties
+++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties
@@ -18,7 +18,7 @@
 ###
 org.onap.ccsdk.sli.dbtype=jdbc
 org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
 org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
 org.onap.ccsdk.sli.jdbc.database=sdnctl
 org.onap.ccsdk.sli.jdbc.user=sdnctl
diff --git a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml
index 35dffee552..0a59eb079a 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml
@@ -35,7 +35,7 @@ spec:
         - /root/ready.py
         args:
         - --container-name
-        - {{ .Values.config.mysqlChartName }}
+        - {{ .Values.config.mariadbGalera.chartName }}
         - --container-name
         - {{ .Values.config.sdncChartName }}
         env:
diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index 88acef1e58..ba99020df7 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -18,7 +18,7 @@
 global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
+  readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
 
@@ -35,12 +35,17 @@ debugEnabled: false
 
 # application configuration
 config:
-  mysqlChartName: sdnc-db
-  dbRootPassword: openECOMP1.0
+  dbRootPassword: secretpassword
   dbSdnctlPassword: gamma
   sdncChartName: sdnc
   configDir: /opt/onap/sdnc/data/properties
+  storesDir: /opt/onap/sdnc/data/stores
   odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+  keystorePwd: ?w5&!M;8v1XF;:Xd;g*%S$IY
+  mariadbGalera:
+    chartName: mariadb-galera
+    serviceName: mariadb-galera
+    internalPort: 3306
 
 # default number of instances
 replicaCount: 0
@@ -72,11 +77,6 @@ service:
 ingress:
   enabled: false
 
-mysql:
-  service:
-    name: sdnc-dbhost
-    internalPort: 3306
-
 #Resource limit flavor -By default using small
 flavor: small
 #segregation for different environment (small and large)
diff --git a/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties b/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties
index 15cb2182a2..fdc2218532 100644
--- a/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties
+++ b/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties
@@ -23,7 +23,7 @@
 org.onap.ccsdk.sli.dbtype=jdbc
 
 org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
 org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
 org.onap.ccsdk.sli.jdbc.database=sdnctl
 org.onap.ccsdk.sli.jdbc.user=sdnctl
diff --git a/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml
index 1c5f9179c0..0f8931b7b3 100644
--- a/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml
@@ -35,7 +35,7 @@ spec:
         - /root/ready.py
         args:
         - --container-name
-        - {{ .Values.config.mysqlChartName }}
+        - {{ .Values.config.mariadbGalera.chartName }}
         - --container-name
         - {{ .Values.config.sdncChartName }}
         - --container-name
diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml
index c1892efadf..4da1ffef6f 100644
--- a/kubernetes/sdnc/charts/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml
@@ -18,7 +18,7 @@
 global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
+  readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
 
@@ -36,13 +36,15 @@ debugEnabled: false
 # application configuration
 config:
   sdncPort: 8282
-  mysqlChartName: sdnc-db
   sdncChartName: sdnc
   sdcbeChartName: sdc-be
   msgRouterContainerName: message-router
   configDir: /opt/onap/sdnc/data/properties
   odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
+  mariadbGalera:
+    chartName: mariadb-galera
+    serviceName: mariadb-galera
+    internalPort: 3306
 
 # default number of instances
 replicaCount: 1
@@ -66,11 +68,6 @@ readiness:
 service:
   name: sdnc-ueb-listener
 
-mysql:
-  service:
-    name: sdnc-dbhost
-    internalPort: 3306
-
 ingress:
   enabled: false
 
diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml
index 56e20672f7..a4bffc077f 100644
--- a/kubernetes/sdnc/requirements.yaml
+++ b/kubernetes/sdnc/requirements.yaml
@@ -20,9 +20,6 @@ dependencies:
     version: ~4.x-0
     repository: '@local'
     condition: cds.enabled
-  - name: mysql
-    version: ~4.x-0
-    repository: '@local'
   - name: network-name-gen
     version: ~4.x-0
     repository: '@local'
@@ -33,3 +30,8 @@ dependencies:
     version: ~4.x-0
     repository: '@local'
     condition: config.geoEnabled
+  - name: mariadb-galera
+    version: ~4.x-0
+    repository: '@local'
+    condition: config.localDBCluster
+
diff --git a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
index ab0bc35880..2a733de7d5 100644
--- a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
+++ b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
@@ -22,7 +22,7 @@
 ###
 
 SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc}
-MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}}
+MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}}
 MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}}
 
 SDNC_DB_USER=${SDNC_DB_USER:-sdnctl}
@@ -55,4 +55,4 @@ done
 ${SDNC_HOME}/bin/addVnis.sh 100 199
 
 # Drop FK_NETWORK_MODEL foreign key as workaround for SDNC-291.
-${SDNC_HOME}/bin/rmForeignKey.sh NETWORK_MODEL FK_NETWORK_MODEL
\ No newline at end of file
+${SDNC_HOME}/bin/rmForeignKey.sh NETWORK_MODEL FK_NETWORK_MODEL
diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh
index 2513fc9dd4..9b96a325b7 100755
--- a/kubernetes/sdnc/resources/config/bin/startODL.sh
+++ b/kubernetes/sdnc/resources/config/bin/startODL.sh
@@ -119,7 +119,7 @@ SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin}
 CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk}
 SLEEP_TIME=${SLEEP_TIME:-120}
 MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}}
-MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}}
+MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.dbServiceName}}.{{.Release.Namespace}}}
 ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
 GEO_ENABLED=${GEO_ENABLED:-false}
 DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim}
diff --git a/kubernetes/sdnc/resources/config/conf/dblib.properties b/kubernetes/sdnc/resources/config/conf/dblib.properties
index dd2bcabcc5..1849053411 100644
--- a/kubernetes/sdnc/resources/config/conf/dblib.properties
+++ b/kubernetes/sdnc/resources/config/conf/dblib.properties
@@ -18,7 +18,7 @@
 ###
 org.onap.ccsdk.sli.dbtype=jdbc
 org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
 org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
 org.onap.ccsdk.sli.jdbc.database=sdnctl
 org.onap.ccsdk.sli.jdbc.user=sdnctl
diff --git a/kubernetes/sdnc/resources/config/conf/svclogic.properties b/kubernetes/sdnc/resources/config/conf/svclogic.properties
index e564012c8f..55ef8e7e85 100644
--- a/kubernetes/sdnc/resources/config/conf/svclogic.properties
+++ b/kubernetes/sdnc/resources/config/conf/svclogic.properties
@@ -20,7 +20,7 @@
 ###
 
 org.onap.ccsdk.sli.dbtype = jdbc
-org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl
+org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
 org.onap.ccsdk.sli.jdbc.database = sdnctl
 org.onap.ccsdk.sli.jdbc.user = sdnctl
 org.onap.ccsdk.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}}
diff --git a/kubernetes/sdnc/sdnc-prom/values.yaml b/kubernetes/sdnc/sdnc-prom/values.yaml
index d481f4aaf5..7216e81abf 100644
--- a/kubernetes/sdnc/sdnc-prom/values.yaml
+++ b/kubernetes/sdnc/sdnc-prom/values.yaml
@@ -19,7 +19,7 @@ global:
   nodePortPrefix: 302
   repository: nexus3.onap.org:10001
   readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
+  readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   persistence:
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 24ca832d24..9728fab524 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -37,7 +37,7 @@ spec:
         - /root/ready.py
         args:
         - --container-name
-        - {{ .Values.mysql.nameOverride }}
+        - {{ .Values.config.mariadbGalera.chartName }}
         env:
         - name: NAMESPACE
           valueFrom:
@@ -94,7 +94,7 @@ spec:
             - name: SDNC_REPLICAS
               value: "{{ .Values.replicaCount }}"
             - name: MYSQL_HOST
-              value: "{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}"
+              value: "{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}"
             - name: JAVA_HOME
               value: "{{ .Values.config.javaHome}}"
           volumeMounts:
@@ -209,4 +209,4 @@ spec:
       selector:
         matchLabels:
           name: {{ include "common.fullname" . }}
-  {{ end }}
\ No newline at end of file
+  {{ end }}
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 95bc31a96b..e2e8579443 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -20,7 +20,7 @@ global:
   nodePortPrefixExt: 304
   repository: nexus3.onap.org:10001
   readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
+  readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   persistence:
@@ -40,7 +40,7 @@ debugEnabled: false
 # application configuration
 config:
   odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-  dbRootPassword: openECOMP1.0
+  dbRootPassword: secretpassword
   dbSdnctlPassword: gamma
   enableClustering: true
   binDir: /opt/onap/sdnc/bin
@@ -59,6 +59,15 @@ config:
   ansiblePort: 8000
   javaHome: /usr/lib/jvm/java-1.8-openjdk
 
+  #local Mariadb-galera cluster
+  localDBCluster: false
+
+  #Shared mariadb-galera details
+  mariadbGalera:
+    chartName: mariadb-galera
+    serviceName: mariadb-galera
+    internalPort: 3306
+
 # dependency / sub-chart configuration
 cds:
   enabled: true
@@ -67,7 +76,7 @@ dmaap-listener:
   nameOverride: sdnc-dmaap-listener
   config:
     sdncChartName: sdnc
-    mysqlChartName: sdnc-db
+    mysqlChartName: mariadb-galera
     dmaapPort: 3904
     sdncPort: 8282
     configDir: /opt/onap/sdnc/data/properties
@@ -78,16 +87,16 @@ ueb-listener:
   config:
     sdncPort: 8282
     sdncChartName: sdnc
-    mysqlChartName: sdnc-db
+    mysqlChartName: mariadb-galera
     configDir: /opt/onap/sdnc/data/properties
     odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
 
 sdnc-portal:
   config:
     sdncChartName: sdnc
-    mysqlChartName: sdnc-db
+    mysqlChartName: mariadb-galera
     configDir: /opt/onap/sdnc/data/properties
-    dbRootPassword: openECOMP1.0
+    dbRootPassword: secretpassword
     dbSdnctlPassword: gamma
     odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
 
@@ -96,28 +105,25 @@ sdnc-ansible-server:
     name: sdnc-ansible-server
     internalPort: 8000
   config:
-    mysqlServiceName: sdnc-dbhost
+    mysqlServiceName: mariadb-galera
 
-mysql:
+mariadb-galera:
   nameOverride: sdnc-db
   service:
     name: sdnc-dbhost
     internalPort: 3306
-  nfsprovisionerPrefix: sdnc
   sdnctlPrefix: sdnc
   persistence:
-    mountSubPath: sdnc/mysql
+    mountSubPath: sdnc/mariadb-galera
     enabled: true
-  disableNfsProvisioner: true
   replicaCount: 1
-  geoEnabled: false
 
 dgbuilder:
   nameOverride: sdnc-dgbuilder
   config:
-    dbPodName: sdnc-db
-    dbServiceName: sdnc-dbhost
-    dbRootPassword: openECOMP1.0
+    dbPodName: mariadb-galera
+    dbServiceName: mariadb-galera
+    dbRootPassword: secretpassword
     dbSdnctlPassword: gamma
     dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
   service:
diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
index 0b52949103..236f5d5dde 100755
--- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
@@ -32,3 +32,10 @@ mso:
   logPath: ./logs/vnfm-adapter
   msb-ip: msb-iag.{{ include "common.namespace" . }}
   msb-port: 80
+sdc:
+  username: mso
+  password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
+  key: 566B754875657232314F5548556D3665
+  endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+vnfmadapter:
+  endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092