From: Alexis de Talhouët Date: Tue, 14 May 2019 12:45:15 +0000 (+0000) Subject: Merge "Add FCAPS to oom" X-Git-Tag: 4.0.0-ONAP~97 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=d37e79b29e2bf8f5d306fa30f4bfbf3c3bb78578;hp=f28d0b1844a8eb41279b1fd73a8be401c08cae57;p=oom.git Merge "Add FCAPS to oom" --- diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000000..31bff54529 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,5 @@ +[submodule "kubernetes/aai"] + path = kubernetes/aai + url = ../aai/oom + branch = . + ignore = dirty diff --git a/INFO.yaml b/INFO.yaml index 9ec8bdf061..7f7b4f26a8 100644 --- a/INFO.yaml +++ b/INFO.yaml @@ -63,5 +63,20 @@ committers: company: 'ATT' id: 'xuegao' timezone: 'Belgium/Namur' + - name: 'Brian Freeman' + email: 'bf1936@att.com' + company: 'ATT' + id: 'bdfreeman1421' + timezone: 'America/New_York' + - name: 'Yang Xu' + email: 'Yang.Xu3@huawei.com' + company: 'Huawei' + id: 'xuyang11' + timezone: 'America/New_York' tsc: approval: 'https://lists.onap.org/pipermail/onap-tsc' + changes: + - type: 'Addition' + name: 'Brian Freeman' + name: 'Yang Xu' + link: 'TBD' \ No newline at end of file diff --git a/docs/cluster.yml b/docs/cluster.yml new file mode 100644 index 0000000000..d4962d3478 --- /dev/null +++ b/docs/cluster.yml @@ -0,0 +1,156 @@ +# An example of an HA Kubernetes cluster for ONAP +nodes: +- address: 10.12.6.85 + port: "22" + internal_address: 10.0.0.8 + role: + - controlplane + - etcd + hostname_override: "onap-control-1" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.90 + port: "22" + internal_address: 10.0.0.11 + role: + - controlplane + - etcd + hostname_override: "onap-control-2" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.89 + port: "22" + internal_address: 10.0.0.12 + role: + - controlplane + - etcd + hostname_override: "onap-control-3" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.5.165 + port: "22" + internal_address: 10.0.0.14 + role: + - worker + hostname_override: "onap-k8s-1" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.238 + port: "22" + internal_address: 10.0.0.26 + role: + - worker + hostname_override: "onap-k8s-2" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.126 + port: "22" + internal_address: 10.0.0.5 + role: + - worker + hostname_override: "onap-k8s-3" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.5.11 + port: "22" + internal_address: 10.0.0.6 + role: + - worker + hostname_override: "onap-k8s-4" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.244 + port: "22" + internal_address: 10.0.0.9 + role: + - worker + hostname_override: "onap-k8s-5" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.249 + port: "22" + internal_address: 10.0.0.17 + role: + - worker + hostname_override: "onap-k8s-6" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.5.191 + port: "22" + internal_address: 10.0.0.20 + role: + - worker + hostname_override: "onap-k8s-7" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.111 + port: "22" + internal_address: 10.0.0.10 + role: + - worker + hostname_override: "onap-k8s-8" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.195 + port: "22" + internal_address: 10.0.0.4 + role: + - worker + hostname_override: "onap-k8s-9" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.5.160 + port: "22" + internal_address: 10.0.0.16 + role: + - worker + hostname_override: "onap-k8s-10" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.74 + port: "22" + internal_address: 10.0.0.18 + role: + - worker + hostname_override: "onap-k8s-11" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +- address: 10.12.6.82 + port: "22" + internal_address: 10.0.0.7 + role: + - worker + hostname_override: "onap-k8s-12" + user: ubuntu + ssh_key_path: "~/.ssh/onap-key" +services: + kube-api: + service_cluster_ip_range: 10.43.0.0/16 + pod_security_policy: false + always_pull_images: false + kube-controller: + cluster_cidr: 10.42.0.0/16 + service_cluster_ip_range: 10.43.0.0/16 + kubelet: + cluster_domain: cluster.local + cluster_dns_server: 10.43.0.10 + fail_swap_on: false +network: + plugin: canal +authentication: + strategy: x509 +ssh_key_path: "~/.ssh/onap-key" +ssh_agent_auth: false +authorization: + mode: rbac +ignore_docker_version: false +kubernetes_version: "v1.13.5-rancher1-2" +private_registries: +- url: nexus3.onap.org:10001 + user: docker + password: docker + is_default: true +cluster_name: "onap" +restore: + restore: false + snapshot_name: "" diff --git a/docs/example-integration-override.yaml b/docs/example-integration-override.yaml new file mode 100644 index 0000000000..56699d921c --- /dev/null +++ b/docs/example-integration-override.yaml @@ -0,0 +1,46 @@ +global: + repository: 10.12.5.2:5000 + pullPolicy: IfNotPresent +################################################################# +# This override file configures openstack parameters for ONAP +################################################################# +appc: + config: + enableClustering: false + openStackType: "OpenStackProvider" + openStackName: "OpenStack" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" + openStackDomain: "Default" + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +robot: + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + openStackKeyStoneUrl: "http://10.12.25.2:5000" + openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" + openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" + openStackUserName: "OPENSTACK_USERNAME_HERE" + ubuntu14Image: "ubuntu-14-04-cloud-amd64" + ubuntu16Image: "ubuntu-16-04-cloud-amd64" + openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313" + openStackPrivateSubnetId: "2a0e8888-f93e-4615-8d28-fc3d4d087fc3" + openStackPrivateNetCidr: "10.0.0.0/16" + openStackSecurityGroup: "3a7a1e7e-6d15-4264-835d-fab1ae81e8b0" + openStackOamNetworkCidrPrefix: "10.0" + dcaeCollectorIp: "10.12.6.88" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0-SNAPSHOT" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0-SNAPSHOT" + rancherIpAddress: "10.12.5.127" + config: + # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +so: + # so server configuration + so-catalog-db-adapter: + config: + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" \ No newline at end of file diff --git a/docs/helm-search.txt b/docs/helm-search.txt new file mode 100644 index 0000000000..036ad036f2 --- /dev/null +++ b/docs/helm-search.txt @@ -0,0 +1,42 @@ +NAME CHART VERSION APP VERSION DESCRIPTION +local/onap 4.0.0 Dublin Open Network Automation Platform (ONAP) +local/aaf 4.0.0 ONAP Application Authorization Framework +local/aai 4.0.0 ONAP Active and Available Inventory +local/appc 4.0.0 Application Controller +local/cassandra 4.0.0 ONAP cassandra +local/cds 4.0.0 ONAP Controller Design Studio (CDS) +local/clamp 4.0.0 ONAP Clamp +local/cli 4.0.0 ONAP Command Line Interface +local/common 4.0.0 Common templates for inclusion in other charts +local/consul 4.0.0 ONAP Consul Agent +local/contrib 4.0.0 ONAP optional tools +local/dcaegen2 4.0.0 ONAP DCAE Gen2 +local/dgbuilder 4.0.0 D.G. Builder application +local/dmaap 4.0.1 ONAP DMaaP components +local/esr 4.0.0 ONAP External System Register +local/log 4.0.0 ONAP Logging ElasticStack +local/mariadb-galera 4.0.0 Chart for MariaDB Galera cluster +local/mongo 4.0.0 MongoDB Server +local/msb 4.0.0 ONAP MicroServices Bus +local/multicloud 4.0.0 ONAP multicloud broker +local/music 4.0.0 MUSIC - Multi-site State Coordination Service +local/mysql 4.0.0 MySQL Server +local/nbi 4.0.0 ONAP Northbound Interface +local/network-name-gen 4.0.0 Name Generation Micro Service +local/nfs-provisioner 4.0.0 NFS provisioner +local/oof 4.0.0 ONAP Optimization Framework +local/pnda 4.0.0 ONAP DCAE PNDA +local/policy 4.0.0 ONAP Policy Administration Point +local/pomba 4.0.0 ONAP Post Orchestration Model Based Audit +local/portal 4.0.0 ONAP Web Portal +local/postgres 4.0.0 ONAP Postgres Server +local/robot 4.0.0 A helm Chart for kubernetes-ONAP Robot +local/sdc 4.0.0 Service Design and Creation Umbrella Helm charts +local/sdnc 4.0.0 SDN Controller +local/sdnc-prom 4.0.0 ONAP SDNC Policy Driven Ownership Management +local/sniro-emulator 4.0.0 ONAP Mock Sniro Emulator +local/so 4.0.0 ONAP Service Orchestrator +local/uui 4.0.0 ONAP uui +local/vfc 4.0.0 ONAP Virtual Function Controller (VF-C) +local/vid 4.0.0 ONAP Virtual Infrastructure Deployment +local/vnfsdk 4.0.0 ONAP VNF SDK \ No newline at end of file diff --git a/docs/images/cp_vms/control_plane_1.png b/docs/images/cp_vms/control_plane_1.png new file mode 100644 index 0000000000..d59b9863b7 Binary files /dev/null and b/docs/images/cp_vms/control_plane_1.png differ diff --git a/docs/images/cp_vms/control_plane_2.png b/docs/images/cp_vms/control_plane_2.png new file mode 100644 index 0000000000..9a7d72f8a5 Binary files /dev/null and b/docs/images/cp_vms/control_plane_2.png differ diff --git a/docs/images/cp_vms/control_plane_3.png b/docs/images/cp_vms/control_plane_3.png new file mode 100644 index 0000000000..da329f20b5 Binary files /dev/null and b/docs/images/cp_vms/control_plane_3.png differ diff --git a/docs/images/cp_vms/control_plane_4.png b/docs/images/cp_vms/control_plane_4.png new file mode 100644 index 0000000000..817355a99e Binary files /dev/null and b/docs/images/cp_vms/control_plane_4.png differ diff --git a/docs/images/cp_vms/control_plane_5.png b/docs/images/cp_vms/control_plane_5.png new file mode 100644 index 0000000000..33805c50dd Binary files /dev/null and b/docs/images/cp_vms/control_plane_5.png differ diff --git a/docs/images/cp_vms/control_plane_6.png b/docs/images/cp_vms/control_plane_6.png new file mode 100644 index 0000000000..9e8ab638bc Binary files /dev/null and b/docs/images/cp_vms/control_plane_6.png differ diff --git a/docs/images/cp_vms/control_plane_7.png b/docs/images/cp_vms/control_plane_7.png new file mode 100644 index 0000000000..f0db6d3f3f Binary files /dev/null and b/docs/images/cp_vms/control_plane_7.png differ diff --git a/docs/images/cp_vms/control_plane_8.png b/docs/images/cp_vms/control_plane_8.png new file mode 100644 index 0000000000..e20f631e60 Binary files /dev/null and b/docs/images/cp_vms/control_plane_8.png differ diff --git a/docs/images/floating_ips/floating_1.png b/docs/images/floating_ips/floating_1.png new file mode 100644 index 0000000000..9f413164ab Binary files /dev/null and b/docs/images/floating_ips/floating_1.png differ diff --git a/docs/images/floating_ips/floating_2.png b/docs/images/floating_ips/floating_2.png new file mode 100644 index 0000000000..0001ef068c Binary files /dev/null and b/docs/images/floating_ips/floating_2.png differ diff --git a/docs/images/keys/key_pair_1.png b/docs/images/keys/key_pair_1.png new file mode 100644 index 0000000000..1135c93320 Binary files /dev/null and b/docs/images/keys/key_pair_1.png differ diff --git a/docs/images/keys/key_pair_2.png b/docs/images/keys/key_pair_2.png new file mode 100644 index 0000000000..ac3bfc5ca2 Binary files /dev/null and b/docs/images/keys/key_pair_2.png differ diff --git a/docs/images/keys/key_pair_3.png b/docs/images/keys/key_pair_3.png new file mode 100644 index 0000000000..1e0c0200f8 Binary files /dev/null and b/docs/images/keys/key_pair_3.png differ diff --git a/docs/images/keys/key_pair_4.png b/docs/images/keys/key_pair_4.png new file mode 100644 index 0000000000..031a9ba785 Binary files /dev/null and b/docs/images/keys/key_pair_4.png differ diff --git a/docs/images/nfs_server/nfs_server_1.png b/docs/images/nfs_server/nfs_server_1.png new file mode 100644 index 0000000000..912a10f055 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_1.png differ diff --git a/docs/images/nfs_server/nfs_server_10.png b/docs/images/nfs_server/nfs_server_10.png new file mode 100644 index 0000000000..7d87d1ca56 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_10.png differ diff --git a/docs/images/nfs_server/nfs_server_2.png b/docs/images/nfs_server/nfs_server_2.png new file mode 100644 index 0000000000..d59b9863b7 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_2.png differ diff --git a/docs/images/nfs_server/nfs_server_3.png b/docs/images/nfs_server/nfs_server_3.png new file mode 100644 index 0000000000..9a7d72f8a5 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_3.png differ diff --git a/docs/images/nfs_server/nfs_server_4.png b/docs/images/nfs_server/nfs_server_4.png new file mode 100644 index 0000000000..da329f20b5 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_4.png differ diff --git a/docs/images/nfs_server/nfs_server_5.png b/docs/images/nfs_server/nfs_server_5.png new file mode 100644 index 0000000000..817355a99e Binary files /dev/null and b/docs/images/nfs_server/nfs_server_5.png differ diff --git a/docs/images/nfs_server/nfs_server_6.png b/docs/images/nfs_server/nfs_server_6.png new file mode 100644 index 0000000000..33805c50dd Binary files /dev/null and b/docs/images/nfs_server/nfs_server_6.png differ diff --git a/docs/images/nfs_server/nfs_server_7.png b/docs/images/nfs_server/nfs_server_7.png new file mode 100644 index 0000000000..9e8ab638bc Binary files /dev/null and b/docs/images/nfs_server/nfs_server_7.png differ diff --git a/docs/images/nfs_server/nfs_server_8.png b/docs/images/nfs_server/nfs_server_8.png new file mode 100644 index 0000000000..14103fb9c3 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_8.png differ diff --git a/docs/images/nfs_server/nfs_server_9.png b/docs/images/nfs_server/nfs_server_9.png new file mode 100644 index 0000000000..aa8bc140e1 Binary files /dev/null and b/docs/images/nfs_server/nfs_server_9.png differ diff --git a/docs/images/rke/rke_1.png b/docs/images/rke/rke_1.png new file mode 100644 index 0000000000..b27fc517df Binary files /dev/null and b/docs/images/rke/rke_1.png differ diff --git a/docs/images/wk_vms/worker_1.png b/docs/images/wk_vms/worker_1.png new file mode 100644 index 0000000000..01314d1557 Binary files /dev/null and b/docs/images/wk_vms/worker_1.png differ diff --git a/docs/images/wk_vms/worker_2.png b/docs/images/wk_vms/worker_2.png new file mode 100644 index 0000000000..9a7d72f8a5 Binary files /dev/null and b/docs/images/wk_vms/worker_2.png differ diff --git a/docs/images/wk_vms/worker_3.png b/docs/images/wk_vms/worker_3.png new file mode 100644 index 0000000000..93d5e28cf2 Binary files /dev/null and b/docs/images/wk_vms/worker_3.png differ diff --git a/docs/images/wk_vms/worker_4.png b/docs/images/wk_vms/worker_4.png new file mode 100644 index 0000000000..817355a99e Binary files /dev/null and b/docs/images/wk_vms/worker_4.png differ diff --git a/docs/images/wk_vms/worker_5.png b/docs/images/wk_vms/worker_5.png new file mode 100644 index 0000000000..33805c50dd Binary files /dev/null and b/docs/images/wk_vms/worker_5.png differ diff --git a/docs/images/wk_vms/worker_6.png b/docs/images/wk_vms/worker_6.png new file mode 100644 index 0000000000..c71c122217 Binary files /dev/null and b/docs/images/wk_vms/worker_6.png differ diff --git a/docs/images/wk_vms/worker_7.png b/docs/images/wk_vms/worker_7.png new file mode 100644 index 0000000000..ecb13c1809 Binary files /dev/null and b/docs/images/wk_vms/worker_7.png differ diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index f43531a03a..1ce260efbf 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -45,13 +45,14 @@ The versions of Kubernetes that are supported by OOM are as follows: .. table:: OOM Software Requirements - ============== =========== ===== ======== ======== - Release Kubernetes Helm kubectl Docker - ============== =========== ===== ======== ======== - amsterdam 1.7.x 2.3.x 1.7.x 1.12.x - beijing 1.8.10 2.8.2 1.8.10 17.03.x - casablanca 1.11.5 2.9.1 1.11.5 17.03.x - ============== =========== ===== ======== ======== + ============== =========== ====== ======== ======== + Release Kubernetes Helm kubectl Docker + ============== =========== ====== ======== ======== + amsterdam 1.7.x 2.3.x 1.7.x 1.12.x + beijing 1.8.10 2.8.2 1.8.10 17.03.x + casablanca 1.11.5 2.9.1 1.11.5 17.03.x + dublin 1.13.5 2.12.3 1.13.5 18.09.5 + ============== =========== ====== ======== ======== Minimum Hardware Configuration ============================== diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index a965603efd..501deda7e4 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -1,6 +1,7 @@ -.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. This work is licensed under a +.. Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 -.. Copyright 2018 Amdocs, Bell Canada +.. Copyright 2019 Amdocs, Bell Canada .. _quick-start-label: @@ -16,28 +17,83 @@ available), follow the following instructions to deploy ONAP. **Step 1.** Clone the OOM repository from ONAP gerrit:: - > git clone -b casablanca http://gerrit.onap.org/r/oom + > git clone -b 4.0.0-ONAP http://gerrit.onap.org/r/oom --recurse-submodules > cd oom/kubernetes -**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release:: +**Step 2.** Install Helm Plugins required to deploy ONAP:: > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 3.** Customize the onap/values.yaml file to suit your deployment. You -may want to selectively enable or disable ONAP components by changing the -`enabled: true/false` flags as shown below: + +**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override +file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the +OpenStack tenant information. + +.. note:: + Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in + the oom/kubernetes/onap/resources/overrides/ directory. + + + a. You may want to selectively enable or disable ONAP components by changing + the `enabled: true/false` flags. + + + b. Encyrpt the OpenStack password using the shell tool for robot and put it in + the robot helm charts or robot section of openstack.yaml + + + c. Encrypt the OpenStack password using the java based script for SO helm charts + or SO section of openstack.yaml. + + + d. Update the OpenStack parameters that will be used by robot, SO and APPC helm + charts or use an override file to replace them. + + + + +a. Enabling/Disabling Components: +Here is an example of the nominal entries that need to be provided. +We have different values file available for different contexts. .. literalinclude:: onap-values.yaml :language: yaml + +b. Generating ROBOT Encrypted Password: +The ROBOT encrypted Password uses the same encryption.key as SO but an +openssl algorithm that works with the python based Robot Framework. + +.. note:: + To generate ROBOT openStackEncryptedPasswordHere : + + ``cd so/resources/config/mso/`` + + ``/oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` + +c. Generating SO Encrypted Password: +The SO Encrypted Password uses a java based encryption utility since the +Java encryption library is not easy to integrate with openssl/python that +ROBOT uses in Dublin. + .. note:: - To generate openStackEncryptedPasswordHere : + To generate SO openStackEncryptedPasswordHere : + + SO_ENCRYPTION_KEY=`cat ~/oom/kubenertes/so/resources/config/mso/encrypt.key` + OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX - ``root@olc-rancher:~# cd so/resources/config/mso/`` + git clone http://gerrit.onap.org/r/integration + cd integration/deployment/heat/onap-oom/scripts + javac Crypto.java + java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" - ``root@olc-rancher:~/oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` -**Step 3.** To setup a local Helm server to server up the ONAP charts:: +d. Update the OpenStack parameters: + +.. literalinclude:: example-integration-override.yaml + :language: yaml + +**Step 4.** To setup a local Helm server to server up the ONAP charts:: > helm serve & @@ -46,37 +102,58 @@ follows:: > helm repo add local http://127.0.0.1:8879 -**Step 4.** Verify your Helm repository setup with:: +**Step 5.** Verify your Helm repository setup with:: > helm repo list NAME URL local http://127.0.0.1:8879 -**Step 5.** Build a local Helm repository (from the kubernetes directory):: +**Step 6.** Build a local Helm repository (from the kubernetes directory):: > make all; make onap -**Step 6.** Display the charts that available to be deployed:: +**Step 7.** Display the onap charts that available to be deployed:: + + > helm search onap -l - > helm search -l .. literalinclude:: helm-search.txt .. note:: The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository. -**Step 7.** Once the repo is setup, installation of ONAP can be done with a -single command:: +**Step 8.** Once the repo is setup, installation of ONAP can be done with a +single command + +.. note:: + The --timeout 900 is currently required in Dublin to address long running initialization tasks + for DMaaP and SO. Without this timeout value both applications may fail to deploy. + + a. To deploy all ONAP applications use this command:: + + > cd oom/kubernetes + > helm deploy dev local/onap --namespace onap -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 + + b. If you are using a custom override (e.g. integration-override.yaml) use this command:: + + > helm deploy dev local/onap -f /root/integration-override.yaml --namespace onap --timeout 900 + + + c. If you have a slower cloud environment you may want to use the public-cloud.yaml + which has longer delay intervals on database updates.:: + + > helm deploy dev local/onap -f /root/oom/kubernetes/onap/resources/environments/public-cloud.yaml -f /root/integration-override.yaml --namespace onap --timeout 900 - > helm deploy dev local/onap --namespace onap +**Step 9.** Commands to interact with the OOM installation -Use the following to monitor your deployment and determine when ONAP is ready for use:: +Use the following to monitor your deployment and determine when ONAP is +ready for use:: - > kubectl get pods --all-namespaces -o=wide + > kubectl get pods -n onap -o=wide Undeploying onap can be done using the following command:: > helm undeploy dev --purge -More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins \ No newline at end of file +More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index 5159377386..3ccde8d418 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -16,456 +16,446 @@ .. _onap-on-kubernetes-with-rancher: -ONAP on Kubernetes with Rancher -############################### +ONAP on HA Kubernetes Cluster +############################# -The following instructions will step you through the installation of Kubernetes -on an OpenStack environment with Rancher. The development lab used for this -installation is the ONAP Windriver lab. +This guide provides instructions on how to setup a Highly-Available Kubernetes Cluster. +For this, we are hosting our cluster on OpenStack VMs and using the Rancher Kubernetes Engine (RKE) +to deploy and manage our Kubernetes Cluster. -This guide does not cover all of the steps required to setup your OpenStack -environment: e.g. OAM networks and security groups but there is a wealth of -OpenStack information on the web. +.. contents:: + :depth: 1 + :local: +.. -Rancher Installation -==================== +The result at the end of this tutorial will be: -The following instructions describe how to create an Openstack VM running -Rancher. This node will not be used to host ONAP itself, it will be used -exclusively by Rancher. +*1.* Creation of a Key Pair to use with Open Stack and RKE -Launch new VM instance to host the Rancher Server -------------------------------------------------- +*2.* Creation of OpenStack VMs to host Kubernetes Control Plane -.. image:: Rancher-Launch_new_VM_instance_to_host_the_Rancher_Server.jpeg +*3.* Creation of OpenStack VMs to host Kubernetes Workers -Select Ubuntu 16.04 as base image +*4.* Installation and configuration of RKE to setup an HA Kubernetes + +*5.* Installation and configuration of kubectl + +*5.* Installation and configuration of helm + +*7.* Creation of an NFS Server to be used by ONAP as shared persistance + +There are many ways one can execute the above steps. Including automation through the use of HEAT to setup the OpenStack VMs. +To better illustrate the steps involved, we have captured the manual creation of such an environment using the ONAP Wind River Open Lab. + +Create Key Pair +=============== +A Key Pair is required to access the created OpenStack VMs and will be used by +RKE to configure the VMs for Kubernetes. + +Use an existing key pair, import one or create a new one to assign. + +.. image:: images/keys/key_pair_1.png + +.. Note:: + If you're creating a new Key Pair, ensure to create a local copy of the Private Key through the use of "Copy Private Key to Clipboard". + +For the purpose of this guide, we will assume a new local key called "onap-key" +has been downloaded and is copied into **~/.ssh/**, from which it can be referenced. + +Example: + > mv onap-key ~/.ssh + + > chmod 600 ~/.ssh/onap-key + + +Create Kubernetes Control Plane VMs +=================================== + +The following instructions describe how to create 3 OpenStack VMs to host the +Highly-Available Kubernetes Control Plane. +ONAP workloads will not be scheduled on these Control Plane nodes. + +Launch new VM instances +----------------------- + +.. image:: images/cp_vms/control_plane_1.png + +Select Ubuntu 18.04 as base image --------------------------------- -Select "No" on "Create New Volume" +Select "No" for "Create New Volume" -.. image:: Rancher-Select_Ubuntu_16.04_as_base_image.jpeg +.. image:: images/cp_vms/control_plane_2.png Select Flavor ------------- -Known issues exist if flavor is too small for Rancher. Please select a flavor -with at least 4 vCPU and 8GB ram. A size of 8 vCPU and 16GB ram is recommended. +The recommended flavor is at least 4 vCPU and 8GB ram. -.. image:: Rancher-Select_Flavor.jpeg +.. image:: images/cp_vms/control_plane_3.png Networking ---------- -.. image:: Rancher-Networking.jpeg +.. image:: images/cp_vms/control_plane_4.png Security Groups --------------- -.. image:: Rancher-Security_Groups.jpeg +.. image:: images/cp_vms/control_plane_5.png Key Pair -------- -Use an existing key pair (e.g. onap_key), import an existing one or create a -new one to assign. +Assign the key pair that was created/selected previously (e.g. onap_key). -.. image:: Rancher-Key_Pair.jpeg +.. image:: images/cp_vms/control_plane_6.png -Apply customization script for the Rancher VM ---------------------------------------------- +Apply customization script for Control Plane VMs +------------------------------------------------ -Click :download:`openstack-rancher.sh ` to download the -script. +Click :download:`openstack-k8s-controlnode.sh ` +to download the script. -.. literalinclude:: openstack-rancher.sh +.. literalinclude:: openstack-k8s-controlnode.sh :language: bash This customization script will: -* setup root access to the VM (comment out if you wish to disable this - capability and restrict access to ssh access only) +* update ubuntu * install docker -* install rancher -* install kubectl -* install helm -* install nfs server - -.. note:: - The Casablanca release of OOM only supports Helm 2.9.1 not the 2.7.2 shown in - the screen capture below. The supported versions of all the software components - are listed in the :ref:`cloud-setup-guide-label`. -.. image:: Apply_customization_script_for_the_Rancher_VM.jpeg +.. image:: images/cp_vms/control_plane_7.png Launch Instance --------------- -.. image:: Rancher-Launch_Instance.jpeg - -Assign Floating IP for external access --------------------------------------- - -.. image:: Rancher-Allocate_Floating_IP.jpeg - -.. image:: Rancher-Manage_Floating_IP_Associations.jpeg +.. image:: images/cp_vms/control_plane_8.png -.. image:: Rancher-Launch_Instance.jpeg -Kubernetes Installation -======================= -Launch new VM instance(s) to create a Kubernetes single host or cluster ------------------------------------------------------------------------ +Create Kubernetes Worker VMs +============================ +The following instructions describe how to create OpenStack VMs to host the +Highly-Available Kubernetes Workers. ONAP workloads will only be scheduled on these nodes. -To create a cluster: +Launch new VM instances +----------------------- -.. note:: - #. do not append a '-1' suffix (e.g. sb4-k8s) - #. increase count to the # of of kubernetes worker nodes you want (eg. 3) +The number and size of Worker VMs is depenedent on the size of the ONAP deployment. +By default, all ONAP applications are deployed. It's possible to customize the deployment +and enable a subset of the ONAP applications. For the purpose of this guide, however, +we will deploy 12 Kubernetes Workers that have been sized to handle the entire ONAP +application workload. -.. image:: K8s-Launch_new_VM_instance_to_create_a_Kubernetes_single_host_or_cluster.jpeg +.. image:: images/wk_vms/worker_1.png -Select Ubuntu 16.04 as base image +Select Ubuntu 18.04 as base image --------------------------------- Select "No" on "Create New Volume" -.. image:: K8s-Select_Ubuntu_16.04_as_base_image.jpeg +.. image:: images/wk_vms/worker_2.png Select Flavor ------------- -The size of a Kubernetes host depends on the size of the ONAP deployment that -will be installed. - -As of the Casablanca release a minimum 224GB will be needed to run a -full ONAP deployment (all components). It is recommended that more hosts are -used with fewer resources instead of only a few large hosts. For example 14 x -16GB hosts. +The size of Kubernetes hosts depend on the size of the ONAP deployment +being installed. -If a small subset of ONAP components are being deployed for testing purposes, -then a single 16GB or 32GB host should suffice. +If a small subset of ONAP applications are being deployed +(i.e. for testing purposes), then 16GB or 32GB may be sufficient. -.. image:: K8s-Select_Flavor.jpeg +.. image:: images/wk_vms/worker_3.png Networking ----------- -.. image:: K8s-Networking.jpeg +.. image:: images/wk_vms/worker_4.png Security Group --------------- -.. image:: K8s-Security_Group.jpeg +.. image:: images/wk_vms/worker_5.png Key Pair -------- -Use an existing key pair (e.g. onap_key), import an existing one or create a -new one to assign. +Assign the key pair that was created/selected previously (e.g. onap_key). -.. image:: K8s-Key_Pair.jpeg +.. image:: images/wk_vms/worker_6.png Apply customization script for Kubernetes VM(s) ----------------------------------------------- -Click :download:`openstack-k8s-node.sh ` to -download the script. +Click :download:`openstack-k8s-workernode.sh ` to download the +script. -.. literalinclude:: openstack-k8s-node.sh +.. literalinclude:: openstack-k8s-workernode.sh :language: bash This customization script will: -* setup root access to the VM (comment out if you wish to disable this - capability and restrict access to ssh access only) +* update ubuntu * install docker -* install kubectl -* install helm -* install nfs common (see configuration step here) +* install nfs common -.. note:: - Ensure you are using the correct versions as described in the - :ref:`cloud-setup-guide-label` Launch Instance --------------- -.. image:: K8s-Launch_Instance.jpeg +.. image:: images/wk_vms/worker_7.png -Assign Floating IP for external access --------------------------------------- -.. image:: K8s-Manage_Floating_IP_Associations.jpeg -.. image:: K8s-Launch_Instance.jpeg -Setting up an NFS share for Multinode Kubernetes Clusters -========================================================= -The figure below illustrates a possible topology of a multinode Kubernetes -cluster. +Assign Floating IP addresses +---------------------------- +Assign Floating IPs to all Control Plane and Worker VMs. +These addresses provide external access to the VMs and will be used by RKE +to configure kubernetes on to the VMs. -.. image:: k8s-topology.jpg +Repeat the following for each VM previously created: -One node, the Master Node, runs Rancher and Helm clients and connects to all -the Kubernetes nodes in the cluster. Kubernetes nodes, in turn, run Rancher, -Kubernetes and Tiller (Helm) agents, which receive, execute, and respond to -commands issued by the Master Node (e.g. kubectl or helm operations). Note that -the Master Node can be either a remote machine that the user can log in to or a -local machine (e.g. laptop, desktop) that has access to the Kubernetes cluster. +.. image:: images/floating_ips/floating_1.png -Deploying applications to a Kubernetes cluster requires Kubernetes nodes to -share a common, distributed filesystem. One node in the cluster plays the role -of NFS Master (not to confuse with the Master Node that runs Rancher and Helm -clients, which is located outside the cluster), while all the other cluster -nodes play the role of NFS slaves. In the figure above, the left-most cluster -node plays the role of NFS Master (indicated by the crown symbol). To properly -set up an NFS share on Master and Slave nodes, the user can run the scripts -below. +Resulting floating IP assignments in this example. -Click :download:`master_nfs_node.sh ` to download the -script. +.. image:: images/floating_ips/floating_2.png -.. literalinclude:: master_nfs_node.sh - :language: bash -Click :download:`slave_nfs_node.sh ` to download the script. -.. literalinclude:: slave_nfs_node.sh - :language: bash -The master_nfs_node.sh script runs in the NFS Master node and needs the list of -NFS Slave nodes as input, e.g.:: +Configure Rancher Kubernetes Engine (RKE) +========================================= - > sudo ./master_nfs_node.sh node1_ip node2_ip ... nodeN_ip +Install RKE +----------- +Download and install RKE on a VM, desktop or laptop. +Binaries can be found here for Linux and Mac: https://github.com/rancher/rke/releases/tag/v0.2.1 -The slave_nfs_node.sh script runs in each NFS Slave node and needs the IP of -the NFS Master node as input, e.g.:: +RKE requires a *cluster.yml* as input. An example file is show below that +describes a Kubernetes cluster that will be mapped onto the OpenStack VMs +created earlier in this guide. - > sudo ./slave_nfs_node.sh master_node_ip +Example: **cluster.yml** + +.. image:: images/rke/rke_1.png -Configuration (Rancher and Kubernetes) -====================================== +Click :download:`cluster.yml ` to download the +configuration file. -Access Rancher server via web browser -------------------------------------- -(e.g. http://10.12.6.16:8080/env/1a5/apps/stacks) +.. literalinclude:: cluster.yml + :language: yaml -.. image:: Access_Rancher_server_via_web_browser.jpeg +Prepare cluster.yml +------------------- +Before this configuration file can be used the external **address** +and the **internal_address** must be mapped for each control and worker node +in this file. + +Run RKE +------- +From within the same directory as the cluster.yml file, simply execute: + + > rke up + +The output will look something like: + +.. code-block:: + + INFO[0000] Initiating Kubernetes cluster + INFO[0000] [certificates] Generating admin certificates and kubeconfig + INFO[0000] Successfully Deployed state file at [./cluster.rkestate] + INFO[0000] Building Kubernetes cluster + INFO[0000] [dialer] Setup tunnel for host [10.12.6.82] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.249] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.74] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.85] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.238] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.89] + INFO[0000] [dialer] Setup tunnel for host [10.12.5.11] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.90] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.244] + INFO[0000] [dialer] Setup tunnel for host [10.12.5.165] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.126] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.111] + INFO[0000] [dialer] Setup tunnel for host [10.12.5.160] + INFO[0000] [dialer] Setup tunnel for host [10.12.5.191] + INFO[0000] [dialer] Setup tunnel for host [10.12.6.195] + INFO[0002] [network] Deploying port listener containers + INFO[0002] [network] Pulling image [nexus3.onap.org:10001/rancher/rke-tools:v0.1.27] on host [10.12.6.85] + INFO[0002] [network] Pulling image [nexus3.onap.org:10001/rancher/rke-tools:v0.1.27] on host [10.12.6.89] + INFO[0002] [network] Pulling image [nexus3.onap.org:10001/rancher/rke-tools:v0.1.27] on host [10.12.6.90] + INFO[0011] [network] Successfully pulled image [nexus3.onap.org:10001/rancher/rke-tools:v0.1.27] on host [10.12.6.89] + . . . . + INFO[0309] [addons] Setting up Metrics Server + INFO[0309] [addons] Saving ConfigMap for addon rke-metrics-addon to Kubernetes + INFO[0309] [addons] Successfully saved ConfigMap for addon rke-metrics-addon to Kubernetes + INFO[0309] [addons] Executing deploy job rke-metrics-addon + INFO[0315] [addons] Metrics Server deployed successfully + INFO[0315] [ingress] Setting up nginx ingress controller + INFO[0315] [addons] Saving ConfigMap for addon rke-ingress-controller to Kubernetes + INFO[0316] [addons] Successfully saved ConfigMap for addon rke-ingress-controller to Kubernetes + INFO[0316] [addons] Executing deploy job rke-ingress-controller + INFO[0322] [ingress] ingress controller nginx deployed successfully + INFO[0322] [addons] Setting up user addons + INFO[0322] [addons] no user addons defined + INFO[0322] Finished building Kubernetes cluster successfully + +Install Kubectl +=============== + +Download and install kubectl. Binaries can be found here for Linux and Mac: + +https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/linux/amd64/kubectl +https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/darwin/amd64/kubectl + +Validate deployment +------------------- + > cp kube_config_cluster.yml ~/.kube/config.onap -Add Kubernetes Environment to Rancher -------------------------------------- + > export KUBECONFIG=~/.kube/config.onap -1. Select “Manage Environments” + > kubectl config use-context onap -.. image:: Add_Kubernetes_Environment_to_Rancher.png + > kubectl get nodes -o=wide -2. Select “Add Environment” +.. code-block:: -.. image:: Select_Add_Environment.png + NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME + onap-control-1 Ready controlplane,etcd 3h53m v1.13.5 10.0.0.8 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-control-2 Ready controlplane,etcd 3h53m v1.13.5 10.0.0.11 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-control-3 Ready controlplane,etcd 3h53m v1.13.5 10.0.0.12 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-1 Ready worker 3h53m v1.13.5 10.0.0.14 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-10 Ready worker 3h53m v1.13.5 10.0.0.16 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-11 Ready worker 3h53m v1.13.5 10.0.0.18 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-12 Ready worker 3h53m v1.13.5 10.0.0.7 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-2 Ready worker 3h53m v1.13.5 10.0.0.26 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-3 Ready worker 3h53m v1.13.5 10.0.0.5 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-4 Ready worker 3h53m v1.13.5 10.0.0.6 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-5 Ready worker 3h53m v1.13.5 10.0.0.9 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-6 Ready worker 3h53m v1.13.5 10.0.0.17 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-7 Ready worker 3h53m v1.13.5 10.0.0.20 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-8 Ready worker 3h53m v1.13.5 10.0.0.10 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 + onap-k8s-9 Ready worker 3h53m v1.13.5 10.0.0.4 Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 -3. Add unique name for your new Rancher environment -4. Select the Kubernetes template +Install Helm +============ -5. Click "create" +Example Helm client install on Linux: + > wget http://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz -.. image:: Click_create.jpeg + > tar -zxvf helm-v2.12.3-linux-amd64.tar.gz -6. Select the new named environment (ie. SB4) from the dropdown list (top - left). + > sudo mv linux-amd64/helm /usr/local/bin/helm -Rancher is now waiting for a Kubernetes Host to be added. +Initialize Kubernetes Cluster for use by Helm +--------------------------------------------- + > kubectl -n kube-system create serviceaccount tiller -.. image:: K8s-Assign_Floating_IP_for_external_access.jpeg + > kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller -Add Kubernetes Host -------------------- + > helm init --service-account tiller -1. If this is the first (or only) host being added - click on the "Add a host" - link + > kubectl -n kube-system  rollout status deploy/tiller-deploy -.. image:: K8s-Assign_Floating_IP_for_external_access.jpeg -and click on "Save" (accept defaults). -.. image:: and_click_on_Save_accept_defaults.jpeg +Setting up an NFS share for Multinode Kubernetes Clusters +========================================================= +Deploying applications to a Kubernetes cluster requires Kubernetes nodes to +share a common, distributed filesystem. In this tutorial, we will setup an +NFS Master, and configure all Worker nodes a Kubernetes cluster to play +the role of NFS slaves. + +It is recommneded that a separate VM, outside of the kubernetes +cluster, be used. This is to ensure that the NFS Master does not compete for +resources with Kubernetes Control Plane or Worker Nodes. + + +Launch new NFS Server VM instance +--------------------------------- +.. image:: images/nfs_server/nfs_server_1.png + +Select Ubuntu 18.04 as base image +--------------------------------- +Select "No" on "Create New Volume" + +.. image:: images/nfs_server/nfs_server_2.png + +Select Flavor +------------- + +.. image:: images/nfs_server/nfs_server_3.png + +Networking +----------- + +.. image:: images/nfs_server/nfs_server_4.png + +Security Group +--------------- + +.. image:: images/nfs_server/nfs_server_5.png + +Key Pair +-------- +Assign the key pair that was created/selected previously (e.g. onap_key). -otherwise select INFRASTRUCTURE→ Hosts and click on "Add Host" +.. image:: images/nfs_server/nfs_server_6.png -.. image:: otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg +Apply customization script for NFS Server VM +-------------------------------------------- -2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just - created. +Click :download:`openstack-nfs-server.sh ` to download the +script. -3. Click on “Copy to Clipboard” button +.. literalinclude:: openstack-k8s-workernode.sh + :language: bash -4. Click on “Close” button +This customization script will: -.. image:: Click_on_Close_button.jpeg +* update ubuntu +* install nfs server -Without the 10.0.0.4 IP - the CATTLE_AGENT will be derived on the host - but it -may not be a routable IP. -Configure Kubernetes Host -------------------------- +Launch Instance +--------------- -1. Login to the new Kubernetes Host:: +.. image:: images/nfs_server/nfs_server_7.png - > ssh -i ~/oom-key.pem ubuntu@10.12.5.1 - The authenticity of host '10.12.5.172 (10.12.5.172)' can't be established. - ECDSA key fingerprint is SHA256:tqxayN58nCJKOJcWrEZzImkc0qKQHDDfUTHqk4WMcEI. - Are you sure you want to continue connecting (yes/no)? yes - Warning: Permanently added '10.12.5.172' (ECDSA) to the list of known hosts. - Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-64-generic x86_64) - * Documentation: https://help.ubuntu.com - * Management: https://landscape.canonical.com - * Support: https://ubuntu.com/advantage - Get cloud support with Ubuntu Advantage Cloud Guest: - http://www.ubuntu.com/business/services/cloud +Assign Floating IP addresses +---------------------------- - 180 packages can be updated. - 100 updates are security updates. +.. image:: images/nfs_server/nfs_server_8.png - The programs included with the Ubuntu system are free software; - the exact distribution terms for each program are described in the - individual files in /usr/share/doc/*/copyright. +Resulting floating IP assignments in this example. - Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by - applicable law. +.. image:: images/nfs_server/nfs_server_9.png - To run a command as administrator (user "root"), use "sudo ". - See "man sudo_root" for details. - ubuntu@sb4-k8s-1:~$ +To properly set up an NFS share on Master and Slave nodes, the user can run the +scripts below. +Click :download:`master_nfs_node.sh ` to download the +script. + +.. literalinclude:: master_nfs_node.sh + :language: bash -2. Paste Clipboard content and hit enter to install Rancher Agent:: +Click :download:`slave_nfs_node.sh ` to download the script. - ubuntu@sb4-k8s-1:~$ sudo docker run -e CATTLE_AGENT_IP="10.0.0.4“ --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.2.9 http://10.12.6.16:8080/v1/scripts/5D757C68BD0A2125602A:1514678400000:yKW9xHGJDLvq6drz2eDzR2mjato - Unable to find image 'rancher/agent:v1.2.9' locally - v1.2.9: Pulling From rancher/agent - b3e1c725a85f: Pull complete - 6071086409fc: Pull complete - d0ac3b234321: Pull complete - 87f567b5cf58: Pull complete - a63e24b217c4: Pull complete - d0a3f58caef0: Pull complete - 16914729cfd3: Pull complete - dc5c21984c5b: Pull complete - d7e8f9784b20: Pull complete - Digest: sha256:c21255ac4d94ffbc7b523F870F20ea5189b68Fa3d642800adb4774aab4748e66 - Status: Downloaded newer image for rancher/agent:v1.2.9 +.. literalinclude:: slave_nfs_node.sh + :language: bash + +The master_nfs_node.sh script runs in the NFS Master node and needs the list of +NFS Slave nodes as input, e.g.:: + + > sudo ./master_nfs_node.sh node1_ip node2_ip ... nodeN_ip + +The slave_nfs_node.sh script runs in each NFS Slave node and needs the IP of +the NFS Master node as input, e.g.:: + + > sudo ./slave_nfs_node.sh master_node_ip - INFO: Running Agent Registration Process, CATTLE_URL=http://10.12.6.16:8080/v1 - INFO: Attempting to connect to: http://10.12.6.16:8080/v1 - INFO: http://10.12.6.16:8080/v1 is accessible - INFO: Inspecting host capabilities - INFO: Boot2Docker: false - INFO: Host writable: true - INFO: Token: xxxxxxxx - INFO: Running registration - INFO: Printing Environment - INFO: ENV: CATTLE_ACCESS_KEY=98B35AC484FBF820E0AD - INFO: ENV: CATTLE_AGENT_IP=10.0.9.4 - INFO: ENV: CATTLE_HOME=/var/lib/cattle - INFO: ENV: CATTLE_REGISTRATION_ACCESS_KEY=registrationToken - INFO: ENV: CATTLE_REGISTRATION_SECRET_KEY=xxxxxxx - INFO: ENV: CATTLE_SECRET_KEY=xxxxxxx - INFO: ENV: CATTLE_URL=http://10.12.6.16:8080/v1 - INFO: ENV: DETECTED_CATTLE_AGENT_IP=10.12.5.172 - INFO: ENV: RANCHER_AGENT_IMAGE=rancher/agent:v1.2.9 - INFO: Launched Rancher Agent: c27ee0f3dc4c783b0db647ea1f73c35b3843a4b8d60b96375b1a05aa77d83136 - ubuntu@sb4-k8s-1:~$ - -3. Return to Rancher environment (e.g. SB4) and wait for services to complete - (~ 10-15 mins) - -.. image:: Return_to_Rancher_environment_eg_SB4_and_wait_for_services_to_complete_10-15_mins.jpeg - -Configure kubectl and helm -========================== -In this example we are configuring kubectl and helm that have been installed -(as a convenience) onto the rancher and kubernetes hosts. Typically you would -install them both on your PC and remotely connect to the cluster. The following -procedure would remain the same. - -1. Click on CLI and then click on “Generate Config” - -.. image:: Click_on_CLI_and_then_click_on_Generate_Config.jpeg - -2. Click on “Copy to Clipboard” - wait until you see a "token" - do not copy - user+password - the server is not ready at that point - -.. image:: Click_on_Copy_to_Clipboard-wait_until_you_see_a_token-do_not_copy_user+password-the_server_is_not_ready_at_that_point.jpeg - -3. Create a .kube directory in user directory (if one does not exist):: - - ubuntu@sb4-kSs-1:~$ mkdir .kube - ubuntu@sb4-kSs-1:~$ vi .kube/config - -4. Paste contents of Clipboard into a file called “config” and save the file:: - - apiVersion: v1 - kind : Config - clusters: - - cluster: - api-version: v1 - insecure-skip-tls-verify: true - server: "https://10.12.6.16:8080/r/projects/1a7/kubernetes:6443" - name: "SB4" - contexts: - - context: - cluster: "SB4" - user: "SB4" - name: "SB4" - current-context: "SB4" - users: - - name: "SB4" - user: - token: "QmFzaWMgTlRBd01qZzBOemc)TkRrMk1UWkNOMFpDTlVFNlExcHdSa1JhVZreE5XSm1TRGhWU2t0Vk1sQjVhalZaY0dWaFVtZGFVMHQzWW1WWVJtVmpSQT09" - -5. Validate that kubectl is able to connect to the kubernetes cluster:: - - ubuntu@sb4-k8s-1:~$ kubectl config get-contexts - CURRENT NAME CLUSTER AUTHINFO NAMESPACE - * SB4 SB4 SB4 - ubuntu@sb4-kSs-1:~$ - -and show running pods:: - - ubuntu@sb4-k8s-1:~$ kubectl get pods --all-namespaces -o=wide - NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE - kube-system heapster—7Gb8cd7b5 -q7p42 1/1 Running 0 13m 10.42.213.49 sb4-k8s-1 - kube-system kube-dns-5d7bM87c9-c6f67 3/3 Running 0 13m 10.42.181.110 sb4-k8s-1 - kube-system kubernetes-dashboard-f9577fffd-kswjg 1/1 Running 0 13m 10.42.105.113 sb4-k8s-1 - kube-system monitoring-grafana-997796fcf-vg9h9 1/1 Running 0 13m 10.42,141.58 sb4-k8s-1 - kube-system monitoring-influxdb-56chd96b-hk66b 1/1 Running 0 13m 10.4Z.246.90 sb4-k8s-1 - kube-system tiller-deploy-cc96d4f6b-v29k9 1/1 Running 0 13m 10.42.147.248 sb4-k8s-1 - ubuntu@sb4-k8s-1:~$ - -6. Validate helm is running at the right version. If not, an error like this - will be displayed:: - - ubuntu@sb4-k8s-1:~$ helm list - Error: incompatible versions c1ient[v2.9.1] server[v2.6.1] - ubuntu@sb4-k8s-1:~$ - -7. Upgrade the server-side component of helm (tiller) via `helm init --upgrade`:: - - ubuntu@sb4-k8s-1:~$ helm init --upgrade - Creating /home/ubuntu/.helm - Creating /home/ubuntu/.helm/repository - Creating /home/ubuntu/.helm/repository/cache - Creating /home/ubuntu/.helm/repository/local - Creating /home/ubuntu/.helm/plugins - Creating /home/ubuntu/.helm/starters - Creating /home/ubuntu/.helm/cache/archive - Creating /home/ubuntu/.helm/repository/repositories.yaml - Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com - Adding local repo with URL: http://127.0.0.1:8879/charts - $HELM_HOME has been configured at /home/ubuntu/.helm. - - Tiller (the Helm server-side component) has been upgraded to the current version. - Happy Helming! - ubuntu@sb4-k8s-1:~$ ONAP Deployment via OOM ======================= diff --git a/docs/openstack-k8s-controlnode.sh b/docs/openstack-k8s-controlnode.sh new file mode 100644 index 0000000000..1d230c2da4 --- /dev/null +++ b/docs/openstack-k8s-controlnode.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +DOCKER_VERSION=18.09.5 + +apt-get update + +curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh +mkdir -p /etc/systemd/system/docker.service.d/ +cat > /etc/systemd/system/docker.service.d/docker.conf << EOF +[Service] +ExecStart= +ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 +EOF + +sudo usermod -aG docker ubuntu + +systemctl daemon-reload +systemctl restart docker +apt-mark hold docker-ce + +IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` +HOSTNAME=`hostname` + +echo "$IP_ADDR $HOSTNAME" >> /etc/hosts + +docker login -u docker -p docker nexus3.onap.org:10001 + +sudo apt-get install make -y + + +exit 0 diff --git a/docs/openstack-k8s-node.sh b/docs/openstack-k8s-node.sh deleted file mode 100644 index 308f2204ff..0000000000 --- a/docs/openstack-k8s-node.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -DOCKER_VERSION=17.03 -KUBECTL_VERSION=1.11.5 -HELM_VERSION=2.9.1 - -# setup root access - default login: oom/oom - comment out to restrict access too ssh key only -sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config -sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config -service sshd restart -echo -e "oom\noom" | passwd root - -apt-get update -curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh -mkdir -p /etc/systemd/system/docker.service.d/ -cat > /etc/systemd/system/docker.service.d/docker.conf << EOF -[Service] -ExecStart= -ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 -EOF -systemctl daemon-reload -systemctl restart docker -apt-mark hold docker-ce - -IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` - -echo "$IP_ADDY $HOSTNAME" >> /etc/hosts - -docker login -u docker -p docker nexus3.onap.org:10001 - -sudo apt-get install make -y - -sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl -sudo chmod +x ./kubectl -sudo mv ./kubectl /usr/local/bin/kubectl -sudo mkdir ~/.kube -wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz -sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz -sudo mv linux-amd64/helm /usr/local/bin/helm - -# install nfs -sudo apt-get install nfs-common -y - - -exit 0 diff --git a/docs/openstack-k8s-workernode.sh b/docs/openstack-k8s-workernode.sh new file mode 100644 index 0000000000..3f32d050a9 --- /dev/null +++ b/docs/openstack-k8s-workernode.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +DOCKER_VERSION=18.09.5 + +apt-get update + +curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh +mkdir -p /etc/systemd/system/docker.service.d/ +cat > /etc/systemd/system/docker.service.d/docker.conf << EOF +[Service] +ExecStart= +ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 +EOF + +sudo usermod -aG docker ubuntu + +systemctl daemon-reload +systemctl restart docker +apt-mark hold docker-ce + +IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` +HOSTNAME=`hostname` + +echo "$IP_ADDR $HOSTNAME" >> /etc/hosts + +docker login -u docker -p docker nexus3.onap.org:10001 + +sudo apt-get install make -y + +# install nfs +sudo apt-get install nfs-common -y + + +exit 0 diff --git a/docs/openstack-nfs-server.sh b/docs/openstack-nfs-server.sh new file mode 100644 index 0000000000..1db04eaff6 --- /dev/null +++ b/docs/openstack-nfs-server.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +apt-get update + +IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` +HOSTNAME=`hostname` + +echo "$IP_ADDR $HOSTNAME" >> /etc/hosts + +sudo apt-get install make -y + +# nfs server +sudo apt-get install nfs-kernel-server -y + +sudo mkdir -p /nfs_share +sudo chown nobody:nogroup /nfs_share/ + +exit 0 diff --git a/docs/openstack-rancher.sh b/docs/openstack-rancher.sh deleted file mode 100644 index ac91ff5566..0000000000 --- a/docs/openstack-rancher.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -DOCKER_VERSION=17.03 -RANCHER_VERSION=1.6.22 -KUBECTL_VERSION=1.11.5 -HELM_VERSION=2.9.1 - -# setup root access - default login: oom/oom - comment out to restrict access too ssh key only -sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config -sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config -service sshd restart -echo -e "oom\noom" | passwd root - -apt-get update -curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh -mkdir -p /etc/systemd/system/docker.service.d/ -cat > /etc/systemd/system/docker.service.d/docker.conf << EOF -[Service] -ExecStart= -ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 -EOF -systemctl daemon-reload -systemctl restart docker -apt-mark hold docker-ce - -IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` - -echo "$IP_ADDY $HOSTNAME" >> /etc/hosts - -docker login -u docker -p docker nexus3.onap.org:10001 - -sudo apt-get install make -y - -sudo docker run -d --restart=unless-stopped -p 8080:8080 --name rancher_server rancher/server:v$RANCHER_VERSION -sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl -sudo chmod +x ./kubectl -sudo mv ./kubectl /usr/local/bin/kubectl -sudo mkdir ~/.kube -wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz -sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz -sudo mv linux-amd64/helm /usr/local/bin/helm - -# nfs server -sudo apt-get install nfs-kernel-server -y - -sudo mkdir -p /nfs_share -sudo chown nobody:nogroup /nfs_share/ - - -exit 0 diff --git a/kubernetes/aaf/.gitignore b/kubernetes/aaf/.gitignore new file mode 100644 index 0000000000..3a4f8ba352 --- /dev/null +++ b/kubernetes/aaf/.gitignore @@ -0,0 +1 @@ +/sms/ diff --git a/kubernetes/aaf/charts/aaf-cs/.helmignore b/kubernetes/aaf/charts/aaf-cass/.helmignore similarity index 100% rename from kubernetes/aaf/charts/aaf-cs/.helmignore rename to kubernetes/aaf/charts/aaf-cass/.helmignore diff --git a/kubernetes/aaf/charts/aaf-cs/Chart.yaml b/kubernetes/aaf/charts/aaf-cass/Chart.yaml similarity index 97% rename from kubernetes/aaf/charts/aaf-cs/Chart.yaml rename to kubernetes/aaf/charts/aaf-cass/Chart.yaml index ff083ac95f..f06d149300 100644 --- a/kubernetes/aaf/charts/aaf-cs/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-cass/Chart.yaml @@ -14,5 +14,5 @@ apiVersion: v1 description: ONAP AAF cassandra -name: aaf-cs +name: aaf-cass version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-cs/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt similarity index 100% rename from kubernetes/aaf/charts/aaf-cs/templates/NOTES.txt rename to kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt diff --git a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml similarity index 59% rename from kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml rename to kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml index 3abdcb3c7f..c664d034bb 100644 --- a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.cass.replicas }} template: metadata: labels: @@ -32,39 +32,62 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_cass:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] + lifecycle: + preStop: + exec: + command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-cass"] ports: - - containerPort: {{ .Values.service.externalPort }} - - containerPort: {{ .Values.service.externalPort2 }} - - containerPort: {{ .Values.service.externalPort3 }} - - containerPort: {{ .Values.service.externalPort4 }} + - name: storage + containerPort: {{.Values.global.aaf.cass.storage_port}} + - name: ssl-storage + containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} + - name: native-trans + containerPort: {{.Values.global.aaf.cass.native_trans_port}} + - name: rpc + containerPort: {{.Values.global.aaf.cass.rpc_port}} env: - name: CASSANDRA_CLUSTER_NAME - value: "osaaf" + value: {{.Values.global.aaf.cass.cluster_name}} - name: CASSANDRA_DC - value: "dc1" + value: {{.Values.global.aaf.cass.dc}} - name: HEAP_NEWSIZE - value: "512M" + value: {{.Values.global.aaf.cass.heap_new_size}} - name: MAX_HEAP_SIZE - value: "1024M" + value: {{.Values.global.aaf.cass.max_heap_size}} + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP volumeMounts: - mountPath: /var/lib/cassandra - name: cassandra-storage + name: aaf-cass-vol + - mountPath: /opt/app/aaf/status + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort3 }} + port: {{.Values.global.aaf.cass.native_trans_port}} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort3 }} + port: {{.Values.global.aaf.cass.native_trans_port}} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -81,10 +104,13 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: cassandra-storage + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-cass-vol {{- if .Values.persistence.enabled }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} + claimName: {{ include "common.fullname" . }}-pvc {{- else }} emptyDir: {} {{- end }} diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml similarity index 96% rename from kubernetes/aaf/charts/aaf-cs/templates/pv.yaml rename to kubernetes/aaf/charts/aaf-cass/templates/pv.yaml index 4209179af8..8249d84698 100644 --- a/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml @@ -18,7 +18,7 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-pv namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -41,4 +41,4 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml similarity index 96% rename from kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml rename to kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml index b102ffa08d..4f9dac07b7 100644 --- a/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" .}}-pvc namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -45,4 +45,4 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml b/kubernetes/aaf/charts/aaf-cass/templates/service.yaml similarity index 57% rename from kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml rename to kubernetes/aaf/charts/aaf-cass/templates/service.yaml index d1199125d2..71882b1c6e 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,22 +22,27 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} +# annotations: +# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} + - name: storage + protocol: TCP + port: {{.Values.global.aaf.cass.storage_port}} + containerPort: {{.Values.global.aaf.cass.storage_port}} + - name: ssl-storage + protocol: TCP + port: {{.Values.global.aaf.cass.ssl_storage_port}} + containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} + - name: native-trans + protocol: TCP + port: {{.Values.global.aaf.cass.native_trans_port}} + containerPort: {{.Values.global.aaf.cass.native_trans_port}} + - name: rpc + protocol: TCP + port: {{.Values.global.aaf.cass.rpc_port}} + containerPort: {{.Values.global.aaf.cass.rpc_port}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cass/values.yaml similarity index 79% rename from kubernetes/aaf/charts/aaf-cs/values.yaml rename to kubernetes/aaf/charts/aaf-cass/values.yaml index 1d806bc631..ee05a19575 100644 --- a/kubernetes/aaf/charts/aaf-cs/values.yaml +++ b/kubernetes/aaf/charts/aaf-cass/values.yaml @@ -22,37 +22,29 @@ flavor: small ################################################################# # Application configuration defaults. ################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.8 -pullPolicy: Always - # application configuration config: {} -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 120 + initialDelaySeconds: 5 periodSeconds: 10 service: name: aaf-cass type: ClusterIP - portName: aaf-cs + portName: aaf-cass #targetPort internalPort: 7000 #port @@ -69,22 +61,23 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 10000Mi - requests: - cpu: 10m - memory: 8500Mi - large: - limits: - cpu: 400m - memory: 12000Mi - requests: - cpu: 40m - memory: 9000Mi - unlimited: {} +resources: {} + # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow +# small: +# limits: +# cpu: "1000m" +# memory: 4096Mi +# requests: +# cpu: 20m +# memory: 2048Mi +# large: +# limits: +# cpu: 400m +# memory: 12000Mi +# requests: +# cpu: 40m +# memory: 9000Mi +# unlimited: {} persistence: enabled: true @@ -93,5 +86,5 @@ persistence: mountSubPath: "cass" volumeReclaimPolicy: Retain accessMode: ReadWriteOnce - size: 10Gi + size: 20Gi storageClass: "manual" diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index f78dfdc541..87bcaa4b7c 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.cm.replicas }} template: metadata: labels: @@ -32,61 +32,70 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_cm","sleep","0","cd /opt/app/aaf;bin/cm"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_cm:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.cm.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.cm.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +112,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml b/kubernetes/aaf/charts/aaf-cm/templates/service.yaml index 281aa1cc8d..f54c4d8ee4 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.cm.internal_port }} + nodePort: {{ .Values.global.aaf.cm.public_port }} + name: aaf-cm selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index 695e65c9d5..6ace7d1143 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -24,14 +24,6 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.8 -aaf_register_as: "aaf-cm.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 nodeSelector: {} @@ -39,14 +31,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +54,20 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 800Mi - requests: - cpu: 20m - memory: 500Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 600Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 20m +# memory: 500Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 600Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-cs/templates/service.yaml b/kubernetes/aaf/charts/aaf-cs/templates/service.yaml deleted file mode 100644 index b1716e4936..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/templates/service.yaml +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -# annotations: -# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} - name: {{ .Values.service.portName }}4 - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName }}4 - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index b93844849e..9f97da96ec 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.fs.replicas }} template: metadata: labels: @@ -32,48 +32,56 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_fs","sleep","0","cd /opt/app/aaf;bin/fs"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_fs:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml b/kubernetes/aaf/charts/aaf-fs/templates/service.yaml index 281aa1cc8d..1042afd658 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.fs.internal_port }} + nodePort: {{ .Values.global.aaf.fs.public_port }} + name: aaf-hello selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index e18094a562..48ad7c10df 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -24,29 +24,23 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.8 -aaf_register_as: "aaf-fs.onap" pullPolicy: Always -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +56,20 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 10m - memory: 300Mi - large: - limits: - cpu: 500m - memory: 700Mi - requests: - cpu: 100m - memory: 400Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 10m +# memory: 300Mi +# large: +# limits: +# cpu: 500m +# memory: 700Mi +# requests: +# cpu: 100m +# memory: 400Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index 9dd87948eb..d067b5ec25 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.gui.replicas }} template: metadata: labels: @@ -32,61 +32,69 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-cm - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_gui","sleep","0","cd /opt/app/aaf;bin/gui"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-gui aaf-locate && exec bin/gui"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_gui:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.gui.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.gui.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml b/kubernetes/aaf/charts/aaf-gui/templates/service.yaml index 281aa1cc8d..ea06925708 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.gui.internal_port }} + nodePort: {{ .Values.global.aaf.gui.public_port }} + name: aaf-gui selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 7ae0e66f34..3068f14ec9 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -25,29 +25,23 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.8 -aaf_register_as: "aaf-gui.onap" pullPolicy: Always -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -64,19 +58,21 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 100m - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 200m - memory: 1Gi - requests: - cpu: 100m - memory: 500Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 100m +# memory: 500Mi +# requests: +# cpu: 10m +# memory: 200Mi +# large: +# limits: +# cpu: 200m +# memory: 1Gi +# requests: +# cpu: 100m +# memory: 500Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index c57e57f017..9faa580023 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.hello.replicas }} template: metadata: labels: @@ -32,48 +32,60 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_agent:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + - mountPath: "/opt/app/osaaf/local" + name: aaf-hello-vol + command: ["bash","-c","/opt/app/aaf_config/bin/pod_wait.sh config nc aaf-cm.{{.Release.Namespace}} 8150 remove && cd /opt/app/osaaf/local && /opt/app/aaf_config/bin/agent.sh"] env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_app_ns + value: "org.osaaf.aaf" + - name: "APP_FQDN" + value: "{{ .Values.global.aaf.hello.fqdn }}" + - name: "APP_FQI" + value: "aaf@aaf.osaaf.org" + - name: "DEPLOY_FQI" + value: "deployer@people.osaaf.org" + - name: "DEPLOY_PASSWORD" + value: "demo123456!" +# Hello specific. Clients don't necessarily need this + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: aaf_locator_fqdn_oom + value: "%N.%CNS" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_hello","sleep","0","cd /opt/app/aaf;bin/hello"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && exec bin/hello"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_hello:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + - mountPath: "/opt/app/osaaf/local" + name: aaf-hello-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -103,7 +115,10 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-hello-vol emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml index 281aa1cc8d..102e85d39e 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.hello.internal_port }} + nodePort: {{ .Values.global.aaf.hello.public_port }} + name: aaf-hello selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index 3432211cdd..c3ed9e1a64 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -18,35 +18,28 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.8 -aaf_register_as: "aaf-hello.onap" -pullPolicy: Always -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +55,21 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 20m - memory: 500Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 500Mi +# requests: +# cpu: 10m +# memory: 200Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 20m +# memory: 500Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index a2f9f55c56..f504063555 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.locate.replicas }} template: metadata: labels: @@ -32,61 +32,69 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-service - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_locate","sleep","0","cd /opt/app/aaf;bin/locate"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_locate:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.locate.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.locate.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml b/kubernetes/aaf/charts/aaf-locate/templates/service.yaml index 281aa1cc8d..606d9476b8 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.locate.internal_port }} + nodePort: {{ .Values.global.aaf.locate.public_port }} + name: aaf-locate selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index 8cbf7cf526..c13f83497f 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -24,14 +24,6 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.8 -aaf_register_as: "aaf-locate.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 nodeSelector: {} @@ -39,14 +31,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -56,25 +48,27 @@ service: #targetPort internalPort: 8095 #port - externalPort: 8095 + externalPort: 31111 ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 20m - memory: 300Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 500Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 600Mi +# requests: +# cpu: 20m +# memory: 300Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 500Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index f7a34f440c..cc328d5ca6 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.oauth.replicas }} template: metadata: labels: @@ -32,61 +32,69 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_oauth","sleep","0","cd /opt/app/aaf;bin/oauth"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_oauth:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.oauth.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.oauth.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml index d94bcae31c..bb4a0517da 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml @@ -24,16 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.oauth.internal_port }} + nodePort: {{ .Values.global.aaf.oauth.public_port }} + name: aaf-oauth selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index d90b3d7c77..3c29a62977 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -18,35 +18,26 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.8 -aaf_register_as: "aaf-oauth.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +53,21 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 400Mi - requests: - cpu: 20m - memory: 200Mi - large: - limits: - cpu: 400m - memory: 600Mi - requests: - cpu: 40m - memory: 200Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 400Mi +# requests: +# cpu: 20m +# memory: 200Mi +# large: +# limits: +# cpu: 400m +# memory: 600Mi +# requests: +# cpu: 40m +# memory: 200Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index 92d23126f4..1801bfec0c 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.service.replicas }} template: metadata: labels: @@ -32,61 +32,72 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config nc aaf-cass.{{ .Release.Namespace }} 9042 sleep 15 remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-cs - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_service","sleep","0","cd /opt/app/aaf;bin/service"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_service:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + lifecycle: + preStop: + exec: + command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-service* && echo $HOSTNAME >> aaf-service.hosts"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.service.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.service.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +114,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-service/templates/service.yaml b/kubernetes/aaf/charts/aaf-service/templates/service.yaml index 281aa1cc8d..4a318ffce3 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.service.internal_port }} + nodePort: {{ .Values.global.aaf.service.public_port }} + name: aaf-service selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 7b730a70e0..8794afe0ce 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -24,14 +24,6 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.8 -aaf_register_as: "aaf-service.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 nodeSelector: {} @@ -39,14 +31,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -56,26 +48,27 @@ service: #targetPort internalPort: 8100 #port - externalPort: 8100 - nodePort: 47 + externalPort: 31110 ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 20m - memory: 300Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 300Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 20m +# memory: 300Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 300Mi +# unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 7cd5938a62..4dc13a5660 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:3.0.1 +image: onap/aaf/smsquorumclient:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 355cd608cb..360bf4204e 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -108,4 +108,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 28b46c24e1..4a8a9c055a 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:3.0.1 +image: onap/aaf/sms:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml index bf64c6d120..1fcc155827 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -21,7 +21,7 @@ ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/abrmd:3.0.0 +image: onap/aaf/abrmd:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index 3993cfc281..e8d2f7ecaa 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/distcenter:3.0.0 +image: onap/aaf/distcenter:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml index 3fd53d28cb..5c3618d2d4 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -23,7 +23,7 @@ enabled: true ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/testcaservice:3.0.0 +image: onap/aaf/testcaservice:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/values.yaml index d06884652d..2d20d579de 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/values.yaml @@ -62,4 +62,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/aaf/templates/aaf-config-pv.yaml b/kubernetes/aaf/templates/aaf-config-pv.yaml new file mode 100644 index 0000000000..9a1e8020db --- /dev/null +++ b/kubernetes/aaf/templates/aaf-config-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-config + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/templates/aaf-config-pvc.yaml b/kubernetes/aaf/templates/aaf-config-pvc.yaml new file mode 100644 index 0000000000..b22df6d494 --- /dev/null +++ b/kubernetes/aaf/templates/aaf-config-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-config + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/kubernetes/aaf/templates/aaf-status-pv.yaml b/kubernetes/aaf/templates/aaf-status-pv.yaml new file mode 100644 index 0000000000..b8d12c5cba --- /dev/null +++ b/kubernetes/aaf/templates/aaf-status-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-status + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.status.size}} + accessModes: + - {{ .Values.persistence.status.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/templates/aaf-status-pvc.yaml b/kubernetes/aaf/templates/aaf-status-pvc.yaml new file mode 100644 index 0000000000..870ac9c89d --- /dev/null +++ b/kubernetes/aaf/templates/aaf-status-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-status + accessModes: + - {{ .Values.persistence.status.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.status.size }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 24351da9cb..1ddb604c02 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -18,25 +18,83 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.8 persistence: enabled: true + pullPolicy: Always + repository: "nexus3.onap.org:10001" + # pullPolicy: IfNotPresent + # repository: "nexus3.onap.org:10003" - cadi: - hostname: "aaf.onap" + aaf: + imageVersion: 2.1.13 + #imageVersion: latest + readiness: false + aaf_env: "DEV" + public_fqdn: "aaf.osaaf.org" + aaf_release: "Dublin" + # DUBLIN ONLY - for M4 compatibility with Casablanca + aaf_locator_name: "public.%NS.%N" + aaf_locator_name_oom: "%NS.%N" + # EL ALTO and Beyond + # aaf_locator_name: "%NS.%N" + # aaf_locator_name_oom: "%CNS.%NS.%N" cadi_latitude: "38.0" cadi_longitude: "-72.0" - aaf_env: "DEV" - cass_host: "aaf-cass.onap" - cadi_locator_as: "aaf-locate.onap" + cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US" + + cass: + replicas: 1 + fqdn: "aaf-cass" + cluster_name: "osaaf" + heap_new_size: "512M" + max_heap_size: "1024M" + storage_port: 7000 + ssl_storage_port: 7001 + native_trans_port: 9042 + rpc_port: 9160 + dc: "dc1" + service: + replicas: 1 + fqdn: "aaf-service" + internal_port: 8100 + public_port: 31110 + locate: + replicas: 1 + fqdn: "aaf-locate" + internal_port: 8095 + public_port: 31111 + oauth: + replicas: 1 + fqdn: "aaf0oauth" + internal_port: 8140 + public_port: 31112 + gui: + replicas: 1 + fqdn: "aaf-gui" + internal_port: 8200 + public_port: 31113 + cm: + replicas: 1 + fqdn: "aaf-cm" + internal_port: 8150 + public_port: 31114 + fs: + replicas: 1 + fqdn: "aaf-fs" + internal_port: 8096 + public_port: 31115 + hello: + replicas: 0 + fqdn: "aaf-hello" + internal_port: 8130 + public_port: 31116 ################################################################# # Application configuration defaults. ################################################################# -repository: nexus3.onap.org:10001 flavor: small # default number of instances @@ -48,14 +106,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 350 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 150 periodSeconds: 10 ingress: @@ -63,31 +121,35 @@ ingress: ## Persist data to a persitent volume persistence: - mountPath: "/mnt/data/aaf" enabled: true config: #existingClaim: - volumeReclaimPolicy: Retain + volumeReclaimPolicy: Delete accessMode: ReadWriteMany size: 2Gi - mountSubPath: "config" storageClass: "manual" + mountPath: "/mnt/data/aaf/config" logs: #existingClaim: volumeReclaimPolicy: Retain accessMode: ReadWriteMany size: 2Gi - mountSubPath: "logs" storageClass: "manual" - -aaf-cs: - persistence: - #existingClaim: + mountPath: "/mnt/data/aaf/logs" + status: + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 2M + storageClass: "manual" mountPath: /dockerdata-nfs - mountSubPath: "cass" + mountSubPath: "status" + cass: + #existingClaim: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 10Gi storageClass: "manual" + mountPath: /dockerdata-nfs + mountSubPath: "cass" resources: {} diff --git a/kubernetes/aai b/kubernetes/aai new file mode 160000 index 0000000000..e67a94e6be --- /dev/null +++ b/kubernetes/aai @@ -0,0 +1 @@ +Subproject commit e67a94e6be333271c8237d6ebd5fb0f489401350 diff --git a/kubernetes/aai/.helmignore b/kubernetes/aai/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml deleted file mode 100644 index c4ad263008..0000000000 --- a/kubernetes/aai/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP Active and Available Inventory -name: aai -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-babel/.helmignore b/kubernetes/aai/charts/aai-babel/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-babel/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-babel/requirements.yaml b/kubernetes/aai/charts/aai-babel/requirements.yaml deleted file mode 100644 index 78e822edf8..0000000000 --- a/kubernetes/aai/charts/aai-babel/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~4.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/aai/charts/aai-babel/resources/config/artifact-generator.properties b/kubernetes/aai/charts/aai-babel/resources/config/artifact-generator.properties deleted file mode 100644 index e246b00c2e..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/config/artifact-generator.properties +++ /dev/null @@ -1,285 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -#action widget details -AAI.model-version-id.action=fd7fb09e-d930-41b9-b83f-cfde9df48640 -AAI.model-invariant-id.action=af593b4b-490e-4665-ad74-2f6351c0a7ce -#action-data widget details -AAI.model-invariant-id.action-data=9551346c-7d8b-4daf-9926-b93e96e2344a -AAI.model-version-id.action-data=2f80c596-27e5-4ca9-b5bb-e03a7fd4c0fd -#allotted-resource widget details -AAI.model-invariant-id.allotted-resource=f6d6a23d-a1a9-48ff-8419-b6530da2d381 -AAI.model-version-id.allotted-resource=7ad0915f-25c0-4a70-b9bc-185a75f87564 -#availability-zone widget details -AAI.model-version-id.availability-zone=6c092fb1-21b2-456b-9e01-67fb4de1896e -AAI.model-invariant-id.availability-zone=61b88c01-d819-41c0-8e21-7fd7ba47148e -#az-and-dvs-switches widget details -AAI.model-version-id.az-and-dvs-switches=b2dea88d-78a0-49bf-95c9-5819df08e966 -AAI.model-invariant-id.az-and-dvs-switches=53dc00d4-e6d9-48ec-b6cc-3d3797e9b896 -#class-of-service widget details -AAI.model-version-id.class-of-service=d2fb27cc-15eb-4c4e-828e-71d41aaecc5b -AAI.model-invariant-id.class-of-service=18094b19-d16d-4822-8acf-e92c6aefa178 -#cloud-region widget details -AAI.model-version-id.cloud-region=2a160989-b202-47dd-874b-4a0f275998f7 -AAI.model-invariant-id.cloud-region=425b2158-e51d-4509-9945-dad4556474a3 -#complex widget details -AAI.model-invariant-id.complex=af91c2f7-35fc-43cf-a13d-443f385b2353 -AAI.model-version-id.complex=3a8ab1ee-9220-4fe8-b89c-9251d160ddc2 -#configuration widget details -AAI.model-invariant-id.configuration=166c050d-f69d-4305-943e-0bc58c3a26cf -AAI.model-version-id.configuration=5a175add-57e4-4a5d-8b02-c36f1d69c52b -#connector widget details -AAI.model-version-id.connector=22104c9f-29fd-462f-be07-96cd6b46dd33 -AAI.model-invariant-id.connector=4c01c948-7607-4d66-8a6c-99c2c2717936 -#constrained-element-set widget details -AAI.model-invariant-id.constrained-element-set=c0292b4f-ee97-40cc-8c2e-f967c48f5701 -AAI.model-version-id.constrained-element-set=01102126-9c04-4a89-945b-b131e61e95d7 -#ctag-assignment widget details -AAI.model-version-id.ctag-assignment=44e5cb1f-0938-41aa-b766-d4595109fe89 -AAI.model-invariant-id.ctag-assignment=fcb8d46b-b656-4ad6-8fa4-22cef74b443f -#ctag-pool widget details -AAI.model-invariant-id.ctag-pool=46c51d4e-d67e-4a9c-b1f5-49b1e9c6fcaa -AAI.model-version-id.ctag-pool=2056c41f-23b9-4de7-9f50-819adad37d76 -#customer widget details -AAI.model-invariant-id.customer=c1d4305f-cdbd-4bbe-9069-a2f4978fd89e -AAI.model-version-id.customer=d4df5c27-98a1-4812-a8aa-c17f055b7a3f -#cvlan-tag-entry widget details -AAI.model-version-id.cvlan-tag-entry=c3878ffb-8d85-4114-bee6-e4074a9db10b -AAI.model-invariant-id.cvlan-tag-entry=245cf4b0-7cc5-4eea-bbd9-753e939adcab -#dvs-switch widget details -AAI.model-invariant-id.dvs-switch=98fbb471-1f86-428e-bd8a-c8a25de6fa23 -AAI.model-version-id.dvs-switch=4cb44ae8-e3ab-452a-9f95-bcc8a44c55ea -#edge-prop-names widget details -AAI.model-invariant-id.edge-prop-names=7a08cad4-8759-46a5-8245-095d1ba57ac6 -AAI.model-version-id.edge-prop-names=f0442326-8201-4d0e-857c-74b4ddcbfc9f -#element-choice-set widget details -AAI.model-invariant-id.element-choice-set=9a011958-7165-47a3-b872-00951d1f09ae -AAI.model-version-id.element-choice-set=af27fbfd-598d-44da-aeae-0f9d3a5fcd6a -#entitlement widget details -AAI.model-version-id.entitlement=7e27ba2e-b7db-4e13-9fae-d142152ef98a -AAI.model-invariant-id.entitlement=ae75b5a0-d5e1-4f3a-b8fb-37626a753da3 -#flavor widget details -AAI.model-invariant-id.flavor=bace8d1c-a261-4041-9e37-823117415d0f -AAI.model-version-id.flavor=36200fb5-f251-4f5d-a520-7c5ad5c2cd4b -#generic-vnf widget details -AAI.model-version-id.generic-vnf=93a6166f-b3d5-4f06-b4ba-aed48d009ad9 -AAI.model-invariant-id.generic-vnf=acc6edd8-a8d4-4b93-afaa-0994068be14c -#group-assignment widget details -AAI.model-invariant-id.group-assignment=7cc05f25-7ba2-42b7-a237-c5662a1689e1 -AAI.model-version-id.group-assignment=fe578080-ce19-4604-8760-fc264fbb2565 -#image widget details -AAI.model-version-id.image=f6a038c2-820c-42ba-8c2b-375e24e8f932 -AAI.model-invariant-id.image=3f4c7204-739b-4bbb-87a7-8a6856439c90 -#include-node-filter widget details -AAI.model-invariant-id.include-node-filter=2a2d8ad2-af0a-4e1f-9982-0c899e7dc827 -AAI.model-version-id.include-node-filter=f05f804d-7057-4ffe-bdc5-39f2f0c9c9fd -#instance-group widget details -AAI.model-version-id.instance-group=8e6ee9dc-9017-444a-83b3-219edb018128 -AAI.model-invariant-id.instance-group=3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd -#inventory-item widget details -AAI.model-invariant-id.inventory-item=cd57d844-9017-4078-aa19-926935a3d77c -AAI.model-version-id.inventory-item=69957f4a-2155-4b95-8d72-d6dd9b88b27b -#inventory-item-data widget details -AAI.model-version-id.inventory-item-data=0e54bb87-bd6e-4a2b-ad1c-6d935b87ae51 -AAI.model-invariant-id.inventory-item-data=87a383ae-cf03-432e-a9de-04e6a622d0fd -#ipsec-configuration widget details -AAI.model-invariant-id.ipsec-configuration=aca4c310-cb45-42bd-9f88-73e40ba7b962 -AAI.model-version-id.ipsec-configuration=d949fd10-36bf-408a-ac7a-cad5004d2e0d -#key-data widget details -AAI.model-version-id.key-data=c23ea04d-1a3b-453d-bc49-a6c783a5e92b -AAI.model-invariant-id.key-data=f5faa464-c2f2-4cc3-89d2-a90452dc3a07 -#l3-interface-ipv4-address-list widget details -AAI.model-version-id.l3-interface-ipv4-address-list=41e76b6f-1e06-4fd4-82cd-81c50fc4574b -AAI.model-invariant-id.l3-interface-ipv4-address-list=aad85df2-09be-40fa-b867-16415e4e10e2 -#l3-interface-ipv6-address-list widget details -AAI.model-invariant-id.l3-interface-ipv6-address-list=82966045-43ee-4982-8307-7e9610866140 -AAI.model-version-id.l3-interface-ipv6-address-list=d040621d-541a-477b-bb1b-a2b61b14e295 -#l3-network widget details -AAI.model-version-id.l3-network=9111f20f-e680-4001-b83f-19a2fc23bfc1 -AAI.model-invariant-id.l3-network=3d560d81-57d0-438b-a2a1-5334dba0651a -#lag-interface widget details -AAI.model-version-id.lag-interface=ce95f7c3-b61b-4758-ae9e-7e943b1c103d -AAI.model-invariant-id.lag-interface=e0ee9bde-c1fc-4651-a95d-8e0597bf7d70 -#lag-link widget details -AAI.model-version-id.lag-link=d29a087a-af59-4053-a3f8-0f95a92faa75 -AAI.model-invariant-id.lag-link=86ffe6e5-4d0e-4cec-80b5-5c38aa3eff98 -#license widget details -AAI.model-invariant-id.license=b9a9b337-1f86-42d3-b9f9-f987a089507c -AAI.model-version-id.license=6889274b-a1dc-40ab-9090-93677e13e2e6 -#license-key-resource widget details -AAI.model-invariant-id.license-key-resource=9022ebfe-b54f-4911-a6b2-8c3f5ec189b7 -AAI.model-version-id.license-key-resource=24b25f8c-b8bd-4c62-9421-87c12667aac9 -#l-interface widget details -AAI.model-version-id.l-interface=a32613fd-18b9-459e-aab8-fffb3912966a -AAI.model-invariant-id.l-interface=cea0a982-8d55-4093-921e-418fbccf7060 -#logical-link widget details -AAI.model-version-id.logical-link=a1481a38-f8ba-4ae4-bdf1-06c2c6af4c54 -AAI.model-invariant-id.logical-link=fe012535-2c31-4a39-a739-612374c638a0 -#metadatum widget details -AAI.model-invariant-id.metadatum=86dbb63a-265e-4614-993f-6771c30b56a5 -AAI.model-version-id.metadatum=6bae950e-8939-41d3-a6a7-251b03e4c1fc -#model widget details -AAI.model-invariant-id.model=06d1418a-5faa-452d-a94b-a2829df5f67b -AAI.model-version-id.model=1f51c05c-b164-4c27-9c03-5cbb239fd6be -#model-constraint widget details -AAI.model-invariant-id.model-constraint=c28966f3-e758-4483-b37b-a90b05d3dd33 -AAI.model-version-id.model-constraint=ad70dd19-f156-4fb5-a865-97b5563b0d37 -#model-element widget details -AAI.model-invariant-id.model-element=2076e726-3577-477a-a300-7fa65cd4df11 -AAI.model-version-id.model-element=753e813a-ba9e-4a1d-ab34-b2f6dc6eec0c -#multicast-configuration widget details -AAI.model-invariant-id.multicast-configuration=ea78c9e3-514d-4a0a-9162-13837fa54c35 -AAI.model-version-id.multicast-configuration=666a06ee-4b57-46df-bacf-908da8f10c3f -#named-query widget details -AAI.model-version-id.named-query=5c3b7c33-afa3-4be5-8da7-1a5ac6f99896 -AAI.model-invariant-id.named-query=80b712fd-0ad3-4180-a99c-8c995cf1cc32 -#named-query-element widget details -AAI.model-version-id.named-query-element=204c641a-3494-48c8-979a-86856f5fd32a -AAI.model-invariant-id.named-query-element=3c504d40-b847-424c-9d25-4fb7e0a3e994 -#network-policy widget details -AAI.model-invariant-id.network-policy=6aa05779-94d7-4d8b-9bee-59ef2ab0c246 -AAI.model-version-id.network-policy=a0ccd9dc-7062-4940-9bcc-e91dd28af510 -#network-profile widget details -AAI.model-version-id.network-profile=01f45471-4240-498c-a9e1-235dc0b8b4a6 -AAI.model-invariant-id.network-profile=2734b44a-b8a2-40f6-957d-6256589e5d00 -#newvce widget details -AAI.model-version-id.newvce=7c79e11f-a408-4593-aa86-ba948a1236af -AAI.model-invariant-id.newvce=4b05ec9c-c55d-4987-83ff-e08d6ddb694f -#oam-network widget details -AAI.model-invariant-id.oam-network=2851cf01-9c40-4064-87d4-6184a6fcff35 -AAI.model-version-id.oam-network=f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79 -#physical-link widget details -AAI.model-invariant-id.physical-link=c822d81f-822f-4304-9623-1025b53da568 -AAI.model-version-id.physical-link=9c523936-95b4-4d7f-9f53-6bdfe0cf2c05 -#p-interface widget details -AAI.model-invariant-id.p-interface=94043c37-4e73-439c-a790-0fdd697924cd -AAI.model-version-id.p-interface=d2cdb2d0-fc1f-4a57-a89e-591b1c4e3754 -#pnf widget details -AAI.model-version-id.pnf=e9f1fa7d-c839-418a-9601-03dc0d2ad687 -AAI.model-invariant-id.pnf=862b25a1-262a-4961-bdaa-cdc55d69785a -#port-group widget details -AAI.model-version-id.port-group=03e8bb6b-b48a-46ae-b5d4-e5af577e6844 -AAI.model-invariant-id.port-group=8ce940fb-55d7-4230-9e7f-a56cc2741f77 -#property-constraint widget details -AAI.model-version-id.property-constraint=81706bbd-981e-4362-ae20-995cbcb2d995 -AAI.model-invariant-id.property-constraint=f4a863c3-6886-470a-a6ae-05723837ea45 -#pserver widget details -AAI.model-invariant-id.pserver=6d932c8f-463b-4e76-83fb-87acfbaa2e2d -AAI.model-version-id.pserver=72f0d495-bc27-4653-9e1a-eef76bd34bc9 -#related-lookup widget details -AAI.model-invariant-id.related-lookup=468f6f5b-2996-41bb-b2a3-7cf9613ebb9b -AAI.model-version-id.related-lookup=0988bab5-bf4f-4938-a419-ab249867d12a -#reserved-prop-names widget details -AAI.model-invariant-id.reserved-prop-names=0c3e0ba3-618c-498d-9127-c8d42b00170f -AAI.model-version-id.reserved-prop-names=ac49d26d-9163-430e-934a-13b738a04f5c -#result-data widget details -AAI.model-version-id.result-data=4e9b50aa-5227-4f6f-b489-62e6bbc03c79 -AAI.model-invariant-id.result-data=ff656f23-6185-406f-9006-4b26834f3e1c -#route-table-reference widget details -AAI.model-version-id.route-table-reference=fed7e326-03a7-45ff-a3f2-471470d268c4 -AAI.model-invariant-id.route-table-reference=a8614b63-2636-4c4f-98df-fd448c4241db -#routing-instance widget details -AAI.model-invariant-id.routing-instance=1c2ded4f-8b01-4193-829c-966847dfec3e -AAI.model-version-id.routing-instance=3ccbcbc7-d19e-44d5-a52f-7e18aa8d69fa -#secondary-filter widget details -AAI.model-version-id.secondary-filter=1380619d-dd1a-4cec-b755-c6407833e065 -AAI.model-invariant-id.secondary-filter=738ff299-6290-4c00-8998-bd0e96a07b93 -#segmentation-assignment widget details -AAI.model-invariant-id.segmentation-assignment=6e814aee-46e1-4583-a9d4-0049bfd2b59b -AAI.model-version-id.segmentation-assignment=c5171ae0-44fb-4c04-b482-d56702241a44 -#service widget details -AAI.model-version-id.service=ecce2c42-3957-4ae0-9442-54bc6afe27b6 -AAI.model-invariant-id.service=07a3a60b-1b6c-4367-8173-8014386f89e3 -#service-capability widget details -AAI.model-invariant-id.service-capability=b1a7cc05-d19d-443b-a5d1-733e325c4232 -AAI.model-version-id.service-capability=f9cfec1b-18da-4bba-bd83-4b26cca115cd -#service-instance widget details -AAI.model-invariant-id.service-instance=82194af1-3c2c-485a-8f44-420e22a9eaa4 -AAI.model-version-id.service-instance=46b92144-923a-4d20-b85a-3cbd847668a9 -#service-subscription widget details -AAI.model-invariant-id.service-subscription=2e1a602a-acd8-4f78-94ff-618b802a303b -AAI.model-version-id.service-subscription=5e68299a-79f2-4bfb-8fbc-2bae877a2459 -#site-pair widget details -AAI.model-version-id.site-pair=7106bc02-6552-4fc3-8a56-4f3df9034531 -AAI.model-invariant-id.site-pair=db63f3e6-f8d1-484e-8d5e-191600b7914b -#site-pair-set widget details -AAI.model-invariant-id.site-pair-set=5d4dae3e-b402-4bfd-909e-ece12ff75d26 -AAI.model-version-id.site-pair-set=a5c6c1bc-dc38-468e-9459-bb08f87247df -#snapshot widget details -AAI.model-version-id.snapshot=962a7c8b-687f-4d32-a775-fe098e214bcd -AAI.model-invariant-id.snapshot=24de00ef-aead-4b52-995b-0adf8d4bd90d -#sriov-vf widget details -AAI.model-version-id.sriov-vf=1e8b331f-3d4a-4160-b7aa-f4d5a8916625 -AAI.model-invariant-id.sriov-vf=04b2935f-33c4-40a9-8af0-8b52690042dc -#start-node-filter widget details -AAI.model-version-id.start-node-filter=aad96fd3-e75f-42fc-9777-3450c36f1168 -AAI.model-invariant-id.start-node-filter=083093a3-e407-447a-ba5d-7583e4d23e1d -#subnet widget details -AAI.model-version-id.subnet=f902a6bc-6be4-4fe5-8458-a6ec0056b374 -AAI.model-invariant-id.subnet=1b2c9ba7-e449-4831-ba15-3073672f5ef2 -#tagged-inventory-item-list widget details -AAI.model-invariant-id.tagged-inventory-item-list=e78a7eaa-f65d-4919-9c2b-5b258c8c4d7e -AAI.model-version-id.tagged-inventory-item-list=c246f6e2-e3a1-4697-94c0-5672a7fbbf04 -#tenant widget details -AAI.model-invariant-id.tenant=97c26c99-6870-44c1-8a07-1d900d3f4ce6 -AAI.model-version-id.tenant=abcc54bc-bb74-49dc-9043-7f7171707545 -#tunnel-xconnect widget details -AAI.model-invariant-id.tunnel-xconnect=50b9e2fa-005c-4bbe-b651-3251dece4cd8 -AAI.model-version-id.tunnel-xconnect=e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5 -#update-node-key widget details -AAI.model-version-id.update-node-key=6004cfa6-eb6d-4062-971f-b1fde6b74aa0 -AAI.model-invariant-id.update-node-key=fe81c801-f65d-408a-b2b7-a729a18f8154 -#vce widget details -AAI.model-version-id.vce=b6cf54b5-ec45-43e1-be64-97b4e1513333 -AAI.model-invariant-id.vce=bab6dceb-e7e6-4301-a5e0-a7399b48d792 -#vf-module widget details -AAI.model-invariant-id.vf-module=ef86f9c5-2165-44f3-8fc3-96018b609ea5 -AAI.model-version-id.vf-module=c00563ae-812b-4e62-8330-7c4d0f47088a -#vig-server widget details -AAI.model-version-id.vig-server=8e8c22f1-fbdf-48ea-844c-8bdeb44e7b16 -AAI.model-invariant-id.vig-server=bed7c3b7-35d0-4cd9-abde-41b20e68b28e -#virtual-data-center widget details -AAI.model-invariant-id.virtual-data-center=5150abcf-0c5f-4593-9afe-a19c48fc4824 -AAI.model-version-id.virtual-data-center=6dd43ced-d789-47af-a759-d3abc14e3ac1 -#vlan widget details -AAI.model-version-id.vlan=257d88a5-a269-4c35-944f-aca04fbdb791 -AAI.model-invariant-id.vlan=d2b1eaf1-ae59-4116-9ee4-aa0179faa4f8 -#vnfc widget details -AAI.model-invariant-id.vnfc=96129eb9-f0de-4e05-8af2-73146473f766 -AAI.model-version-id.vnfc=5761e0a7-c6df-4d8a-9ebd-b8f445054dec -#vnf-image widget details -AAI.model-invariant-id.vnf-image=f9a628ff-7aa0-40e2-a93d-02d91c950982 -AAI.model-version-id.vnf-image=c4d3e747-ba4a-4b17-9896-94c6f18c19d3 -#volume widget details -AAI.model-version-id.volume=0fbe2e8f-4d91-4415-a772-88387049b38d -AAI.model-invariant-id.volume=ddd739b4-2b25-46c4-affc-41a32af5cc42 -#volume-group widget details -AAI.model-invariant-id.volume-group=fcec1b02-b2d0-4834-aef8-d71be04717dd -AAI.model-version-id.volume-group=99d44c90-1f61-4418-b9a6-56586bf38c79 -#vpe widget details -AAI.model-invariant-id.vpe=053ec3a7-5b72-492d-b54d-123805a9b967 -AAI.model-version-id.vpe=203817d3-829c-42d4-942d-2a935478e993 -#vpls-pe widget details -AAI.model-version-id.vpls-pe=b1566228-6785-4ce1-aea2-053736f80341 -AAI.model-invariant-id.vpls-pe=457ba89b-334c-4fbd-acc4-160ac0e0cdc0 -#vpn-binding widget details -AAI.model-invariant-id.vpn-binding=9e23b675-db2b-488b-b459-57aa9857baa0 -AAI.model-version-id.vpn-binding=21a146e5-9901-448c-9197-723076770119 -#vserver widget details -AAI.model-invariant-id.vserver=ff69d4e0-a8e8-4108-bdb0-dd63217e63c7 -AAI.model-version-id.vserver=8ecb2c5d-7176-4317-a255-26274edfdd53 -#collection resource widget details -AAI.model-invariant-id.cr=8bac3599-9a1c-4b7f-80e5-c1838f744c23 -AAI.model-version-id.cr=3f908abc-3a15-40d0-b674-2a639e52884d diff --git a/kubernetes/aai/charts/aai-babel/resources/config/auth/auth_policy.json b/kubernetes/aai/charts/aai-babel/resources/config/auth/auth_policy.json deleted file mode 100644 index ff33c17eb0..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/config/auth/auth_policy.json +++ /dev/null @@ -1,47 +0,0 @@ -{"roles": [ - { - "name": "admin", - "functions": [ - { - "name": "generateArtifacts", - "methods": [{"name": "POST"}] - } - ], - "users": [ - {"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"} - ] - }, - { - "name": "ops", - "functions": [{ - "name": "actions", - "methods": [{"name": "POST"}] - }], - "users": [ - {"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"} - ] - }, - { - "name": "readonly", - "functions": [ - { - "name": "actions", - "methods": [{"name": "GET"}] - } - ], - "users": [ - {"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"} - ] - }, - { - "name": "basicauth", - "functions": [{ - "name": "util", - "methods": [{"name": "GET"}] - }], - "users": [{ - "user": "aai", - "pass": "OBF:deadbeef" - }] - } -]} diff --git a/kubernetes/aai/charts/aai-babel/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-babel/resources/config/auth/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/aai/charts/aai-babel/resources/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-babel/resources/config/babel-auth.properties b/kubernetes/aai/charts/aai-babel/resources/config/babel-auth.properties deleted file mode 100644 index ef85c23a04..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/config/babel-auth.properties +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -auth.policy.file=/auth/auth_policy.json -auth.authentication.disable=true diff --git a/kubernetes/aai/charts/aai-babel/resources/config/logback.xml b/kubernetes/aai/charts/aai-babel/resources/config/logback.xml deleted file mode 100644 index 878d8c05d0..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/config/logback.xml +++ /dev/null @@ -1,194 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditLogPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${metricsLogPattern} - - - - - 256 - - - - - - ${logDirectory}/${debugLogName}.log - - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - - - - e.level.toInt() < INFO.toInt() - - - DENY - NEUTRAL - - 256 - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json deleted file mode 100644 index a6fe82fb70..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json +++ /dev/null @@ -1,181 +0,0 @@ -{ - "instanceGroupTypes": [ - "org.openecomp.groups.NetworkCollection", - "org.openecomp.groups.VfcInstanceGroup", - "org.openecomp.groups.ResourceInstanceGroup" - ], - "widgetTypes": [ - { - "type": "SERVICE", - "name": "service-instance", - "deleteFlag": true, - "modelVersionId": "46b92144-923a-4d20-b85a-3cbd847668a9", - "modelInvariantId": "82194af1-3c2c-485a-8f44-420e22a9eaa4" - }, - { - "type": "VF", - "name": "generic-vnf", - "deleteFlag": true, - "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9", - "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c" - }, - { - "type": "VFC", - "name": "vnfc", - "deleteFlag": true, - "modelVersionId": "5761e0a7-c6df-4d8a-9ebd-b8f445054dec", - "modelInvariantId": "96129eb9-f0de-4e05-8af2-73146473f766" - }, - { - "type": "VSERVER", - "name": "vserver", - "deleteFlag": true, - "modelVersionId": "8ecb2c5d-7176-4317-a255-26274edfdd53", - "modelInvariantId": "ff69d4e0-a8e8-4108-bdb0-dd63217e63c7" - }, - { - "type": "VOLUME", - "name": "volume", - "deleteFlag": true, - "modelVersionId": "0fbe2e8f-4d91-4415-a772-88387049b38d", - "modelInvariantId": "ddd739b4-2b25-46c4-affc-41a32af5cc42" - }, - { - "type": "FLAVOR", - "name": "flavor", - "deleteFlag": false, - "modelVersionId": "36200fb5-f251-4f5d-a520-7c5ad5c2cd4b", - "modelInvariantId": "bace8d1c-a261-4041-9e37-823117415d0f" - }, - { - "type": "TENANT", - "name": "tenant", - "deleteFlag": false, - "modelVersionId": "abcc54bc-bb74-49dc-9043-7f7171707545", - "modelInvariantId": "97c26c99-6870-44c1-8a07-1d900d3f4ce6" - }, - { - "type": "VOLUME_GROUP", - "name": "volume-group", - "deleteFlag": true, - "modelVersionId": "99d44c90-1f61-4418-b9a6-56586bf38c79", - "modelInvariantId": "fcec1b02-b2d0-4834-aef8-d71be04717dd" - }, - { - "type": "LINT", - "name": "l-interface", - "deleteFlag": true, - "modelVersionId": "a32613fd-18b9-459e-aab8-fffb3912966a", - "modelInvariantId": "cea0a982-8d55-4093-921e-418fbccf7060" - }, - { - "type": "L3_NET", - "name": "l3-network", - "deleteFlag": true, - "modelVersionId": "9111f20f-e680-4001-b83f-19a2fc23bfc1", - "modelInvariantId": "3d560d81-57d0-438b-a2a1-5334dba0651a" - }, - { - "type": "VFMODULE", - "name": "vf-module", - "deleteFlag": true, - "modelVersionId": "c00563ae-812b-4e62-8330-7c4d0f47088a", - "modelInvariantId": "ef86f9c5-2165-44f3-8fc3-96018b609ea5" - }, - { - "type": "IMAGE", - "name": "image", - "deleteFlag": false, - "modelVersionId": "f6a038c2-820c-42ba-8c2b-375e24e8f932", - "modelInvariantId": "3f4c7204-739b-4bbb-87a7-8a6856439c90" - }, - { - "type": "OAM_NETWORK", - "name": "oam-network", - "deleteFlag": true, - "modelVersionId": "f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79", - "modelInvariantId": "2851cf01-9c40-4064-87d4-6184a6fcff35" - }, - { - "type": "ALLOTTED_RESOURCE", - "name": "allotted-resource", - "deleteFlag": true, - "modelVersionId": "7ad0915f-25c0-4a70-b9bc-185a75f87564", - "modelInvariantId": "f6d6a23d-a1a9-48ff-8419-b6530da2d381" - }, - { - "type": "TUNNEL_XCONNECT", - "name": "tunnel-xconnect", - "deleteFlag": true, - "modelVersionId": "e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5", - "modelInvariantId": "50b9e2fa-005c-4bbe-b651-3251dece4cd8" - }, - { - "type": "CONFIGURATION", - "name": "configuration", - "deleteFlag": true, - "modelVersionId": "5a175add-57e4-4a5d-8b02-c36f1d69c52b", - "modelInvariantId": "166c050d-f69d-4305-943e-0bc58c3a26cf" - }, - { - "type": "CR", - "name": "cr", - "deleteFlag": true, - "modelVersionId": "3f908abc-3a15-40d0-b674-2a639e52884d", - "modelInvariantId": "8bac3599-9a1c-4b7f-80e5-c1838f744c23" - }, - { - "type": "INSTANCE_GROUP", - "name": "instance-group", - "deleteFlag": true, - "modelVersionId": "8e6ee9dc-9017-444a-83b3-219edb018128", - "modelInvariantId": "3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd" - } - ], - "widgetMappings": [ - { - "prefix": "org.openecomp.resource.vfc", - "type": "widget", - "widget": "VSERVER", - "deleteFlag": true - }, - { - "prefix": "org.openecomp.resource.cp", - "type": "widget", - "widget": "LINT", - "deleteFlag": true - }, - { - "prefix": "org.openecomp.cp", - "type": "widget", - "widget": "LINT", - "deleteFlag": true - }, - { - "prefix": "org.openecomp.resource.vl", - "widget": "L3_NET", - "deleteFlag": false - }, - { - "prefix": "org.openecomp.resource.vf", - "widget": "VF", - "deleteFlag": true - }, - { - "prefix": "org.openecomp.groups.vfmodule", - "widget": "VFMODULE", - "deleteFlag": true - }, - { - "prefix": "org.openecomp.groups.VfModule", - "widget": "VFMODULE", - "deleteFlag": true - }, - { - "prefix": "org.openecomp.resource.vfc.nodes.heat.cinder", - "type": "widget", - "widget": "VOLUME", - "deleteFlag": true - } - ] -} diff --git a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/auth/client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/auth/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/fproxy.properties deleted file mode 100644 index f512fb71a6..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/fproxy.properties +++ /dev/null @@ -1,2 +0,0 @@ -credential.cache.timeout.ms=180000 -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml deleted file mode 100644 index 0637cfb84b..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/tomcat_keystore deleted file mode 100644 index 99129c145f..0000000000 Binary files a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json deleted file mode 100644 index acc940987c..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json +++ /dev/null @@ -1,93 +0,0 @@ -[ - { - "uri": "\/not\/allowed\/at\/all$", - "permissions": [ - "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt" - ] - }, - { - "uri": "\/one\/auth\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/multi\/auth\/required$", - "permissions": [ - "test.auth.access.aMultipleAuth1", - "test.auth.access.aMultipleAuth2", - "test.auth.access.aMultipleAuth3" - ] - }, - { - "uri": "\/one\/[^\/]+\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/services\/getAAFRequest$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/admin\/getAAFRequest$", - "permissions": [ - "test.auth.access|admin|GET,PUT,POST" - ] - }, - { - "uri": "\/service\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/services\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/$", - "permissions": [ - "\\|services\\|GET", - "test\\.auth\\.access\\|services\\|GET,PUT" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$", - "permissions": [ - "test\\.auth\\.access\\|rest\\|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read", - "test.auth.access|vservers|read" - ] - }, - { - "uri": "\/backend$", - "permissions": [ - "test\\.auth\\.access\\|services\\|GET,PUT", - "\\|services\\|GET" - ] - }, - { - "uri": "\/services\/babel-service\/.*", - "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] - } -] diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/cadi.properties deleted file mode 100644 index a82e38caf6..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/cadi.properties +++ /dev/null @@ -1,25 +0,0 @@ -# This is a normal Java Properties File -# Comments are with Pound Signs at beginning of lines, -# and multi-line expression of properties can be obtained by backslash at end of line - -#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below -#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name -#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com -#to your hosts file on your machine. -#hostname=test.aic.cip.att.com - -cadi_loglevel=DEBUG -cadi_keyfile=/opt/app/rproxy/config/security/keyfile - -cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore -cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -# Configure AAF -aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}} -aaf_env=DEV - -aaf_id=demo@people.osaaf.org -aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz - -# This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/forward-proxy.properties deleted file mode 100644 index 1b58d4235c..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/forward-proxy.properties +++ /dev/null @@ -1,4 +0,0 @@ -forward-proxy.protocol = https -forward-proxy.host = localhost -forward-proxy.port = 10680 -forward-proxy.cacheurl = /credential-cache \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml deleted file mode 100644 index 2cd95d4c69..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/primary-service.properties deleted file mode 100644 index 7055bf5303..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/primary-service.properties +++ /dev/null @@ -1,3 +0,0 @@ -primary-service.protocol = https -primary-service.host = localhost -primary-service.port = 9516 diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/reverse-proxy.properties deleted file mode 100644 index 8d46e1f429..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/reverse-proxy.properties +++ /dev/null @@ -1 +0,0 @@ -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/security/keyfile deleted file mode 100644 index 6cd12fcfb4..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM -1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29 -xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK -BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm -6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99 -QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm -zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6 -x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf -8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz -FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz -UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r -banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv -6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG -yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB -xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB -lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq -ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE -fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v -1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5 -liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc -0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u -PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm -8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv -dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ --85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn -c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J -uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/templates/configmap.yaml b/kubernetes/aai/charts/aai-babel/templates/configmap.yaml deleted file mode 100644 index 031fc06315..0000000000 --- a/kubernetes/aai/charts/aai-babel/templates/configmap.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-log-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-log-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} -{{ end }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/templates/deployment.yaml b/kubernetes/aai/charts/aai-babel/templates/deployment.yaml deleted file mode 100644 index ea6e64aa58..0000000000 --- a/kubernetes/aai/charts/aai-babel/templates/deployment.yaml +++ /dev/null @@ -1,251 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - - initContainers: - - name: {{ .Values.global.tproxyConfig.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - securityContext: - privileged: true - {{ end }} - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: CONFIG_HOME - value: /opt/app/babel/config - - name: KEY_STORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_STORE_PASSWORD - - name: KEY_MANAGER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_MANAGER_PASSWORD - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/babel/config/artifact-generator.properties - name: {{ include "common.fullname" . }}-config - subPath: artifact-generator.properties - - mountPath: /opt/app/babel/config/tosca-mappings.json - name: {{ include "common.fullname" . }}-config - subPath: tosca-mappings.json - - mountPath: /opt/app/babel/config/babel-auth.properties - name: {{ include "common.fullname" . }}-config - subPath: babel-auth.properties - - mountPath: /opt/app/babel/config/auth - name: {{ include "common.fullname" . }}-secrets - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/babel/config/logback.xml - name: {{ include "common.fullname" . }}-config - subPath: logback.xml - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-filebeat - - {{ if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.rproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/rproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.rproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/forward-proxy.properties - subPath: forward-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/primary-service.properties - subPath: primary-service.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/reverse-proxy.properties - subPath: reverse-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/cadi.properties - subPath: cadi.properties - - name: {{ include "common.fullname" . }}-rproxy-log-config - mountPath: /opt/app/rproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - subPath: aaf_truststore.jks - - name: {{ include "common.fullname" . }}-rproxy-security-config - mountPath: /opt/app/rproxy/config/security/keyfile - subPath: keyfile - - ports: - - containerPort: {{ .Values.global.rproxy.port }} - - - name: {{ .Values.global.fproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/fproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.fproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-fproxy-config - mountPath: /opt/app/fproxy/config/fproxy.properties - subPath: fproxy.properties - - name: {{ include "common.fullname" . }}-fproxy-log-config - mountPath: /opt/app/fproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - ports: - - containerPort: {{ .Values.global.fproxy.port }} - {{ end }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }}-configmap - items: - - key: artifact-generator.properties - path: artifact-generator.properties - - key: tosca-mappings.json - path: tosca-mappings.json - - key: babel-auth.properties - path: babel-auth.properties - - key: logback.xml - path: logback.xml - - name: {{ include "common.fullname" . }}-secrets - secret: - secretName: {{ include "common.fullname" . }}-babel-secrets - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: aai-filebeat - emptyDir: {} - {{ if .Values.global.installSidecarSecurity }} - - name: {{ include "common.fullname" . }}-rproxy-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-config - - name: {{ include "common.fullname" . }}-rproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-log-config - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-auth-config - - name: {{ include "common.fullname" . }}-rproxy-security-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config - - name: {{ include "common.fullname" . }}-fproxy-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-config - - name: {{ include "common.fullname" . }}-fproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config - {{ end }} - - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-babel/templates/secrets.yaml b/kubernetes/aai/charts/aai-babel/templates/secrets.yaml deleted file mode 100644 index 7c3b04ae01..0000000000 --- a/kubernetes/aai/charts/aai-babel/templates/secrets.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-babel-secrets - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-pass - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }} - KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-auth-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} -{{ end }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/templates/service.yaml b/kubernetes/aai/charts/aai-babel/templates/service.yaml deleted file mode 100644 index 9a8b8a22c6..0000000000 --- a/kubernetes/aai/charts/aai-babel/templates/service.yaml +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{ if .Values.global.installSidecarSecurity }} - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.global.rproxy.port }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.global.rproxy.port }} - name: {{ .Values.service.portName }} - {{- end}} - {{ else }} - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - {{ end }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-babel/values.yaml b/kubernetes/aai/charts/aai-babel/values.yaml deleted file mode 100644 index 60b7dd4086..0000000000 --- a/kubernetes/aai/charts/aai-babel/values.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - readinessImage: readiness-check:2.0.2 - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# - -# application image -image: onap/babel:1.4-STAGING-latest - -flavor: small - -# application configuration -config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName: babel - externalPort: 9516 - internalPort: 9516 - nodePort: 79 - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-cassandra/.helmignore b/kubernetes/aai/charts/aai-cassandra/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-cassandra/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-cassandra/templates/service.yaml b/kubernetes/aai/charts/aai-cassandra/templates/service.yaml deleted file mode 100644 index 17176f1ded..0000000000 --- a/kubernetes/aai/charts/aai-cassandra/templates/service.yaml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - type: {{ .Values.service.type }} -# Not working, open k8s bug: https://github.com/kubernetes/kubernetes/issues/58662 - publishNotReadyAddresses: true - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName3 }} - - port: {{ .Values.service.internalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName3 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - - port: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml b/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml deleted file mode 100644 index a576eba60d..0000000000 --- a/kubernetes/aai/charts/aai-cassandra/templates/statefulset.yaml +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ include "common.servicename" . }} - replicas: {{ .Values.replicaCount }} - podManagementPolicy: {{ .Values.podManagementPolicy }} - updateStrategy: - type: {{ .Values.updateStrategy.type }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - - containerPort: {{ .Values.service.internalPort3 }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: - - /bin/bash - - -c - - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - exec: - command: - - /bin/bash - - -c - - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - timeoutSeconds: {{ .Values.liveness.periodSeconds }} - lifecycle: - preStop: - exec: - command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"] - env: - {{- $seed_size := default 1 .Values.replicaCount | int -}} - {{- $global := . }} - - name: MAX_HEAP_SIZE - value: {{ .Values.config.heap.max }} - - name: HEAP_NEWSIZE - value: {{ .Values.config.heap.min }} - - name: CASSANDRA_SEEDS - value: "{{- range $i, $e := until $seed_size }}{{ template "common.fullname" $global }}-{{ $i }}.{{ include "common.servicename" $global }},{{- end }}" - - name: JVM_OPTS - value: {{ .Values.config.jvmOpts | quote }} - - name: CASSANDRA_CLUSTER_NAME - value: {{ .Values.config.clusterName | quote }} - - name: CASSANDRA_DC - value: {{ .Values.config.dataCenter | quote }} - - name: CASSANDRA_RACK - value: {{ .Values.config.rackName | quote }} - - name: CASSANDRA_AUTO_BOOTSTRAP - value: {{ .Values.config.autoBootstrap | quote }} - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: cassandra-data - mountPath: /var/lib/cassandra - resources: -{{ include "common.resources" . | indent 10 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - {{- if not .Values.persistence.enabled }} - - name: cassandra-data - emptyDir: {} - {{- else }} - volumeClaimTemplates: - - metadata: - name: cassandra-data - labels: - app: {{ template "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - annotations: - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - app: {{ include "common.name" . }} - release: "{{ .Release.Name }}" - {{- end }} diff --git a/kubernetes/aai/charts/aai-cassandra/values.yaml b/kubernetes/aai/charts/aai-cassandra/values.yaml deleted file mode 100644 index 1e1d2c1c2f..0000000000 --- a/kubernetes/aai/charts/aai-cassandra/values.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for cassandra. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - - -# application image -dockerhubRepository: registry.hub.docker.com -image: cassandra:2.1 -pullPolicy: Always - -# application configuration -config: - heap: - max: 512M - min: 100M - jvmOpts: -Dcassandra.consistent.rangemovement=false - clusterName: aai-cluster - dataCenter: Pod lab - rackName: Rack1 - autoBootstrap: true - ports: - cql: 9042 - thrift: 9160 - # If a JVM Agent is in place - # agent: 61621 - -# default number of instances -replicaCount: 3 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: aai-cassandra - internalPort: 9042 - portName: cql - internalPort2: 9160 - portName2: thrift - internalPort3: 61621 - portName3: agent - -podManagementPolicy: OrderedReady -updateStrategy: - type: OnDelete - -ingress: - enabled: false - -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - ## storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aai/cassandra - storageType: local - storageClass: "" - - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi diff --git a/kubernetes/aai/charts/aai-champ/Chart.yaml b/kubernetes/aai/charts/aai-champ/Chart.yaml deleted file mode 100644 index a41a49ea07..0000000000 --- a/kubernetes/aai/charts/aai-champ/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI Champ microservice -name: aai-champ -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-champ/requirements.yaml b/kubernetes/aai/charts/aai-champ/requirements.yaml deleted file mode 100644 index 78e822edf8..0000000000 --- a/kubernetes/aai/charts/aai-champ/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~4.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/aai/charts/aai-champ/resources/config/appconfig/auth/champ_policy.json b/kubernetes/aai/charts/aai-champ/resources/config/appconfig/auth/champ_policy.json deleted file mode 100644 index a059e86260..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/config/appconfig/auth/champ_policy.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "roles": [ - { - "name": "admin", - "functions": [ - { - "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ] - } - ], - - "users": [ - { - "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" - } - ] - } - ] -} - diff --git a/kubernetes/aai/charts/aai-champ/resources/config/appconfig/auth/tomcat_keystore b/kubernetes/aai/charts/aai-champ/resources/config/appconfig/auth/tomcat_keystore deleted file mode 100644 index c4c72718ff..0000000000 Binary files a/kubernetes/aai/charts/aai-champ/resources/config/appconfig/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-champ/resources/config/appconfig/champ-api.properties b/kubernetes/aai/charts/aai-champ/resources/config/appconfig/champ-api.properties deleted file mode 100644 index 0aba7979ad..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/config/appconfig/champ-api.properties +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -keyName=aai-uuid -sourceOfTruthName=source-of-truth -createdTsName=aai-created-ts -lastModTsName=aai-last-mod-ts -collectionPropertiesKey=properties - diff --git a/kubernetes/aai/charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml b/kubernetes/aai/charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml deleted file mode 100644 index 38fd64c5dc..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} - {{- $global := . }} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml deleted file mode 100644 index 67f6ac34f1..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml +++ /dev/null @@ -1,176 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - ${errorLogPattern} - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditMetricPattern} - - - - - 256 - - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - 256 - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/fproxy.properties deleted file mode 100644 index f512fb71a6..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/fproxy.properties +++ /dev/null @@ -1,2 +0,0 @@ -credential.cache.timeout.ms=180000 -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml deleted file mode 100644 index 0ece55cfa1..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json deleted file mode 100644 index ca34049ec2..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json +++ /dev/null @@ -1,99 +0,0 @@ - [ - { - "uri": "\/not\/allowed\/at\/all$", - "permissions": [ - "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt" - ] - }, - { - "uri": "\/one\/auth\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/multi\/auth\/required$", - "permissions": [ - "test.auth.access.aMultipleAuth1", - "test.auth.access.aMultipleAuth2", - "test.auth.access.aMultipleAuth3" - ] - }, - { - "uri": "\/one\/[^\/]+\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/services\/getAAFRequest$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/admin\/getAAFRequest$", - "permissions": [ - "test.auth.access|admin|GET,PUT,POST" - ] - }, - { - "uri": "\/service\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/services\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/$", - "permissions": [ - "\\|services\\|GET", - "test\\.auth\\.access\\|services\\|GET,PUT" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$", - "permissions": [ - "test\\.auth\\.access\\|rest\\|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read", - "test.auth.access|vservers|read" - ] - }, - { - "uri": "\/backend$", - "permissions": [ - "test\\.auth\\.access\\|services\\|GET,PUT", - "\\|services\\|GET" - ] - }, - { - "uri": "\/services\/inventory\/.*", - "permissions": [ - "org\\.onap\\.aai\\.resources\\|\\*\\|.*" - ] - }, - { - "uri": "\/services\/champ-service\/.*", - "permissions": [ - "org\\.onap\\.aai\\.resources\\|\\*\\|.*" - ] - } - ] diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties deleted file mode 100644 index 1878a4de70..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties +++ /dev/null @@ -1,39 +0,0 @@ -# This is a normal Java Properties File -# Comments are with Pound Signs at beginning of lines, -# and multi-line expression of properties can be obtained by backslash at end of line - -#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below -#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name -#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com -#to your hosts file on your machine. -#hostname=test.aic.cip.att.com - -cadi_loglevel=DEBUG - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 - -cadi_keyfile=/opt/app/rproxy/config/security/keyfile -cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore -cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -aaf_env=DEV - -aaf_id=demo@people.osaaf.org -aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz - -# This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/forward-proxy.properties deleted file mode 100644 index 1b58d4235c..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/forward-proxy.properties +++ /dev/null @@ -1,4 +0,0 @@ -forward-proxy.protocol = https -forward-proxy.host = localhost -forward-proxy.port = 10680 -forward-proxy.cacheurl = /credential-cache \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml deleted file mode 100644 index 735edb6032..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/primary-service.properties deleted file mode 100644 index 8d64529da9..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/primary-service.properties +++ /dev/null @@ -1,3 +0,0 @@ -primary-service.protocol = https -primary-service.host = localhost -primary-service.port = 9522 \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/reverse-proxy.properties deleted file mode 100644 index 8d46e1f429..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/reverse-proxy.properties +++ /dev/null @@ -1 +0,0 @@ -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/templates/configmap.yaml b/kubernetes/aai/charts/aai-champ/templates/configmap.yaml deleted file mode 100644 index c3966e7801..0000000000 --- a/kubernetes/aai/charts/aai-champ/templates/configmap.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appconfig/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dynamic - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/dynamic/conf/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-log-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-log-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} -{{ end }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml deleted file mode 100644 index 8e4d7f48cb..0000000000 --- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml +++ /dev/null @@ -1,273 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aai-cassandra - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - {{ if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.tproxyConfig.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - securityContext: - privileged: true - {{ end }} - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: CONFIG_HOME - value: "/opt/app/champ-service/appconfig" - - name: GRAPHIMPL - value: "janus-deps" - - name: KEY_STORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_STORE_PASSWORD - - name: KEY_MANAGER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_MANAGER_PASSWORD - - name: SERVICE_BEANS - value: "/opt/app/champ-service/dynamic/conf" - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/champ-service/appconfig/champ-api.properties - name: {{ include "common.fullname" . }}-config - subPath: champ-api.properties - - mountPath: /opt/app/champ-service/appconfig/auth - name: {{ include "common.fullname" . }}-secrets - - mountPath: /opt/app/champ-service/dynamic/conf/champ-beans.xml - name: {{ include "common.fullname" . }}-dynamic-config - subPath: champ-beans.xml - - mountPath: /opt/app/champ-service/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-logback-config - subPath: logback.xml - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-filebeat - {{ if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.rproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/rproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.rproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/forward-proxy.properties - subPath: forward-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/primary-service.properties - subPath: primary-service.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/reverse-proxy.properties - subPath: reverse-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/cadi.properties - subPath: cadi.properties - - name: {{ include "common.fullname" . }}-rproxy-log-config - mountPath: /opt/app/rproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - mountPath: /opt/app/rproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - mountPath: /opt/app/rproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 - subPath: org.onap.aai.p12 - - name: {{ include "common.fullname" . }}-rproxy-security-config - mountPath: /opt/app/rproxy/config/security/keyfile - subPath: keyfile - - ports: - - containerPort: {{ .Values.global.rproxy.port }} - - - name: {{ .Values.global.fproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/fproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: TRUST_STORE_PASSWORD - value: {{ .Values.config.trustStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.fproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-fproxy-config - mountPath: /opt/app/fproxy/config/fproxy.properties - subPath: fproxy.properties - - name: {{ include "common.fullname" . }}-fproxy-log-config - mountPath: /opt/app/fproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - mountPath: /opt/app/fproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - mountPath: /opt/app/fproxy/config/auth/fproxy_truststore - subPath: fproxy_truststore - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - mountPath: /opt/app/fproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - ports: - - containerPort: {{ .Values.global.fproxy.port }} - {{ end }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: champ-api.properties - path: champ-api.properties - - name: {{ include "common.fullname" . }}-secrets - secret: - secretName: {{ include "common.fullname" . }}-champ - - name: {{ include "common.fullname" . }}-dynamic-config - configMap: - name: {{ include "common.fullname" . }}-dynamic - items: - - key: champ-beans.xml - path: champ-beans.xml - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-logback-config - configMap: - name: {{ include "common.fullname" . }}-log-configmap - items: - - key: logback.xml - path: logback.xml - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: aai-filebeat - emptyDir: {} - {{ if .Values.global.installSidecarSecurity }} - - name: {{ include "common.fullname" . }}-rproxy-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-config - - name: {{ include "common.fullname" . }}-rproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-log-config - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - secret: - secretName: aai-rproxy-auth-certs - - name: {{ include "common.fullname" . }}-rproxy-security-config - secret: - secretName: aai-rproxy-security-config - - name: {{ include "common.fullname" . }}-fproxy-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-config - - name: {{ include "common.fullname" . }}-fproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - secret: - secretName: aai-fproxy-auth-certs - {{ end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-champ/templates/service.yaml b/kubernetes/aai/charts/aai-champ/templates/service.yaml deleted file mode 100644 index e67d42a5ff..0000000000 --- a/kubernetes/aai/charts/aai-champ/templates/service.yaml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{ if .Values.global.installSidecarSecurity }} - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - targetPort: {{ .Values.global.rproxy.port }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.global.rproxy.port }} - name: {{ .Values.service.portName }} - {{- end}} - {{ else }} - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort}} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - {{ end }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-data-router/.helmignore b/kubernetes/aai/charts/aai-data-router/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-data-router/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/charts/aai-data-router/resources/config/auth/client-cert-onap.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-data-router/resources/config/auth/client-cert-onap.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/auth/data-router_policy.json b/kubernetes/aai/charts/aai-data-router/resources/config/auth/data-router_policy.json deleted file mode 100644 index c03870e288..0000000000 --- a/kubernetes/aai/charts/aai-data-router/resources/config/auth/data-router_policy.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "roles": [ - { - "name": "admin", - "functions": [ - { - "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ] - } - ], - - "users": [ - { - "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" - } - ] - } - ] -} diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore deleted file mode 100644 index de5325b4aa..0000000000 Binary files a/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/data-router.properties b/kubernetes/aai/charts/aai-data-router/resources/config/data-router.properties deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-data-router/resources/config/log/logback.xml deleted file mode 100644 index d7ff0143a1..0000000000 --- a/kubernetes/aai/charts/aai-data-router/resources/config/log/logback.xml +++ /dev/null @@ -1,193 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - ${errorLogPattern} - - - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - - ${auditMetricPattern} - - - - - 256 - - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - 256 - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties b/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties deleted file mode 100644 index 8c680b5820..0000000000 --- a/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties +++ /dev/null @@ -1,46 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. -# Copyright © 2017-2018 Amdocs -# Modifications Copyright © 2018 Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - - -# Properties for the SchemaLocationsBean -# Files named aai_oxm_v*.xml are unpacked here: -nodeDir=/opt/app/data-router/onap/oxm -# Dummy folder/directory: -edgeDir= - -# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0 -schema.configuration.location=N/A -schema.nodes.location=/opt/app/data-router/onap/oxm/ -schema.edges.location= -# These versions need to exist if they are included in the list -schema.version.list=v9,v10,v11,v12,v13,v14 -# Decalares the oxm version to load -schema.version.api.default=v14 - -# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean) -schema.version.depth.start=v14 -schema.version.related.link.start=v14 -schema.version.app.root.start=v14 -schema.version.namespace.change.start=v14 -schema.version.edge.label.start=v14 -~ - diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml deleted file mode 100644 index c945c39876..0000000000 --- a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml +++ /dev/null @@ -1,22 +0,0 @@ - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml deleted file mode 100644 index b5e4129595..0000000000 --- a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml +++ /dev/null @@ -1,56 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/routes/entity-event.route b/kubernetes/aai/charts/aai-data-router/resources/dynamic/routes/entity-event.route deleted file mode 100644 index 14db6d6596..0000000000 --- a/kubernetes/aai/charts/aai-data-router/resources/dynamic/routes/entity-event.route +++ /dev/null @@ -1,4 +0,0 @@ - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml b/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml deleted file mode 100644 index c8532b2ffc..0000000000 --- a/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prop - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dynamic - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }} - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-filebeat-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml deleted file mode 100644 index 5c0d9b2f8d..0000000000 --- a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml +++ /dev/null @@ -1,188 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - initContainers: - - command: - - /bin/sh - - -c - - | - mkdir -p /logroot/data-router/logs - chmod -R 777 /logroot/data-router/logs - chown -R root:root /logroot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - securityContext: - privileged: true - image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: init-sysctl - volumeMounts: - - name: {{ include "common.fullname" . }}-logs - mountPath: /logroot/ - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: SERVICE_BEANS - value: /opt/app/data-router/dynamic/conf - - name: CONFIG_HOME - value: /opt/app/data-router/config/ - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: DYNAMIC_ROUTES - value: /opt/app/data-router/dynamic/routes - - name: KEY_MANAGER_PASSWORD - value: {{ .Values.config.keyManagerPassword }} - - name: PATH - value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - - name: JAVA_HOME - value: usr/lib/jvm/java-8-openjdk-amd64 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/data-router/config/auth - name: {{ include "common.fullname" . }}-auth - - mountPath: /opt/app/data-router/config/data-router.properties - subPath: data-router.properties - name: {{ include "common.fullname" . }}-properties - - mountPath: /opt/app/data-router/config/schemaIngest.properties - subPath: schemaIngest.properties - name: {{ include "common.fullname" . }}-properties - - mountPath: /opt/app/data-router/dynamic/routes/entity-event.route - subPath: entity-event.route - name: {{ include "common.fullname" . }}-dynamic-route - - mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml - subPath: entity-event-policy.xml - name: {{ include "common.fullname" . }}-dynamic-policy - - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml - subPath: data-router-oxm.xml - name: {{ include "common.fullname" . }}-dynamic-oxm - - mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-logback-config - subPath: logback.xml - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /logs - name: {{ include "common.fullname" . }}-logs - - ports: - - containerPort: {{ .Values.service.internalPort }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /logs - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-filebeat - resources: -{{ include "common.resources" . }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: aai-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-auth - secret: - secretName: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-properties - configMap: - name: {{ include "common.fullname" . }}-prop - items: - - key: data-router.properties - path: data-router.properties - - key: schemaIngest.properties - path: schemaIngest.properties - - name: {{ include "common.fullname" . }}-dynamic-route - configMap: - name: {{ include "common.fullname" . }}-dynamic - - name: {{ include "common.fullname" . }}-dynamic-policy - configMap: - name: {{ include "common.fullname" . }}-dynamic - - name: {{ include "common.fullname" . }}-dynamic-oxm - configMap: - name: {{ include "common.fullname" . }}-dynamic - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-logback-config - configMap: - name: {{ include "common.fullname" . }}-log-configmap - items: - - key: logback.xml - path: logback.xml - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-data-router/values.yaml b/kubernetes/aai/charts/aai-data-router/values.yaml deleted file mode 100644 index ddc7fd0ee4..0000000000 --- a/kubernetes/aai/charts/aai-data-router/values.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for data-router. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - loggingImage: beats/filebeat:5.5.0 - -# application image -repository: nexus3.onap.org:10001 -image: onap/data-router:1.3.1 -pullPolicy: Always -restartPolicy: Always -flavor: small -dockerhubRepository: registry.hub.docker.com -ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - -# application configuration -config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - name: aai-data-router - internalPort: 9502 - -ingress: - enabled: false - -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - ## storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aai/data-router/logs - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.25 - memory: 750Mi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 0.5 - memory: 1536Mi - unlimited: {} - -# Entity Event route configuration -event: - port: - dmaap: 3905 - protocol: https - consumer: - topic: AAI-EVENT diff --git a/kubernetes/aai/charts/aai-elasticsearch/.helmignore b/kubernetes/aai/charts/aai-elasticsearch/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh deleted file mode 100644 index e85936570e..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -/usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh \ - -cd /usr/share/elasticsearch/config/sg \ - -ks /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.adminKeyStore }} \ - -ts /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.trustStore }} \ - -kspass {{ .Values.config.adminKeyStorePassword }} \ - -tspass {{ .Values.config.trustStorePassword}} \ - -nhnv \ - -icl \ - -p {{ .Values.service.internalPort2 }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh deleted file mode 100644 index a612c74a1c..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -# Wait for ES to start then initialize SearchGuard -/usr/local/bin/docker-entrypoint.sh eswrapper & -/usr/share/elasticsearch/bin/wait_until_started.sh -/usr/share/elasticsearch/bin/init_sg.sh - -wait \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh deleted file mode 100644 index 279253b43d..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -RET=1 - -while [[ RET -ne 0 ]]; do - echo "Waiting for Elasticsearch to become ready before running sgadmin..." - curl -XGET -k "https://localhost:{{ .Values.service.internalPort }}/" >/dev/null 2>&1 - RET=$? - sleep 5 -done \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml deleted file mode 100644 index 87536e3faa..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml +++ /dev/null @@ -1,397 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -##################### Elasticsearch Configuration Example ##################### - -# This file contains an overview of various configuration settings, -# targeted at operations staff. Application developers should -# consult the guide at . -# -# The installation procedure is covered at -# . -# -# Elasticsearch comes with reasonable defaults for most settings, -# so you can try it out without bothering with configuration. -# -# Most of the time, these defaults are just fine for running a production -# cluster. If you're fine-tuning your cluster, or wondering about the -# effect of certain configuration option, please _do ask_ on the -# mailing list or IRC channel [http://elasticsearch.org/community]. - -# Any element in the configuration can be replaced with environment variables -# by placing them in ${...} notation. For example: -# -# node.rack: ${RACK_ENV_VAR} - -# For information on supported formats and syntax for the config file, see -# -################################### Cluster ################################### - -# Cluster name identifies your cluster for auto-discovery. If you're running -# multiple clusters on the same network, make sure you're using unique names. -# -# cluster.name: elasticsearch - -cluster.name: ES_AAI - -#################################### Node ##################################### - -node.name: ES_ONAP -node.master: true -node.data: true - - -# Use the Cluster Health API [http://localhost:9200/_cluster/health], the -# Node Info API [http://localhost:9200/_nodes] or GUI tools -# such as , -# , -# and -# to inspect the cluster state. - -# By default, multiple nodes are allowed to start from the same installation location -# to disable it, set the following: - -node.max_local_storage_nodes: 1 - - -#################################### Index #################################### -# You can set a number of options (such as shard/replica options, mapping -# or analyzer definitions, translog settings, ...) for indices globally, -# in this file. -# -# Note, that it makes more sense to configure index settings specifically for -# a certain index, either when creating it or by using the index templates API. -# -# See and -# -# for more information. - -# Set the number of shards (splits) of an index (5 by default): - -#index.number_of_shards: 5 - -# Set the number of replicas (additional copies) of an index (1 by default): - -#index.number_of_replicas: 1 - -# These settings directly affect the performance of index and search operations -# in your cluster. Assuming you have enough machines to hold shards and -# replicas, the rule of thumb is: -# -# 1. Having more *shards* enhances the _indexing_ performance and allows to -# _distribute_ a big index across machines. -# 2. Having more *replicas* enhances the _search_ performance and improves the -# cluster _availability_. -# -# The "number_of_shards" is a one-time setting for an index. -# -# The "number_of_replicas" can be increased or decreased anytime, -# by using the Index Update Settings API. -# -# Elasticsearch takes care about load balancing, relocating, gathering the -# results from nodes, etc. Experiment with different settings to fine-tune -# your setup. - -# Use the Index Status API () to inspect -# the index status. - - -#################################### Paths #################################### - -# Path to directory containing configuration (this file and logging.yml): -#path.conf: /opt/app/elasticsearch/config - -# Path to directory where to store index data allocated for this node. -# Use swm auto link to redirect the data directory if necessary. - -path.data: /usr/share/elasticsearch/data - -# path.data: /path/to/data1,/path/to/data2 - -# path.work: /path/to/work - -path.logs: /usr/share/elasticsearch/logs - -#path.plugins: /opt/app/elasticsearch/plugins - - -#################################### Plugin ################################### - -# If a plugin listed here is not installed for current node, the node will not start. -# -# plugin.mandatory: mapper-attachments,lang-groovy - - -################################### Memory #################################### - -# Elasticsearch performs poorly when JVM starts swapping: you should ensure that -# it _never_ swaps. -# -# Set this property to true to lock the memory: default is true - -#bootstrap.memory_lock: true - -# Make sure that the ES_MIN_MEM and ES_MAX_MEM environment variables are set -# to the same value, and that the machine has enough memory to allocate -# for Elasticsearch, leaving enough memory for the operating system itself. -# -# You should also make sure that the Elasticsearch process is allowed to lock -# the memory, eg. by using `ulimit -l unlimited`. - -### Kernel Settings - -# Elasticsearch installs system call filters of various flavors depending on the -# operating system (e.g., seccomp on Linux). These system call filters are -# installed to prevent the ability to execute system calls related to forking -# as a defense mechanism against arbitrary code execution attacks on -# Elasticsearch The system call filter check ensures that if system call -# filters are enabled, then they were successfully installed. To pass the system -# call filter check you must either fix any configuration errors on your system -# that prevented system call filters from installing (check your logs), or at -# your own risk disable system call filters by setting -# bootstrap.system_call_filter to false. -# See: https://www.elastic.co/guide/en/elasticsearch/reference/current/system-call-filter-check.html -# -# seccomp is found in Linux kernels: 2.6.37–2.6.39, 3.0–3.19, 4.0–4.9, -# 4.10-rc+HEAD -# -# The default setting is to disable the filters assuming an older kernel -# version where seccomp is not available. -# See: https://discuss.elastic.co/t/elasticsearch-warn-unable-to-install-syscall-filter/42819 - -bootstrap.system_call_filter: false - -############################## Network And HTTP ############################### -# Elasticsearch, by default, binds itself to the 0.0.0.0 address, and listens -# on port [9200-9300] for HTTP traffic and on port [9300-9400] for node-to-node -# communication. (the range means that if the port is busy, it will automatically -# try the next port). - -# Set the bind address specifically (IPv4 or IPv6): -network.bind_host: 0.0.0.0 - -# Set the address other nodes will use to communicate with this node. If not -# set, it is automatically derived. It must point to an actual IP address. - -# network.publish_host: 0.0.0.0 - -# Set both 'bind_host' and 'publish_host': -# network.host: 192.168.0.1 - - -# Set a custom port for the node to node communication (9300 by default): -transport.tcp.port: {{ .Values.service.internalPort2 }} - -# Enable compression for all communication between nodes (disabled by default): -transport.tcp.compress: false - -# Set a custom port to listen for HTTP traffic: -# http.port: 9200 -http.port: {{ .Values.service.internalPort }} - -# Set a custom allowed content length: -# http.max_content_length: 100mb -http.max_content_length: 100mb - -# Disable HTTP completely: -# http.enabled: false -http.enabled: true - -# This is specifically useful for permitting which front end Kibana Url's are permitted to access elastic search. -http.cors.enabled: false -http.cors.allow-origin: "/.*/" -http.cors.allow-headers: X-Requested-With, Content-Type, Content-Length -http.cors.allow-credentials: false -################################### Gateway ################################### - -# The gateway allows for persisting the cluster state between full cluster -# restarts. Every change to the state (such as adding an index) will be stored -# in the gateway, and when the cluster starts up for the first time, -# it will read its state from the gateway. -# There are several types of gateway implementations. For more information, see -# . - -# The default gateway type is the "local" gateway (recommended): -# -#gateway.type: local -#gateway.type: local - -# Settings below control how and when to start the initial recovery process on -# a full cluster restart (to reuse as much local data as possible when using shared -# gateway). - -# Allow recovery process after N nodes in a cluster are up: -# -# gateway.recover_after_nodes: 1 -gateway.recover_after_nodes: 1 - -# Set the timeout to initiate the recovery process, once the N nodes -# from previous setting are up (accepts time value): -# -#gateway.recover_after_time: 5m -gateway.recover_after_time: 5m - -# Set how many nodes are expected in this cluster. Once these N nodes -# are up (and recover_after_nodes is met), begin recovery process immediately -# (without waiting for recover_after_time to expire): -# -# gateway.expected_nodes: 2 -gateway.expected_nodes: 2 - -############################# Recovery Throttling ############################# - -# These settings allow to control the process of shards allocation between -# nodes during initial recovery, replica allocation, rebalancing, -# or when adding and removing nodes. - -# Set the number of concurrent recoveries happening on a node: -# -# 1. During the initial recovery -# -# cluster.routing.allocation.node_initial_primaries_recoveries: 4 -# -# 2. During adding/removing nodes, rebalancing, etc -# -# cluster.routing.allocation.node_concurrent_recoveries: 2 - -# Set to throttle throughput when recovering (eg. 100mb, by default 20mb): -# indices.recovery.max_bytes_per_sec: 20mb -indices.recovery.max_bytes_per_sec: 20mb - -# Set to limit the number of open concurrent streams when -# recovering a shard from a peer: -# -# indices.recovery.concurrent_streams: 5 -#indices.recovery.concurrent_streams: 5 - -################################## Discovery ################################## - -# Discovery infrastructure ensures nodes can be found within a cluster -# and master node is elected. Multicast discovery is the default. - -# Set to ensure a node sees N other master eligible nodes to be considered -# operational within the cluster. Its recommended to set it to a higher value -# than 1 when running more than 2 nodes in the cluster. -# -discovery.zen.minimum_master_nodes: 1 - -# Set the time to wait for ping responses from other nodes when discovering. -# Set this option to a higher value on a slow or congested network -# to minimize discovery failures: -# -# discovery.zen.ping_timeout: 3s -discovery.zen.ping_timeout: 3s - -# For more information, see -# - -# Unicast discovery allows to explicitly control which nodes will be used -# to discover the cluster. It can be used when multicast is not present, -# or to restrict the cluster communication-wise. -# -# 1. Disable multicast discovery (enabled by default): -# discovery.zen.ping.multicast.enabled: false -#discovery.zen.ping.multicast.enabled: false - - -# 2. Configure an initial list of master nodes in the cluster -# to perform discovery when new nodes (master or data) are started: -# -# discovery.zen.ping.unicast.hosts: ["host1", "host2:port"] -discovery.zen.ping.unicast.hosts: ["0.0.0.0"] - -# EC2 discovery allows to use AWS EC2 API in order to perform discovery. -# -# You have to install the cloud-aws plugin for enabling the EC2 discovery. -# -# For more information, see -# -# -# -# See -# for a step-by-step tutorial. - -# GCE discovery allows to use Google Compute Engine API in order to perform discovery. -# -# You have to install the cloud-gce plugin for enabling the GCE discovery. -# -# For more information, see . - -# Azure discovery allows to use Azure API in order to perform discovery. -# -# You have to install the cloud-azure plugin for enabling the Azure discovery. -# -# For more information, see . - -################################## Slow Log ################################## - -# Shard level query and fetch threshold logging. - -#index.search.slowlog.threshold.query.warn: 10s -#index.search.slowlog.threshold.query.info: 5s -#index.search.slowlog.threshold.query.debug: 2s -#index.search.slowlog.threshold.query.trace: 500ms - -#index.search.slowlog.threshold.fetch.warn: 1s -#index.search.slowlog.threshold.fetch.info: 800ms -#index.search.slowlog.threshold.fetch.debug: 500ms -#index.search.slowlog.threshold.fetch.trace: 200ms - -#index.indexing.slowlog.threshold.index.warn: 10s -#index.indexing.slowlog.threshold.index.info: 5s -#index.indexing.slowlog.threshold.index.debug: 2s -#index.indexing.slowlog.threshold.index.trace: 500ms - -################################## GC Logging ################################ - -#monitor.jvm.gc.young.warn: 1000ms -#monitor.jvm.gc.young.info: 700ms -#monitor.jvm.gc.young.debug: 400ms - -#monitor.jvm.gc.old.warn: 10s -#monitor.jvm.gc.old.info: 5s -#monitor.jvm.gc.old.debug: 2s - -############################################################################################# -### SEARCH GUARD SSL # -### Configuration # -############################################################################################### -######## Start Search Guard Demo Configuration ######## - -searchguard.enterprise_modules_enabled: false - -searchguard.ssl.transport.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }} -searchguard.ssl.transport.keystore_password: {{ .Values.config.nodeKeyStorePassword }} -searchguard.ssl.transport.truststore_filepath: sg/auth/{{ .Values.config.trustStore }} -searchguard.ssl.transport.truststore_password: {{ .Values.config.trustStorePassword }} -searchguard.ssl.transport.enforce_hostname_verification: false - -searchguard.ssl.http.enabled: true -searchguard.ssl.http.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }} -searchguard.ssl.http.keystore_password: {{ .Values.config.nodeKeyStorePassword }} -searchguard.ssl.http.truststore_filepath: sg/auth/{{ .Values.config.trustStore }} -searchguard.ssl.http.truststore_password: {{ .Values.config.trustStorePassword }} - -searchguard.nodes_dn: - - CN=esaai - -searchguard.authcz.admin_dn: - - CN=sgadmin - -# x-pack security conflicts with searchguard -xpack.security.enabled: false -xpack.ml.enabled: false -xpack.monitoring.enabled: false -xpack.watcher.enabled: false diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/jvm.options b/kubernetes/aai/charts/aai-elasticsearch/resources/config/jvm.options deleted file mode 100644 index e69d7983c0..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/jvm.options +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## JVM configuration - -################################################################ -## IMPORTANT: JVM heap size -################################################################ -## -## You should always set the min and max JVM heap -## size to the same value. For example, to set -## the heap to 4 GB, set: -## -## -Xms4g -## -Xmx4g -## -## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html -## for more information -## -################################################################ - -# Xms represents the initial size of total heap space -# Xmx represents the maximum size of total heap space - --Xms1g --Xmx1g - -################################################################ -## Expert settings -################################################################ -## -## All settings below this section are considered -## expert settings. Don't tamper with them unless -## you understand what you are doing -## -################################################################ - -## GC configuration --XX:+UseConcMarkSweepGC --XX:CMSInitiatingOccupancyFraction=75 --XX:+UseCMSInitiatingOccupancyOnly - -## optimizations - -# pre-touch memory pages used by the JVM during initialization --XX:+AlwaysPreTouch - -## basic - -# force the server VM --server - -# explicitly set the stack size --Xss1m - -# set to headless, just in case --Djava.awt.headless=true - -# ensure UTF-8 encoding by default (e.g. filenames) --Dfile.encoding=UTF-8 - -# use our provided JNA always versus the system one --Djna.nosys=true - -# turn off a JDK optimization that throws away stack traces for common -# exceptions because stack traces are important for debugging --XX:-OmitStackTraceInFastThrow - -# flags to configure Netty --Dio.netty.noUnsafe=true --Dio.netty.noKeySetOptimization=true --Dio.netty.recycler.maxCapacityPerThread=0 - -# log4j 2 --Dlog4j.shutdownHookEnabled=false --Dlog4j2.disable.jmx=true - -## heap dumps - -# generate a heap dump when an allocation from the Java heap fails -# heap dumps are created in the working directory of the JVM --XX:+HeapDumpOnOutOfMemoryError - -# specify an alternative path for heap dumps -# ensure the directory exists and has sufficient space -#-XX:HeapDumpPath=/heap/dump/path - -## GC logging - -#-XX:+PrintGCDetails -#-XX:+PrintGCTimeStamps -#-XX:+PrintGCDateStamps -#-XX:+PrintClassHistogram -#-XX:+PrintTenuringDistribution -#-XX:+PrintGCApplicationStoppedTime - -# log GC status to a file with time stamps -# ensure the directory exists -#-Xloggc:${loggc} - -# By default, the GC log file will not rotate. -# By uncommenting the lines below, the GC log file -# will be rotated every 128MB at most 32 times. -#-XX:+UseGCLogFileRotation -#-XX:NumberOfGCLogFiles=32 -#-XX:GCLogFileSize=128M diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/log4j2.properties b/kubernetes/aai/charts/aai-elasticsearch/resources/config/log4j2.properties deleted file mode 100644 index e674865221..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/log4j2.properties +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -status = error - -# log action execution errors for easier debugging -logger.action.name = org.elasticsearch.action -logger.action.level = INFO - -appender.console.type = Console -appender.console.name = console -appender.console.layout.type = PatternLayout -appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n - -appender.rolling.type = RollingFile -appender.rolling.name = rolling -appender.rolling.fileName = ${sys:es.logs.base_path}.log -appender.rolling.layout.type = PatternLayout -appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n -appender.rolling.filePattern = ${sys:es.logs.base_path}-%d{yyyy-MM-dd}.log -appender.rolling.policies.type = Policies -appender.rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.rolling.policies.time.interval = 1 -appender.rolling.policies.time.modulate = true - -rootLogger.level = info -rootLogger.appenderRef.console.ref = console -rootLogger.appenderRef.rolling.ref = rolling - -# appender.deprecation_rolling.type = RollingFile -# appender.deprecation_rolling.name = deprecation_rolling -# appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}_deprecation.log -# appender.deprecation_rolling.layout.type = PatternLayout -# appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n -# appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}_deprecation-%i.log.gz -# appender.deprecation_rolling.policies.type = Policies -# appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy -# appender.deprecation_rolling.policies.size.size = 1GB -# appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy -# appender.deprecation_rolling.strategy.max = 4 - -# logger.deprecation.name = org.elasticsearch.deprecation -# logger.deprecation.level = warn -# logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling -# logger.deprecation.additivity = false - -appender.index_search_slowlog_rolling.type = RollingFile -appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling -appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}_index_search_slowlog.log -appender.index_search_slowlog_rolling.layout.type = PatternLayout -appender.index_search_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n -appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}_index_search_slowlog-%d{yyyy-MM-dd}.log -appender.index_search_slowlog_rolling.policies.type = Policies -appender.index_search_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.index_search_slowlog_rolling.policies.time.interval = 1 -appender.index_search_slowlog_rolling.policies.time.modulate = true - -logger.index_search_slowlog_rolling.name = index.search.slowlog -logger.index_search_slowlog_rolling.level = trace -logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling -logger.index_search_slowlog_rolling.additivity = false - -appender.index_indexing_slowlog_rolling.type = RollingFile -appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling -appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}_index_indexing_slowlog.log -appender.index_indexing_slowlog_rolling.layout.type = PatternLayout -appender.index_indexing_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n -appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}_index_indexing_slowlog-%d{yyyy-MM-dd}.log -appender.index_indexing_slowlog_rolling.policies.type = Policies -appender.index_indexing_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.index_indexing_slowlog_rolling.policies.time.interval = 1 -appender.index_indexing_slowlog_rolling.policies.time.modulate = true - -logger.index_indexing_slowlog.name = index.indexing.slowlog.index -logger.index_indexing_slowlog.level = trace -logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling -logger.index_indexing_slowlog.additivity = false diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks deleted file mode 100644 index 21ec9bba97..0000000000 Binary files a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks and /dev/null differ diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 deleted file mode 100644 index db7cbf401c..0000000000 Binary files a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks deleted file mode 100644 index b3bd666652..0000000000 Binary files a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks and /dev/null differ diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml deleted file mode 100644 index be5901a559..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml +++ /dev/null @@ -1,137 +0,0 @@ -UNLIMITED: - readonly: true - permissions: - - "*" - -###### INDEX LEVEL ###### - -INDICES_ALL: - readonly: true - permissions: - - "indices:*" - -# for backward compatibility -ALL: - readonly: true - permissions: - - INDICES_ALL - -MANAGE: - readonly: true - permissions: - - "indices:monitor/*" - - "indices:admin/*" - -CREATE_INDEX: - readonly: true - permissions: - - "indices:admin/create" - - "indices:admin/mapping/put" - -MANAGE_ALIASES: - readonly: true - permissions: - - "indices:admin/aliases*" - -# for backward compatibility -MONITOR: - readonly: true - permissions: - - INDICES_MONITOR - -INDICES_MONITOR: - readonly: true - permissions: - - "indices:monitor/*" - -DATA_ACCESS: - readonly: true - permissions: - - "indices:data/*" - - CRUD - -WRITE: - readonly: true - permissions: - - "indices:data/write*" - - "indices:admin/mapping/put" - -READ: - readonly: true - permissions: - - "indices:data/read*" - - "indices:admin/mappings/fields/get*" - -DELETE: - readonly: true - permissions: - - "indices:data/write/delete*" - -CRUD: - readonly: true - permissions: - - READ - - WRITE - -SEARCH: - readonly: true - permissions: - - "indices:data/read/search*" - - "indices:data/read/msearch*" - - SUGGEST - -SUGGEST: - readonly: true - permissions: - - "indices:data/read/suggest*" - -INDEX: - readonly: true - permissions: - - "indices:data/write/index*" - - "indices:data/write/update*" - - "indices:admin/mapping/put" - - "indices:data/write/bulk*" - -GET: - readonly: true - permissions: - - "indices:data/read/get*" - - "indices:data/read/mget*" - -###### CLUSTER LEVEL ###### - -CLUSTER_ALL: - readonly: true - permissions: - - "cluster:*" - -CLUSTER_MONITOR: - readonly: true - permissions: - - "cluster:monitor/*" - -CLUSTER_COMPOSITE_OPS_RO: - readonly: true - permissions: - - "indices:data/read/mget" - - "indices:data/read/msearch" - - "indices:data/read/mtv" - - "indices:data/read/coordinate-msearch*" - - "indices:admin/aliases/exists*" - - "indices:admin/aliases/get*" - - "indices:data/read/scroll" - -CLUSTER_COMPOSITE_OPS: - readonly: true - permissions: - - "indices:data/write/bulk" - - "indices:admin/aliases*" - - "indices:data/write/reindex" - - CLUSTER_COMPOSITE_OPS_RO - -MANAGE_SNAPSHOTS: - readonly: true - permissions: - - "cluster:admin/snapshot/*" - - "cluster:admin/repository/*" \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml deleted file mode 100644 index 9172b71e8d..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ /dev/null @@ -1,221 +0,0 @@ -# This is the main Search Guard configuration file where authentication -# and authorization is defined. -# -# You need to configure at least one authentication domain in the authc of this file. -# An authentication domain is responsible for extracting the user credentials from -# the request and for validating them against an authentication backend like Active Directory for example. -# -# If more than one authentication domain is configured the first one which succeeds wins. -# If all authentication domains fail then the request is unauthenticated. -# In this case an exception is thrown and/or the HTTP status is set to 401. -# -# After authentication authorization (authz) will be applied. There can be zero or more authorizers which collect -# the roles from a given backend for the authenticated user. -# -# Both, authc and auth can be enabled/disabled separately for REST and TRANSPORT layer. Default is true for both. -# http_enabled: true -# transport_enabled: true -# -# 5.x Migration: "enabled: true/false" will also be respected currently but only to provide backward compatibility. -# -# For HTTP it is possible to allow anonymous authentication. If that is the case then the HTTP authenticators try to -# find user credentials in the HTTP request. If credentials are found then the user gets regularly authenticated. -# If none can be found the user will be authenticated as an "anonymous" user. This user has always the username "sg_anonymous" -# and one role named "sg_anonymous_backendrole". -# If you enable anonymous authentication all HTTP authenticators will not challenge. -# -# -# Note: If you define more than one HTTP authenticators make sure to put non-challenging authenticators like "proxy" or "clientcert" -# first and the challenging one last. -# Because it's not possible to challenge a client with two different authentication methods (for example -# Kerberos and Basic) only one can have the challenge flag set to true. You can cope with this situation -# by using pre-authentication, e.g. sending a HTTP Basic authentication header in the request. -# -# Default value of the challenge flag is true. -# -# -# HTTP -# basic (challenging) -# proxy (not challenging, needs xff) -# kerberos (challenging) -# clientcert (not challenging, needs https) -# jwt (not challenging) -# host (not challenging) #DEPRECATED, will be removed in a future version. -# host based authentication is configurable in sg_roles_mapping - -# Authc -# internal -# noop -# ldap - -# Authz -# ldap -# noop - -searchguard: - dynamic: - # Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index - # Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default) - # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently - #filtered_alias_mode: warn - #kibana: - # Kibana multitenancy - # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md - # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki - #multitenancy_enabled: true - #server_username: kibanaserver - #index: '.kibana' - #do_not_fail_on_forbidden: false - http: - anonymous_auth_enabled: false - xff: - enabled: false - internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern - #internalProxies: '.*' # trust all internal proxies, regex pattern - remoteIpHeader: 'x-forwarded-for' - proxiesHeader: 'x-forwarded-by' - #trustedProxies: '.*' # trust all external proxies, regex pattern - ###### see https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for regex help - ###### more information about XFF https://en.wikipedia.org/wiki/X-Forwarded-For - ###### and here https://tools.ietf.org/html/rfc7239 - ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve - authc: - kerberos_auth_domain: - http_enabled: false - transport_enabled: false - order: 6 - http_authenticator: - type: kerberos - challenge: true - config: - # If true a lot of kerberos/security related debugging output will be logged to standard out - krb_debug: false - # If true then the realm will be stripped from the user name - strip_realm_from_principal: true - authentication_backend: - type: noop - basic_internal_auth_domain: - http_enabled: true - transport_enabled: true - order: 2 - http_authenticator: - type: basic - challenge: true - authentication_backend: - type: intern - proxy_auth_domain: - http_enabled: false - transport_enabled: false - order: 3 - http_authenticator: - type: proxy - challenge: false - config: - user_header: "x-proxy-user" - roles_header: "x-proxy-roles" - authentication_backend: - type: noop - jwt_auth_domain: - http_enabled: false - transport_enabled: false - order: 0 - http_authenticator: - type: jwt - challenge: false - config: - signing_key: "base64 encoded HMAC key or public RSA/ECDSA pem key" - jwt_header: "Authorization" - jwt_url_parameter: null - roles_key: null - subject_key: null - authentication_backend: - type: noop - clientcert_auth_domain: - http_enabled: true - transport_enabled: true - order: 1 - http_authenticator: - type: clientcert - config: - username_attribute: cn #optional, if omitted DN becomes username - challenge: false - authentication_backend: - type: noop - ldap: - http_enabled: false - transport_enabled: false - order: 5 - http_authenticator: - type: basic - challenge: false - authentication_backend: - # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap - config: - # enable ldaps - enable_ssl: false - # enable start tls, enable_ssl should be false - enable_start_tls: false - # send client certificate - enable_ssl_client_auth: false - # verify ldap hostname - verify_hostnames: true - hosts: - - localhost:8389 - bind_dn: null - password: null - userbase: 'ou=people,dc=example,dc=com' - # Filter to search for users (currently in the whole subtree beneath userbase) - # {0} is substituted with the username - usersearch: '(sAMAccountName={0})' - # Use this attribute from the user as username (if not set then DN is used) - username_attribute: null - authz: - roles_from_myldap: - http_enabled: false - transport_enabled: false - authorization_backend: - # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap - config: - # enable ldaps - enable_ssl: false - # enable start tls, enable_ssl should be false - enable_start_tls: false - # send client certificate - enable_ssl_client_auth: false - # verify ldap hostname - verify_hostnames: true - hosts: - - localhost:8389 - bind_dn: null - password: null - rolebase: 'ou=groups,dc=example,dc=com' - # Filter to search for roles (currently in the whole subtree beneath rolebase) - # {0} is substituted with the DN of the user - # {1} is substituted with the username - # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute - rolesearch: '(member={0})' - # Specify the name of the attribute which value should be substituted with {2} above - userroleattribute: null - # Roles as an attribute of the user entry - userrolename: disabled - #userrolename: memberOf - # The attribute in a role entry containing the name of that role, Default is "name". - # Can also be "dn" to use the full DN as rolename. - rolename: cn - # Resolve nested roles transitive (roles which are members of other roles and so on ...) - resolve_nested_roles: true - userbase: 'ou=people,dc=example,dc=com' - # Filter to search for users (currently in the whole subtree beneath userbase) - # {0} is substituted with the username - usersearch: '(uid={0})' - # Skip users matching a user name, a wildcard or a regex pattern - #skip_users: - # - 'cn=Michael Jackson,ou*people,o=TEST' - # - '/\S*/' - roles_from_another_ldap: - enabled: false - authorization_backend: - type: ldap - #config goes here ... diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml deleted file mode 100644 index 942a7164aa..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml +++ /dev/null @@ -1,45 +0,0 @@ -# This is the internal user database -# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh - -#password is: admin -admin: - readonly: true - hash: $2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG - roles: - - admin - attributes: - #no dots allowed in attribute names - attribute1: value1 - attribute2: value2 - attribute3: value3 - -#password is: logstash -logstash: - hash: $2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2 - roles: - - logstash - -#password is: kibanaserver -kibanaserver: - readonly: true - hash: $2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H. - -#password is: kibanaro -kibanaro: - hash: $2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC - roles: - - kibanauser - - readall - -#password is: readall -readall: - hash: $2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2 - #password is: readall - roles: - - readall - -#password is: snapshotrestore -snapshotrestore: - hash: $2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W - roles: - - snapshotrestore \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml deleted file mode 100644 index c918e851f1..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml +++ /dev/null @@ -1,262 +0,0 @@ -# Allows everything, but no changes to searchguard configuration index -sg_all_access: - readonly: true - cluster: - - UNLIMITED - indices: - '*': - '*': - - UNLIMITED - tenants: - admin_tenant: RW - -# Read all, but no write permissions -sg_readall: - readonly: true - cluster: - - CLUSTER_COMPOSITE_OPS_RO - indices: - '*': - '*': - - READ - -# Read all and monitor, but no write permissions -sg_readall_and_monitor: - cluster: - - CLUSTER_MONITOR - - CLUSTER_COMPOSITE_OPS_RO - indices: - '*': - '*': - - READ - -# For users which use kibana, access to indices must be granted separately -sg_kibana_user: - readonly: true - cluster: - - INDICES_MONITOR - - CLUSTER_COMPOSITE_OPS - indices: - '?kibana': - '*': - - MANAGE - - INDEX - - READ - - DELETE - '?kibana-6': - '*': - - MANAGE - - INDEX - - READ - - DELETE - '?kibana_*': - '*': - - MANAGE - - INDEX - - READ - - DELETE - '?tasks': - '*': - - INDICES_ALL - '?management-beats': - '*': - - INDICES_ALL - '*': - '*': - - indices:data/read/field_caps* - - indices:data/read/xpack/rollup* - - indices:admin/mappings/get* - - indices:admin/get - -# For the kibana server -sg_kibana_server: - readonly: true - cluster: - - CLUSTER_MONITOR - - CLUSTER_COMPOSITE_OPS - - cluster:admin/xpack/monitoring* - - indices:admin/template* - - indices:data/read/scroll* - indices: - '?kibana': - '*': - - INDICES_ALL - '?kibana-6': - '*': - - INDICES_ALL - '?kibana_*': - '*': - - INDICES_ALL - '?reporting*': - '*': - - INDICES_ALL - '?monitoring*': - '*': - - INDICES_ALL - '?tasks': - '*': - - INDICES_ALL - '?management-beats*': - '*': - - INDICES_ALL - '*': - '*': - - "indices:admin/aliases*" - -# For logstash and beats -sg_logstash: - cluster: - - CLUSTER_MONITOR - - CLUSTER_COMPOSITE_OPS - - indices:admin/template/get - - indices:admin/template/put - indices: - 'logstash-*': - '*': - - CRUD - - CREATE_INDEX - '*beat*': - '*': - - CRUD - - CREATE_INDEX - -# Allows adding and modifying repositories and creating and restoring snapshots -sg_manage_snapshots: - cluster: - - MANAGE_SNAPSHOTS - indices: - '*': - '*': - - "indices:data/write/index" - - "indices:admin/create" - -# Allows each user to access own named index -sg_own_index: - cluster: - - CLUSTER_COMPOSITE_OPS - indices: - '${user_name}': - '*': - - INDICES_ALL - -### X-Pack COMPATIBILITY -sg_xp_monitoring: - readonly: true - cluster: - - cluster:monitor/xpack/info - - cluster:monitor/main - - cluster:admin/xpack/monitoring/bulk - indices: - '?monitor*': - '*': - - INDICES_ALL - -sg_xp_alerting: - readonly: true - cluster: - - indices:data/read/scroll - - cluster:admin/xpack/watcher* - - cluster:monitor/xpack/watcher* - indices: - '?watches*': - '*': - - INDICES_ALL - '?watcher-history-*': - '*': - - INDICES_ALL - '?triggered_watches': - '*': - - INDICES_ALL - '*': - '*': - - READ - - indices:admin/aliases/get - -sg_xp_machine_learning: - readonly: true - cluster: - - cluster:admin/persistent* - - cluster:internal/xpack/ml* - - indices:data/read/scroll* - - cluster:admin/xpack/ml* - - cluster:monitor/xpack/ml* - indices: - '*': - '*': - - READ - - indices:admin/get* - '?ml-*': - '*': - - "*" - -### LEGACY ROLES, FOR COMPATIBILITY ONLY -### WILL BE REMOVED IN SG7, DO NOT USE ANYMORE - -sg_readonly_and_monitor: - cluster: - - CLUSTER_MONITOR - - CLUSTER_COMPOSITE_OPS_RO - indices: - '*': - '*': - - READ - -# Make xpack monitoring work -sg_monitor: - cluster: - - cluster:admin/xpack/monitoring/* - - cluster:admin/ingest/pipeline/put - - cluster:admin/ingest/pipeline/get - - indices:admin/template/get - - indices:admin/template/put - - CLUSTER_MONITOR - - CLUSTER_COMPOSITE_OPS - indices: - '?monitor*': - '*': - - INDICES_ALL - '?marvel*': - '*': - - INDICES_ALL - '?kibana*': - '*': - - READ - '*': - '*': - - indices:data/read/field_caps - -# Make xpack alerting work -sg_alerting: - cluster: - - indices:data/read/scroll - - cluster:admin/xpack/watcher/watch/put - - cluster:admin/xpack/watcher* - - CLUSTER_MONITOR - - CLUSTER_COMPOSITE_OPS - indices: - '?kibana*': - '*': - - READ - '?watches*': - '*': - - INDICES_ALL - '?watcher-history-*': - '*': - - INDICES_ALL - '?triggered_watches': - '*': - - INDICES_ALL - '*': - '*': - - READ - - -sg_role_test: - cluster: - - indices:admin/template/get - - indices:admin/template/put - - CLUSTER_COMPOSITE_OPS - indices: - '*': - '*': - - UNLIMITED diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml deleted file mode 100644 index 970e02763b..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml +++ /dev/null @@ -1,38 +0,0 @@ -# In this file users, backendroles and hosts can be mapped to Search Guard roles. -# Permissions for Search Guard roles are configured in sg_roles.yml - -sg_all_access: - readonly: true - backendroles: - - admin - -sg_logstash: - backendroles: - - logstash - -sg_kibana_server: - readonly: true - users: - - kibanaserver - -sg_kibana_user: - backendroles: - - kibanauser - -sg_readall: - readonly: true - backendroles: - - readall - -sg_manage_snapshots: - readonly: true - backendroles: - - snapshotrestore - -sg_own_index: - users: - - '*' - -sg_role_test: - users: - - test diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml deleted file mode 100644 index 4be124fc0f..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-es-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-sg-scripts - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-sg-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/sg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml deleted file mode 100644 index 785693a9ba..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - hostname: {{ include "common.name" . }} - initContainers: - - command: - - /bin/sh - - -c - - | - sysctl -w vm.max_map_count=262144 - mkdir -p /logroot/elasticsearch/logs - mkdir -p /logroot/elasticsearch/data - chmod -R 777 /logroot/elasticsearch - chown -R 1000:1000 /logroot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - securityContext: - privileged: true - image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} - imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} - name: init-sysctl - volumeMounts: - - name: elasticsearch-data - mountPath: /logroot/ - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - name: localtime - mountPath: /etc/localtime - readOnly: true - - name: elasticsearch-config - subPath: elasticsearch.yml - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml - - name: elasticsearch-config - subPath: jvm.options - mountPath: /usr/share/elasticsearch/config/jvm.options - - name: elasticsearch-config - subPath: log4j2.properties - mountPath: /usr/share/elasticsearch/config/log4j2.properties - - name: searchguard-scripts - subPath: run.sh - mountPath: /usr/share/elasticsearch/bin/run.sh - - name: searchguard-scripts - subPath: wait_until_started.sh - mountPath: /usr/share/elasticsearch/bin/wait_until_started.sh - - name: searchguard-scripts - subPath: init_sg.sh - mountPath: /usr/share/elasticsearch/bin/init_sg.sh - - name: searchguard-config - mountPath: /usr/share/elasticsearch/config/sg - - name: searchguard-auth-config - mountPath: /usr/share/elasticsearch/config/sg/auth - - name: elasticsearch-data - mountPath: /usr/share/elasticsearch/data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: elasticsearch-config - configMap: - name: {{ include "common.fullname" . }}-es-config - - name: searchguard-scripts - configMap: - name: {{ include "common.fullname" . }}-sg-scripts - defaultMode: 0754 - - name: searchguard-config - configMap: - name: {{ include "common.fullname" . }}-sg-config - - name: searchguard-auth-config - secret: - secretName: {{ include "common.fullname" . }}-sg-auth - - name: elasticsearch-data - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} - restartPolicy: {{ .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/secrets.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/secrets.yaml deleted file mode 100644 index 34b272f086..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/secrets.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-sg-auth - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/sg/auth/*").AsSecrets . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/values.yaml b/kubernetes/aai/charts/aai-elasticsearch/values.yaml deleted file mode 100644 index ea82c99f8b..0000000000 --- a/kubernetes/aai/charts/aai-elasticsearch/values.yaml +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for elasticsearch. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - -# application image -image: onap/elasticsearch-sg:1.4-STAGING-latest -pullPolicy: Always -restartPolicy: Always - -flavor: small - -# application configuration -config: - tcpPort: 8443 - nodeKeyStore: esaai-keystore.jks - nodeKeyStorePassword: b87b46d3da7d3d4aadfe - adminKeyStore: sgadmin-keystore.p12 - adminKeyStorePassword: 341274302a70ad691e12 - trustStore: truststore.jks - trustStorePassword: b200926e9da205487f63 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: aai-elasticsearch - portName: aai-elasticsearch - internalPort: 9200 - portName2: aai-elasticsearch-tcp - internalPort2: 8443 - -ingress: - enabled: false - -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - ## storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aai/elasticsearch/data - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 2Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 - memory: 4Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-gizmo/.helmignore b/kubernetes/aai/charts/aai-gizmo/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-gizmo/Chart.yaml b/kubernetes/aai/charts/aai-gizmo/Chart.yaml deleted file mode 100644 index 98dba95bf1..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: Gizmo service -name: aai-gizmo -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/README.txt b/kubernetes/aai/charts/aai-gizmo/resources/config/README.txt deleted file mode 100644 index 376178126c..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/README.txt +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -This directory contains all external configuration files that -need to be mounted into an application container. - -See the configmap.yaml in the templates directory for an example -of how to load (ie map) config files from this directory, into -Kubernetes, for distribution within the k8s cluster. - -See deployment.yaml in the templates directory for an example -of how the 'config mapped' files are then mounted into the -containers. diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/champ-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/champ-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/champ-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/crud_policy.json b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/crud_policy.json deleted file mode 100644 index 7a5007eaeb..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/crud_policy.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "roles": [ - { - "name": "admin", - "functions": [ - { - "name": "crud", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" }, { "name": "PATCH"} ] - } - ], - - "users": [ - { - "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" - } - ] - } - ] -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/datarouter-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/datarouter-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/datarouter-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/crud-api.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/crud-api.properties deleted file mode 100644 index 0b7f95faf4..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/crud-api.properties +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -# CRUD-API configuration - -crud.async.request.timeout=60000 -crud.async.response.process.poll.interval=1000 -crud.collection.properties.key=properties diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml b/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml deleted file mode 100644 index e0ab32b584..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml +++ /dev/null @@ -1,47 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/edgeprops-ingest.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/edgeprops-ingest.properties deleted file mode 100644 index fbefd30219..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/edgeprops-ingest.properties +++ /dev/null @@ -1,3 +0,0 @@ -# DB Edge Property files are copied here: -edgePropsDir=/opt/app/crud-service/config/model - diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml b/kubernetes/aai/charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml deleted file mode 100644 index d7f0b0a680..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -filebeat.prospectors: -#it is mandatory, in our case it's log -- input_type: log - #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. - paths: - - /var/log/onap/*/*/*/*.log - - /var/log/onap/*/*/*.log - - /var/log/onap/*/*.log - #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive - ignore_older: 48h - # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit - clean_inactive: 96h - - -# Name of the registry file. If a relative path is used, it is considered relative to the -# data path. Else full qualified file name. -#filebeat.registry_file: ${path.data}/registry - - -output.logstash: - #List of logstash server ip addresses with port number. - #But, in our case, this will be the loadbalancer IP address. - #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["logstash.{{ .Release.Name }}-log:5044"] - #If enable will do load balancing among availabe Logstash, automatically. - loadbalance: true - - #The list of root certificates for server verifications. - #If certificate_authorities is empty or not set, the trusted - #certificate authorities of the host system are used. - #ssl.certificate_authorities: $ssl.certificate_authorities - - #The path to the certificate for SSL client authentication. If the certificate is not specified, - #client authentication is not available. - #ssl.certificate: $ssl.certificate - - #The client certificate key used for client authentication. - #ssl.key: $ssl.key - - #The passphrase used to decrypt an encrypted key stored in the configured key file - #ssl.key_passphrase: $ssl.key_passphrase diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-gizmo/resources/config/log/logback.xml deleted file mode 100644 index c6bcf576c8..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/log/logback.xml +++ /dev/null @@ -1,196 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${errorLogPattern} - - - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - - ${auditMetricPattern} - - - - - - 256 - - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - 256 - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v10.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v10.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v10.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v11.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v11.json deleted file mode 100644 index 09e19b03d4..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v11.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v12.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v12.json deleted file mode 100644 index 09e19b03d4..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v12.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v13.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v13.json deleted file mode 100644 index 09e19b03d4..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v13.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v14.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v14.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v14.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v7.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v7.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v7.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v8.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v8.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v8.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v9.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v9.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v9.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties deleted file mode 100644 index 647d4d963e..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties +++ /dev/null @@ -1,45 +0,0 @@ -############################################################################### -# Schema Version Related Attributes -############################################################################### -schema.uri.base.path=/aai -# Lists all of the versions in the schema -schema.version.list=v10,v11,v12,v13,v14,v15 -# Specifies from which version should the depth parameter to default to zero -schema.version.depth.start=v10 -# Specifies from which version should the related link be displayed in response payload -schema.version.related.link.start=v10 -# Specifies from which version should the client see only the uri excluding host info -# Before this version server base will also be included -schema.version.app.root.start=v11 -# Specifies from which version should the namespace be changed -schema.version.namespace.change.start=v11 -# Specifies from which version should the client start seeing the edge label in payload -schema.version.edge.label.start=v12 -# Specifies the version that the application should default to -schema.version.api.default=v15 - -############################################################################### -# Schema Location Related Attributes -############################################################################### -# Schema Location Related Attributes -schema.configuration.location=NA -schema.nodes.location=/opt/app/crud-api/bundleconfig/etc/onap/oxm -schema.edges.location=/opt/app/crud-api/bundleconfig/etc/onap/dbedgerules - -############################################################################### -# Schema Service Related Attributes -############################################################################### -# Specifies whether to use the schema service or local schema files -schema.translator.list=config - -schema.service.base.url=https://:8452/aai/schema-service/v1/ -schema.service.nodes.endpoint=nodes?version= -schema.service.edges.endpoint=edgerules?version= -schema.service.versions.endpoint=versions - -#Default rest client is the two-way-ssl -schema.service.client=two-way-ssl -#Replace the below with the A&AI client key store -schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12 -#Replace the below with the A&AI tomcat trust store -schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties deleted file mode 100644 index f512fb71a6..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties +++ /dev/null @@ -1,2 +0,0 @@ -credential.cache.timeout.ms=180000 -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml deleted file mode 100644 index 2e6237912f..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json deleted file mode 100644 index 54d5de2721..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json +++ /dev/null @@ -1,99 +0,0 @@ -[ - { - "uri": "\/not\/allowed\/at\/all$", - "permissions": [ - "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt" - ] - }, - { - "uri": "\/one\/auth\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/multi\/auth\/required$", - "permissions": [ - "test.auth.access.aMultipleAuth1", - "test.auth.access.aMultipleAuth2", - "test.auth.access.aMultipleAuth3" - ] - }, - { - "uri": "\/one\/[^\/]+\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/services\/getAAFRequest$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/admin\/getAAFRequest$", - "permissions": [ - "test.auth.access|admin|GET,PUT,POST" - ] - }, - { - "uri": "\/service\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/services\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/$", - "permissions": [ - "\\|services\\|GET", - "test\\.auth\\.access\\|services\\|GET,PUT" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$", - "permissions": [ - "test\\.auth\\.access\\|rest\\|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read", - "test.auth.access|vservers|read" - ] - }, - { - "uri": "\/backend$", - "permissions": [ - "test\\.auth\\.access\\|services\\|GET,PUT", - "\\|services\\|GET" - ] - }, - { - "uri": "\/services\/inventory\/.*", - "permissions": [ - "org\\.onap\\.aai\\.resources\\|\\*\\|.*" - ] - }, - { - "uri": "\/services\/gizmo\/.*", - "permissions": [ - "org\\.onap\\.aai\\.resources\\|\\*\\|.*" - ] - } -] diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties deleted file mode 100644 index 51ac56a88d..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties +++ /dev/null @@ -1,39 +0,0 @@ -# This is a normal Java Properties File -# Comments are with Pound Signs at beginning of lines, -# and multi-line expression of properties can be obtained by backslash at end of line - -#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below -#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name -#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com -#to your hosts file on your machine. -#hostname=test.aic.cip.att.com - -cadi_loglevel=DEBUG - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 - -cadi_keyfile=/opt/app/rproxy/config/security/keyfile -cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore -cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -aaf_env=DEV - -aaf_id=demo@people.osaaf.org -aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz - -# This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties deleted file mode 100644 index 1b58d4235c..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties +++ /dev/null @@ -1,4 +0,0 @@ -forward-proxy.protocol = https -forward-proxy.host = localhost -forward-proxy.port = 10680 -forward-proxy.cacheurl = /credential-cache \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml deleted file mode 100644 index 7659e28850..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties deleted file mode 100644 index 8ab780edcb..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties +++ /dev/null @@ -1,3 +0,0 @@ -primary-service.protocol = https -primary-service.host = localhost -primary-service.port = 9520 diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties deleted file mode 100644 index 8d46e1f429..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties +++ /dev/null @@ -1 +0,0 @@ -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/templates/NOTES.txt b/kubernetes/aai/charts/aai-gizmo/templates/NOTES.txt deleted file mode 100644 index 0def4edf1e..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml deleted file mode 100644 index 2a4a1b51f7..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-model-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/model/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-filebeat-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-log-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-log-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} -{{ end }} - diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml deleted file mode 100644 index 0f491d8872..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml +++ /dev/null @@ -1,271 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - {{ if .Values.global.installSidecarSecurity }} - initContainers: - - name: {{ .Values.global.tproxyConfig.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - securityContext: - privileged: true - {{ end }} - containers: - - name: {{ .Chart.Name }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: CONFIG_HOME - value: /opt/app/crud-service/config/ - - name: KEY_STORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_STORE_PASSWORD - - name: KEY_MANAGER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_MANAGER_PASSWORD - - name: SERVICE_BEANS - value: /opt/app/crud-service/dynamic/conf - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/crud-service/config/crud-api.properties - subPath: crud-api.properties - name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/crud-service/config/schema-ingest.properties - subPath: schema-ingest.properties - name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/crud-service/config/edgeprops-ingest.properties - subPath: edgeprops-ingest.properties - name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/crud-service/config/model/ - name: {{ include "common.fullname" . }}-model-config - - mountPath: /opt/app/crud-service/config/auth - name: {{ include "common.fullname" . }}-auth-secret - - mountPath: /opt/app/crud-service/dynamic/conf/crud-beans.xml - name: {{ include "common.fullname" . }}-config - subPath: crud-beans.xml - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/crud-api/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-logback-config - subPath: logback.xml - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-data-filebeat - - {{ if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.rproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/rproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.rproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/forward-proxy.properties - subPath: forward-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/primary-service.properties - subPath: primary-service.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/reverse-proxy.properties - subPath: reverse-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/cadi.properties - subPath: cadi.properties - - name: {{ include "common.fullname" . }}-rproxy-log-config - mountPath: /opt/app/rproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - mountPath: /opt/app/rproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - mountPath: /opt/app/rproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 - subPath: org.onap.aai.p12 - - name: {{ include "common.fullname" . }}-rproxy-security-config - mountPath: /opt/app/rproxy/config/security/keyfile - subPath: keyfile - - ports: - - containerPort: {{ .Values.global.rproxy.port }} - - - name: {{ .Values.global.fproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/fproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: TRUST_STORE_PASSWORD - value: {{ .Values.config.trustStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.fproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-fproxy-config - mountPath: /opt/app/fproxy/config/fproxy.properties - subPath: fproxy.properties - - name: {{ include "common.fullname" . }}-fproxy-log-config - mountPath: /opt/app/fproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - mountPath: /opt/app/fproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - mountPath: /opt/app/fproxy/config/auth/fproxy_truststore - subPath: fproxy_truststore - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - mountPath: /opt/app/fproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - ports: - - containerPort: {{ .Values.global.fproxy.port }} - {{ end }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-data-filebeat - emptyDir: {} - - name: filebeat-conf - configMap: - name: {{ include "common.fullname" . }}-filebeat-configmap - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-auth-secret - secret: - secretName: {{ include "common.fullname" . }}-auth - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }}-configmap - items: - - key: crud-api.properties - path: crud-api.properties - - key: schema-ingest.properties - path: schema-ingest.properties - - key: edgeprops-ingest.properties - path: edgeprops-ingest.properties - - key: crud-beans.xml - path: crud-beans.xml - - name: {{ include "common.fullname" . }}-logback-config - configMap: - name: {{ include "common.fullname" . }}-log-configmap - items: - - key: logback.xml - path: logback.xml - - name: {{ include "common.fullname" . }}-model-config - configMap: - name: {{ include "common.fullname" . }}-model-configmap - {{ if .Values.global.installSidecarSecurity }} - - name: {{ include "common.fullname" . }}-rproxy-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-config - - name: {{ include "common.fullname" . }}-rproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-log-config - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-certs - secret: - secretName: aai-rproxy-auth-certs - - name: {{ include "common.fullname" . }}-rproxy-security-config - secret: - secretName: aai-rproxy-security-config - - name: {{ include "common.fullname" . }}-fproxy-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-config - - name: {{ include "common.fullname" . }}-fproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-certs - secret: - secretName: aai-fproxy-auth-certs - {{ end }} - - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml deleted file mode 100644 index 96c3424476..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-auth - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/auth/*").AsSecrets | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-pass - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }} - KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} -{{ end }} diff --git a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml deleted file mode 100644 index a584800bb8..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{ if .Values.global.installSidecarSecurity }} - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - targetPort: {{ .Values.global.rproxy.port }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.global.rproxy.port }} - name: {{ .Values.service.portName }} - {{- end}} - {{ else }} - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - {{ end }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-gizmo/values.yaml b/kubernetes/aai/charts/aai-gizmo/values.yaml deleted file mode 100644 index 9fbe8529c9..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/values.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -global: - nodePortPrefix: 302 - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# - -# application image -image: onap/gizmo:1.4-STAGING-latest -flavor: small -# application configuration -config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - timeoutSeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 60 - timeoutSeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - name: aai-crud-service - portName: aai-crud-service - internalPort: 9520 - externalPort: 9520 - nodePort: 68 - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 - memory: 1536Mi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/aaiconfig.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/aaiconfig.properties deleted file mode 100644 index 0aeb2d134c..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/aaiconfig.properties +++ /dev/null @@ -1,123 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -aai.config.checktime=1000 - -# this could come from siteconfig.pl? -aai.config.nodename=AutomaticallyOverwritten - -aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ -aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ - -{{ if .Values.global.config.basic.auth.enabled }} -aai.tools.enableBasicAuth=true -aai.tools.username={{ .Values.global.config.basic.auth.username }} -aai.tools.password={{ .Values.global.config.basic.auth.passwd }} -{{ end }} - -aai.truststore.filename={{ .Values.global.config.truststore.filename }} -aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} -aai.keystore.filename={{ .Values.global.config.keystore.filename }} -aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} - -aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} -aai.notificationEvent.default.status=UNPROCESSED -aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }} -aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }} -aai.notificationEvent.default.sourceName=aai -aai.notificationEvent.default.sequenceNumber=0 -aai.notificationEvent.default.severity=NORMAL -aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }} -# This one lets us enable/disable resource-version checking on updates/deletes -aai.resourceversion.enableflag=true -aai.logging.maxStackTraceEntries=10 -aai.default.api.version={{ .Values.global.config.schema.version.api.default }} - -# Used by Data Grooming -aai.grooming.default.max.fix={{ .Values.config.maxFix.dataGrooming | int }} -aai.grooming.default.sleep.minutes={{ .Values.config.sleepMinutes.dataGrooming | int }} - -# Used by DupeTool -aai.dupeTool.default.max.fix={{ .Values.config.maxFix.dupeTool | int }} -aai.dupeTool.default.sleep.minutes={{ .Values.config.sleepMinutes.dupeTool | int }} - - -aai.model.proc.max.levels=50 -aai.edgeTag.proc.max.levels=50 - -# Used by the ForceDelete tool -aai.forceDel.protected.nt.list=cloud-region -aai.forceDel.protected.edge.count=10 -aai.forceDel.protected.descendant.count=10 - -#used by the dataGrooming and dataSnapshot cleanup tasks -aai.cron.enable.datagroomingcleanup={{ .Values.config.cron.dataCleanup.dataGrooming.enabled }} -aai.cron.enable.datasnapshotcleanup={{ .Values.config.cron.dataCleanup.dataSnapshot.enabled }} -aai.datagrooming.agezip={{ .Values.config.cron.dataCleanup.dataGrooming.ageZip | int }} -aai.datagrooming.agedelete={{ .Values.config.cron.dataCleanup.dataGrooming.ageDelete | int }} - -aai.datasnapshot.agezip={{ .Values.config.cron.dataCleanup.dataSnapshot.ageZip | int }} -aai.datasnapshot.agedelete={{ .Values.config.cron.dataCleanup.dataSnapshot.ageDelete | int }} - -#used by the dataSnapshot and dataGrooming tasks -aai.cron.enable.dataSnapshot={{ .Values.config.cron.dataSnapshot.enabled }} - -aai.cron.enable.dataGrooming={{ .Values.config.cron.dataGrooming.enabled }} - -#used by the dataGrooming tasks -aai.datagrooming.enableautofix=true -aai.datagrooming.enabledupefixon=true -aai.datagrooming.enabledontfixorphans=true -aai.datagrooming.enabletimewindowminutes=true -aai.datagrooming.enableskiphostcheck=false -aai.datagrooming.enablesleepminutes=false -aai.datagrooming.enableedgesonly=false -aai.datagrooming.enableskipedgechecks=false -aai.datagrooming.enablemaxfix=false -aai.datagrooming.enablesinglecommits=false -aai.datagrooming.enabledupecheckoff=false -aai.datagrooming.enableghost2checkoff=false -aai.datagrooming.enableghost2fixon=false -aai.datagrooming.enablef=false - -# used by the dataGrooming to set values -aai.datagrooming.timewindowminutesvalue=10500 -aai.datagrooming.sleepminutesvalue=100 -aai.datagrooming.maxfixvalue=10 -aai.datagrooming.fvalue=10 - -#timeout for traversal enabled flag -aai.graphadmin.timeoutenabled={{ .Values.config.timeout.enabled }} -#default timeout limit added for graphadmin if not overridden (in ms) -aai.graphadmin.timeoutlimit={{ .Values.config.timeout.limit }} - -#timeout app specific -1 to bypass for that app id, a whole number to override the timeout with that value (in ms) -aai.graphadmin.timeout.appspecific={{ .Values.global.config.realtime.clients }} - -# Disable the process check which are oriented towards linux OS -# These props should only be true for local on windows -aai.disable.check.snapshot.running=false -aai.disable.check.grooming.running=false - -# Specify the params listed right here that you would have send to the dataSnapshot shell script -# JUST_TAKE_SNAPSHOT -# THREADED_SNAPSHOT 2 DEBUG -# THREADED_SNAPSHOT 2 -aai.datasnapshot.params={{ .Values.config.cron.dataSnapshot.params }} diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties deleted file mode 100644 index c23c5fa19f..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties +++ /dev/null @@ -1,99 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -# The following info parameters are being referenced by ajsc6 -info.build.artifact=aai-graphadmin -info.build.name=resources -info.build.description=Resources Microservice -info.build.version=1.2.0 - -spring.application.name=aai-graphadmin -spring.jersey.type=filter - -server.contextPath=/ -spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration - -spring.profiles.active={{ .Values.global.config.profiles.active }} -spring.jersey.application-path=${schema.uri.base.path} -#The max number of active threads in this pool -server.tomcat.max-threads=200 -#The minimum number of threads always kept alive -server.tomcat.min-Spare-Threads=25 -#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads -server.tomcat.max-idle-time=60000 - -# If you get an application startup failure that the port is already taken -# If thats not it, please check if the key-store file path makes sense -server.local.startpath=aai-graphadmin/src/main/resources/ -server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties - -server.port=8449 -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) -server.ssl.client-auth=want -server.ssl.key-store-type=JKS - -# JMS bind address host port -jms.bind.address=tcp://localhost:61649 -dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:3905 -dmaap.ribbon.transportType=https - -# Schema related attributes for the oxm and edges -# Any additional schema related attributes should start with prefix schema -schema.configuration.location=N/A -schema.source.name={{ .Values.global.config.schema.source.name }} -schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/ -schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/ - -schema.ingest.file=${server.local.startpath}/application.properties - -# Schema Version Related Attributes - -schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }} -# Lists all of the versions in the schema -schema.version.list={{ .Values.global.config.schema.version.list }} -# Specifies from which version should the depth parameter to default to zero -schema.version.depth.start={{ .Values.global.config.schema.version.depth }} -# Specifies from which version should the related link be displayed in response payload -schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }} - -# Specifies from which version should the client see only the uri excluding host info -# Before this version server base will also be included -schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }} -# Specifies from which version should the namespace be changed -schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }} -# Specifies from which version should the client start seeing the edge label in payload -schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }} -# Specifies the version that the application should default to -schema.version.api.default={{ .Values.global.config.schema.version.api.default }} - -schema.translator.list={{ .Values.global.config.schema.translator.list }} -schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/ -schema.service.nodes.endpoint=nodes?version= -schema.service.edges.endpoint=edgerules?version= -schema.service.versions.endpoint=versions -schema.service.client={{ .Values.global.config.schema.service.client }} - -schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/janusgraph-cached.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/janusgraph-cached.properties deleted file mode 100644 index 6a28dee46e..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/janusgraph-cached.properties +++ /dev/null @@ -1,99 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} -{{- $global := . }} - -storage.backend=cassandra -storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} - -storage.cassandra.keyspace=aaigraph - -storage.cassandra.read-consistency-level=LOCAL_QUORUM -storage.cassandra.write-consistency-level=LOCAL_QUORUM -storage.cassandra.replication-factor=3 -storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -#caching on -cache.db-cache = true -cache.db-cache-clean-wait = 20 -cache.db-cache-time = 180000 -cache.db-cache-size = 0.3 - -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/janusgraph-realtime.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/janusgraph-realtime.properties deleted file mode 100644 index 7832d1a969..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/janusgraph-realtime.properties +++ /dev/null @@ -1,93 +0,0 @@ -# -# ============LICENSE_START======================================================= -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} -{{- $global := . }} - -storage.backend=cassandra -storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} - -storage.cassandra.keyspace=aaigraph - -storage.cassandra.read-consistency-level=LOCAL_QUORUM -storage.cassandra.write-consistency-level=LOCAL_QUORUM -storage.cassandra.replication-factor=3 -storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -# Setting db-cache to false ensure the fastest propagation of changes across servers -cache.db-cache = false -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-graphadmin/resources/config/localhost-access-logback.xml deleted file mode 100644 index 95d41235b2..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/localhost-access-logback.xml +++ /dev/null @@ -1,60 +0,0 @@ - - - - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd} - - - - %a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml b/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml deleted file mode 100644 index e5e6ab5bf3..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml +++ /dev/null @@ -1,614 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - - 1000 - true - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - 1000 - true - - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${"eelfErrorLogPattern"} - - - - - 1000 - true - - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - - 1000 - true - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - - 1000 - true - - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - WARN - - ${logDirectory}/dataGrooming/error.log - - ${logDirectory}/dataGrooming/error.log.%d{yyyy-MM-dd} - - - ${eelfErrorLogPattern} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dataGrooming/debug.log - - ${logDirectory}/dataGrooming/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dataGrooming/metrics.log - - ${logDirectory}/dataGrooming/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - - WARN - - ${logDirectory}/dataSnapshot/error.log - - ${logDirectory}/dataSnapshot/error.log.%d{yyyy-MM-dd} - - - ${eelfErrorLogPattern} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dataSnapshot/debug.log - - ${logDirectory}/dataSnapshot/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dataSnapshot/metrics.log - - ${logDirectory}/dataSnapshot/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - - WARN - - ${logDirectory}/createDBSchema/error.log - - ${logDirectory}/createDBSchema/error.log.%d{yyyy-MM-dd} - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/createDBSchema/debug.log - - ${logDirectory}/createDBSchema/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/createDBSchema/metrics.log - - ${logDirectory}/createDBSchema/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - WARN - - ${logDirectory}/misc/error.log - - ${logDirectory}/misc/error.log.%d{yyyy-MM-dd} - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/misc/debug.log - - ${logDirectory}/misc/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/misc/metrics.log - - ${logDirectory}/misc/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - WARN - - ${logDirectory}/pullInvData/error.log - - ${logDirectory}/pullInvData/error.log.%d{yyyy-MM-dd} - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/pullInvData/debug.log - - ${logDirectory}/pullInvData/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/pullInvData/metrics.log - - ${logDirectory}/pullInvData/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - WARN - - ${logDirectory}/dataExport/error.log - - ${logDirectory}/dataExport/error.log.%d{yyyy-MM-dd} - - - ${eelfErrorLogPattern} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dataExport/debug.log - - ${logDirectory}/dataExport/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dataExport/metrics.log - - ${logDirectory}/dataExport/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{ if .Values.global.config.logback.console.enabled }} - - {{ end }} - - diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties deleted file mode 100644 index 97627eac16..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties +++ /dev/null @@ -1,42 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# format : username: password[,rolename ...] -# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader... -AAI:OBF:1gfr1ev31gg7,admin -MSO:OBF:1jzx1lz31k01,admin -SDNC:OBF:1itr1i0l1i151isv,admin -DCAE:OBF:1g8u1f9d1f991g8w,admin -POLICY:OBF:1mk61i171ima1im41i0j1mko,admin -ASDC:OBF:1f991j0u1j001f9d,admin -VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin -ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin -AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin -OOF:OBF:1img1ke71ily,admin -aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml deleted file mode 100644 index 281bac6915..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-real-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-cached-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-realm-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml deleted file mode 100644 index b595ac81bf..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml +++ /dev/null @@ -1,196 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - spec: - hostname: aai-graphadmin - {{ if .Values.global.initContainers.enabled }} - initContainers: - - command: - {{ if .Values.global.jobs.createSchema.enabled }} - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-aai-graphadmin-create-db-schema - {{ else }} - - /root/ready.py - args: - - --container-name - - aai-cassandra - - --container-name - - aai-schema-service - {{ end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - {{ end }} - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: LOCAL_USER_ID - value: {{ .Values.global.config.userId | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.global.config.groupId | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf - subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf - subPath: janusgraph-cached.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf - subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-RES - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/aai-graphadmin/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf - subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties - name: {{ include "common.fullname" . }}-realm-conf - subPath: realm.properties - - mountPath: /opt/app/aai-graphadmin/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf - subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-filebeat - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - restartPolicy: {{ .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml deleted file mode 100644 index a62202ba32..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml +++ /dev/null @@ -1,167 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -# In ONAP, the following job will always be run on each installation -# The following job will go through the latest oxm and -# create properties based on the data type defined in the oxm -# and create the required indexes for the appropriate properties -# This can be run multiple times as the code if the index or property already exists -# then the index or property won't be created again -# NOTE - During the execution of the createSchema job, there should -# be no other janusgraph connection to the graph as its the reason -# that resources traversal and graphadmin wait until this job is done -# If you are using an existing cassandra cluster not coming from oom -# then it is your job to ensure that there are no connections to the database - -{{ if .Values.global.jobs.createSchema.enabled }} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-create-db-schema - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-job - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - backoffLimit: 20 - template: - metadata: - labels: - app: {{ include "common.name" . }}-job - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aai-cassandra - - --container-name - - aai-schema-service - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - name: {{ include "common.name" . }}-job - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /bin/bash - - docker-entrypoint.sh - - createDBSchema.sh - env: - - name: LOCAL_USER_ID - value: {{ .Values.global.config.userId | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.global.config.groupId | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf - subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf - subPath: janusgraph-cached.properties - - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf - subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-GA - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/aai-graphadmin/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf - subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-graphadmin/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf - subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-create-db-schema - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - restartPolicy: Never - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" -{{ end }} diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/service.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/service.yaml deleted file mode 100644 index f4d9ba5443..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/templates/service.yaml +++ /dev/null @@ -1,49 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/aai/charts/aai-graphadmin/values.yaml b/kubernetes/aai/charts/aai-graphadmin/values.yaml deleted file mode 100644 index bdd6033bc3..0000000000 --- a/kubernetes/aai/charts/aai-graphadmin/values.yaml +++ /dev/null @@ -1,129 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -# Default values for resources. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - - -# application image -repository: nexus3.onap.org:10001 -image: onap/aai-graphadmin:1.1-STAGING-latest -pullPolicy: Always -restartPolicy: Always -flavor: small -# default number of instances -replicaCount: 1 - -# Configuration for the graphadmin deployment -config: - - # Specifies the timeout limit for the REST API requests - timeout: - enabled: true - limit: 180000 - - # Default maximum records to fix for the data grooming and dupeTool - maxFix: - dataGrooming: 150 - dupeTool: 25 - - # Default number of sleep minutes for dataGrooming and dupeTool - sleepMinutes: - dataGrooming: 7 - dupeTool: 7 - - # Cron specific attributes to be triggered for the graphadmin spring cron tasks - cron: - # Specifies that the data grooming tool which runs duplicates should be enabled - dataGrooming: - enabled: true - # Specifies that the data snapshot which takes a graphson snapshot should be enabled - dataSnapshot: - enabled: true - params: JUST_TAKE_SNAPSHOT - - # Data cleanup which zips snapshots older than x days and deletes older than y days - dataCleanup: - - dataGrooming: - enabled: true - # Zips up the dataGrooming files older than 5 days - ageZip: 5 - # Deletes the dataGrooming files older than 30 days - ageDelete: 30 - - dataSnapshot: - enabled: true - # Zips up the dataSnapshot graphson files older than 5 days - ageZip: 5 - # Deletes the dataSnapshot graphson files older than 30 days - ageDelete: 30 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 60 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 60 - periodSeconds: 10 - -service: - type: ClusterIP - # REST API port for the graphadmin microservice - portName: aai-graphadmin-8449 - internalPort: 8449 - portName2: aai-graphadmin-5005 - internalPort2: 5005 - -ingress: - enabled: false - -persistence: - mountPath: /dockerdata-nfs - mountSubPath: aai/aai-graphadmin - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 1536Mi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 - memory: 2Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-modelloader/.helmignore b/kubernetes/aai/charts/aai-modelloader/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-modelloader/Chart.yaml b/kubernetes/aai/charts/aai-modelloader/Chart.yaml deleted file mode 100644 index 908e11b29b..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI modelloader -name: aai-modelloader -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-modelloader/resources/config/auth/aai-os-cert.p12 b/kubernetes/aai/charts/aai-modelloader/resources/config/auth/aai-os-cert.p12 deleted file mode 100644 index ee57120fa0..0000000000 Binary files a/kubernetes/aai/charts/aai-modelloader/resources/config/auth/aai-os-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-modelloader/resources/config/auth/babel-client-cert.p12 b/kubernetes/aai/charts/aai-modelloader/resources/config/auth/babel-client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-modelloader/resources/config/auth/babel-client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-modelloader/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-modelloader/resources/config/auth/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/aai/charts/aai-modelloader/resources/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-modelloader/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-modelloader/resources/config/log/logback.xml deleted file mode 100644 index 72b5dab65a..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/resources/config/log/logback.xml +++ /dev/null @@ -1,168 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - ${defaultPattern} - - - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - 60 - - - ${errorLogPattern} - - - - 256 - - true - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/charts/aai-modelloader/resources/config/model-loader.properties deleted file mode 100644 index 246e52895a..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/resources/config/model-loader.properties +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Model Loader Distribution Client Configuration -ml.distribution.ACTIVE_SERVER_TLS_AUTH=false -ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8443 -ml.distribution.CONSUMER_GROUP=aai-ml-group -ml.distribution.CONSUMER_ID=aai-ml -ml.distribution.ENVIRONMENT_NAME=AUTO -ml.distribution.KEYSTORE_PASSWORD= -ml.distribution.KEYSTORE_FILE=asdc-client.jks -ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp -ml.distribution.POLLING_INTERVAL=30 -ml.distribution.POLLING_TIMEOUT=20 -ml.distribution.USER=aai -ml.distribution.ARTIFACT_TYPES=MODEL_QUERY_SPEC,TOSCA_CSAR -ml.distribution.MSG_BUS_ADDRESSES=message-router.{{.Release.Namespace}} - -# Model Loader AAI REST Client Configuration -ml.aai.BASE_URL=https://aai.{{.Release.Namespace}}:8443 -ml.aai.MODEL_URL=/aai/v*/service-design-and-creation/models/model/ -ml.aai.NAMED_QUERY_URL=/aai/v*/service-design-and-creation/named-queries/named-query/ -ml.aai.VNF_IMAGE_URL=/aai/v*/service-design-and-creation/vnf-images -ml.aai.KEYSTORE_FILE=aai-os-cert.p12 -ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o -ml.aai.AUTH_USER=ModelLoader -ml.aai.AUTH_PASSWORD=OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw - -# Model Loader Babel REST Client Configuration\r -ml.babel.BASE_URL=https://aai-babel.{{.Release.Namespace}}:9516 -ml.babel.GENERATE_ARTIFACTS_URL=/services/babel-service/v1/app/generateArtifacts -ml.babel.KEYSTORE_FILE=babel-client-cert.p12 -ml.babel.KEYSTORE_PASSWORD=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -ml.babel.TRUSTSTORE_FILE=tomcat_keystore -ml.babel.TRUSTSTORE_PASSWORD=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 diff --git a/kubernetes/aai/charts/aai-modelloader/templates/configmap.yaml b/kubernetes/aai/charts/aai-modelloader/templates/configmap.yaml deleted file mode 100644 index cdb01fb303..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/templates/configmap.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prop - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/model-loader.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml deleted file mode 100644 index f34693fd44..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: /opt/app/model-loader/config/ - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/model-loader/config/model-loader.properties - subPath: model-loader.properties - name: {{ include "common.fullname" . }}-prop-config - - mountPath: /opt/app/model-loader/config/auth/ - name: {{ include "common.fullname" . }}-auth-config - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/model-loader/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - resources: -{{ include "common.resources" . }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-filebeat - resources: -{{ include "common.resources" . }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-prop-config - configMap: - name: {{ include "common.fullname" . }}-prop - - name: {{ include "common.fullname" . }}-auth-config - secret: - secretName: {{ include "common.fullname" . }} - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: aai-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml b/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml deleted file mode 100644 index 6084ca3d4d..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-modelloader/templates/service.yaml b/kubernetes/aai/charts/aai-modelloader/templates/service.yaml deleted file mode 100644 index 567d42d12f..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/templates/service.yaml +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-modelloader/values.yaml b/kubernetes/aai/charts/aai-modelloader/values.yaml deleted file mode 100644 index 563ea6bba0..0000000000 --- a/kubernetes/aai/charts/aai-modelloader/values.yaml +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for modelloader. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - - -# application image -repository: nexus3.onap.org:10001 -image: onap/model-loader:1.3.1 -pullPolicy: Always -restartPolicy: Always -flavor: small -# application configuration -config: {} - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName: aai-modelloader - externalPort: 8080 - internalPort: 8080 - nodePort: 10 - portName2: aai-modelloader-ssl - externalPort2: 8443 - internalPort2: 8443 - nodePort2: 29 - -ingress: - enabled: false - - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 - memory: 1536Mi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-resources/.helmignore b/kubernetes/aai/charts/aai-resources/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-resources/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-resources/Chart.yaml b/kubernetes/aai/charts/aai-resources/Chart.yaml deleted file mode 100644 index 12464b5a49..0000000000 --- a/kubernetes/aai/charts/aai-resources/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -apiVersion: v1 -description: ONAP AAI resources -name: aai-resources -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv b/kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv deleted file mode 100644 index 60a8fb5f0b..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv +++ /dev/null @@ -1,33 +0,0 @@ -# AAI -> aai@aai.onap.org -Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# ModelLoader -> aai@aai.onap.org -Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# AaiUI -> aai@aai.onap.org, -Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# MSO -> so@so.onap.org -Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03 - -# SDNC -> sdnc@sdnc.onap.org -Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# DCAE -> dcae@dcae.onap.org -Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# POLICY -> policy@policy.onap.org -Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# ASDC -> sdc@sdc.onap.org -Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# VID -> vid@vid.onap.org -Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# APPC -> appc@appc.onap.org -Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# OOF -> oof@oof.onap.org -Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03 - diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/cadi.properties b/kubernetes/aai/charts/aai-resources/resources/config/aaf/cadi.properties deleted file mode 100644 index c8d0b04425..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/cadi.properties +++ /dev/null @@ -1,8 +0,0 @@ - -cadi_loglevel=INFO -cadi_prop_files=/opt/app/aai-resources/resources/aaf/org.osaaf.location.props:/opt/app/aai-resources/resources/aaf/org.onap.aai.props - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile deleted file mode 100644 index 87219388f7..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k -brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 -AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM -EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo -UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L -02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM -qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw -mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 -VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 -vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM -8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe -O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT -x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu -5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID -dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o -eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl -uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl -YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 -EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI -dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l -ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ -15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi -ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl -m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa -iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk -_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw -PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 deleted file mode 100644 index 5737e48796..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props deleted file mode 100644 index 59593a501a..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props +++ /dev/null @@ -1,14 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# @copyright 2016, AT&T -############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile -cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr -#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL -cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv -cadi_loglevel=INFO -cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.osaaf.location.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.osaaf.location.props deleted file mode 100644 index 77c3d53400..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.osaaf.location.props +++ /dev/null @@ -1,24 +0,0 @@ -## -## org.osaaf.location.props -## -## Localized Machine Information -## -# Almeda California ? -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 - -# AAF Environment Designation -aaf_env=DEV - -# OAuth2 Endpoints -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - - diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/permissions.properties b/kubernetes/aai/charts/aai-resources/resources/config/aaf/permissions.properties deleted file mode 100644 index 4234121a2d..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/permissions.properties +++ /dev/null @@ -1,2 +0,0 @@ -permission.type=org.onap.aai.resources -permission.instance=* \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties b/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties deleted file mode 100644 index f2e7caaa29..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties +++ /dev/null @@ -1,88 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# - -#################################################################### -# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE -# TEMPLATE AND *ALL* DATAFILES -#################################################################### - -#################################################################### -# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE -# TEMPLATE AND *ALL* DATAFILES -#################################################################### - -aai.config.checktime=1000 - -# this could come from siteconfig.pl? -aai.config.nodename=AutomaticallyOverwritten - -aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ -aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ - -{{ if .Values.global.config.basic.auth.enabled }} -aai.tools.enableBasicAuth=true -aai.tools.username={{ .Values.global.config.basic.auth.username }} -aai.tools.password={{ .Values.global.config.basic.auth.passwd }} -{{ end }} - -aai.truststore.filename={{ .Values.global.config.truststore.filename }} -aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} -aai.keystore.filename={{ .Values.global.config.keystore.filename }} -aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} - -aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} -aai.notificationEvent.default.status=UNPROCESSED -aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }} -aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }} -aai.notificationEvent.default.sourceName=aai -aai.notificationEvent.default.sequenceNumber=0 -aai.notificationEvent.default.severity=NORMAL -aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }} -# This one lets us enable/disable resource-version checking on updates/deletes -aai.resourceversion.enableflag=true -aai.logging.maxStackTraceEntries=10 -aai.default.api.version={{ .Values.global.config.schema.version.api.default }} - -aai.logging.trace.enabled=true -aai.logging.trace.logrequest=false -aai.logging.trace.logresponse=false - -aai.transaction.logging=true -aai.transaction.logging.get=false -aai.transaction.logging.post=true - -aai.realtime.clients={{ .Values.global.config.realtime.clients }} - -# Timeout for crud enabled flag -aai.crud.timeoutenabled={{ .Values.config.crud.timeout.enabled }} - -# Timeout app specific -1 to bypass for that app id, a whole number to override the timeout with that value (in ms) -aai.crud.timeout.appspecific={{ .Values.config.crud.timeout.appspecific }} - -#default timeout limit added for crud if not overridden (in ms) -aai.crud.timeoutlimit={{ .Values.config.crud.timeout.limit }} -#limit set for bulk consumer APIS -aai.bulkconsumer.payloadlimit={{ .Values.config.bulk.limit }} - -#uncomment and use header X-OverrideLimit with the value to override the bulk api limit -aai.bulkconsumer.payloadoverride={{ .Values.config.bulk.override }} diff --git a/kubernetes/aai/charts/aai-resources/resources/config/application.properties b/kubernetes/aai/charts/aai-resources/resources/config/application.properties deleted file mode 100644 index 7237c56536..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/application.properties +++ /dev/null @@ -1,94 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# The following info parameters are being referenced by ajsc6 -info.build.artifact=aai-resources -info.build.name=resources -info.build.description=Resources Microservice -info.build.version=1.3.0 - -spring.application.name=aai-resources -spring.jersey.type=filter - -server.contextPath=/ -spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration - -spring.profiles.active={{ .Values.global.config.profiles.active }} -spring.jersey.application-path=${schema.uri.base.path} -#The max number of active threads in this pool -server.tomcat.max-threads=200 -#The minimum number of threads always kept alive -server.tomcat.min-Spare-Threads=25 -#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads -server.tomcat.max-idle-time=60000 - -# If you get an application startup failure that the port is already taken -# If thats not it, please check if the key-store file path makes sense -server.local.startpath=aai-resources/src/main/resources/ -server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties - -server.port=8447 -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) -server.ssl.client-auth=want -server.ssl.key-store-type=JKS - -# JMS bind address host port -jms.bind.address=tcp://localhost:61647 -dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:3905 -dmaap.ribbon.transportType=https - -# Schema related attributes for the oxm and edges -# Any additional schema related attributes should start with prefix schema -schema.configuration.location=N/A -schema.source.name={{ .Values.global.config.schema.source.name }} -schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/ -schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/ - -schema.ingest.file=${server.local.startpath}/application.properties - -# Schema Version Related Attributes - -schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }} -# Lists all of the versions in the schema -schema.version.list={{ .Values.global.config.schema.version.list }} -# Specifies from which version should the depth parameter to default to zero -schema.version.depth.start={{ .Values.global.config.schema.version.depth }} -# Specifies from which version should the related link be displayed in response payload -schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }} - -# Specifies from which version should the client see only the uri excluding host info -# Before this version server base will also be included -schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }} -# Specifies from which version should the namespace be changed -schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }} -# Specifies from which version should the client start seeing the edge label in payload -schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }} -# Specifies the version that the application should default to -schema.version.api.default={{ .Values.global.config.schema.version.api.default }} - -schema.translator.list={{ .Values.global.config.schema.translator.list }} -schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/ -schema.service.nodes.endpoint=nodes?version= -schema.service.edges.endpoint=edgerules?version= -schema.service.versions.endpoint=versions -schema.service.client={{ .Values.global.config.schema.service.client }} - -schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) diff --git a/kubernetes/aai/charts/aai-resources/resources/config/auth/aai_policy.json b/kubernetes/aai/charts/aai-resources/resources/config/auth/aai_policy.json deleted file mode 100644 index 65f13eff5f..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/auth/aai_policy.json +++ /dev/null @@ -1,298 +0,0 @@ -{ - "roles": [ - { - "name": "admin", - "functions": [ - { - "name": "actions", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "servers", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "cloudinfra", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "cloud-infrastructure", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "sdandc", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "service-design-and-creation", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "business", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "network", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "search", - "methods": [ - { - "name": "GET" - }, - { - "name": "POST" - } - ] - }, - { - "name": "util", - "methods": [ - { - "name": "GET" - } - ] - }, - { - "name": "license-management", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - }, - { - "name": "examples", - "methods": [ - { - "name": "GET" - } - ] - }, - { - "name": "resources", - "methods": [ - { - "name": "GET" - } - ] - }, - { - "name": "generateurl", - "methods": [ - { - "name": "GET" - } - ] - }, - { - "name": "bulkadd", - "methods": [ - { - "name": "PUT" - } - ] - }, - { - "name": "nodes", - "methods": [ - { - "name": "GET" - } - ] - }, - { - "name": "query", - "methods": [ - { - "name": "PUT" - } - ] - }, - { - "name": "dbquery", - "methods": [ - { - "name": "PUT" - } - ] - }, - { - "name": "bulk", - "methods": [ - { - "name": "POST" - } - ] - }, - { - "name": "bulkprocess", - "methods": [ - { - "name": "PUT" - } - ] - }, - { - "name": "recents", - "methods": [ - { - "name": "GET" - } - ] - }, - { - "name": "dsl", - "methods": [ - { - "name": "PUT" - } - ] - }, - { - "name": "common", - "methods": [ - { - "name": "GET" - }, - { - "name": "DELETE" - }, - { - "name": "PUT" - } - ] - } - ], - "users": [ - { - "username": "CN=aai, OU=OSAAF, OU=aai@aai.onap.org, O=ONAP, C=US" - } - ] - }, - { - "name": "basicauth", - "functions": [ - { - "name": "util", - "methods": [ - { - "name": "GET" - } - ] - } - ], - "users": [ - { - "user": "aai", - "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30" - } - ] - }, - { - "name": "HAProxy", - "functions": [ - { - "name": "util", - "methods": [ - { - "name": "GET" - } - ] - } - ], - "users": [ - { - "username": "CN=haproxyuser, OU=OSAAF, OU=aai@aai.onap.org, O=ONAP, C=US" - } - ] - } - ] -} diff --git a/kubernetes/aai/charts/aai-resources/resources/config/janusgraph-cached.properties b/kubernetes/aai/charts/aai-resources/resources/config/janusgraph-cached.properties deleted file mode 100644 index 2c22d14a41..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/janusgraph-cached.properties +++ /dev/null @@ -1,102 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} -{{- $global := . }} - -storage.backend=cassandra -storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} - -storage.cassandra.keyspace=aaigraph - -storage.cassandra.read-consistency-level=LOCAL_QUORUM -storage.cassandra.write-consistency-level=LOCAL_QUORUM -storage.cassandra.replication-factor=3 -storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -#caching on -cache.db-cache = true -cache.db-cache-clean-wait = 20 -cache.db-cache-time = 180000 -cache.db-cache-size = 0.3 - -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-resources/resources/config/janusgraph-realtime.properties b/kubernetes/aai/charts/aai-resources/resources/config/janusgraph-realtime.properties deleted file mode 100644 index b19c9b6df6..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/janusgraph-realtime.properties +++ /dev/null @@ -1,96 +0,0 @@ -# -# ============LICENSE_START======================================================= -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} -{{- $global := . }} - -storage.backend=cassandra -storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} - -storage.cassandra.keyspace=aaigraph - -storage.cassandra.read-consistency-level=LOCAL_QUORUM -storage.cassandra.write-consistency-level=LOCAL_QUORUM -storage.cassandra.replication-factor=3 -storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -# Setting db-cache to false ensure the fastest propagation of changes across servers -cache.db-cache = false -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-resources/resources/config/localhost-access-logback.xml deleted file mode 100644 index 4cf6c74333..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/localhost-access-logback.xml +++ /dev/null @@ -1,63 +0,0 @@ - - - - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd} - - - - %a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - - - - - - diff --git a/kubernetes/aai/charts/aai-resources/resources/config/logback.xml b/kubernetes/aai/charts/aai-resources/resources/config/logback.xml deleted file mode 100644 index 0afc6f9c20..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/logback.xml +++ /dev/null @@ -1,267 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - 1000 - true - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${eelfErrorLogPattern} - - - - 1000 - true - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{ if .Values.global.config.logback.console.enabled }} - - {{ end }} - - diff --git a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties deleted file mode 100644 index 0499b34f1c..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# format : username: password[,rolename ...] -# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader... -AAI:OBF:1gfr1ev31gg7,admin -MSO:OBF:1jzx1lz31k01,admin -SDNC:OBF:1itr1i0l1i151isv,admin -DCAE:OBF:1g8u1f9d1f991g8w,admin -POLICY:OBF:1mk61i171ima1im41i0j1mko,admin -ASDC:OBF:1f991j0u1j001f9d,admin -VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin -ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin -AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin -OOF:OBF:1img1ke71ily,admin -aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12 deleted file mode 100644 index d9fe86e4ec..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore deleted file mode 100644 index f6ebc75ed8..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties deleted file mode 100644 index f512fb71a6..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties +++ /dev/null @@ -1,2 +0,0 @@ -credential.cache.timeout.ms=180000 -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml deleted file mode 100644 index 9a08348b0d..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/client-cert.p12 deleted file mode 100644 index 071d407de5..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 deleted file mode 100644 index 023e2eaac6..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/tomcat_keystore deleted file mode 100644 index 6ad5f51ad3..0000000000 Binary files a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json deleted file mode 100644 index e23c03d833..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json +++ /dev/null @@ -1,99 +0,0 @@ -[ - { - "uri": "\/not\/allowed\/at\/all$", - "permissions": [ - "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt" - ] - }, - { - "uri": "\/one\/auth\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/multi\/auth\/required$", - "permissions": [ - "test.auth.access.aMultipleAuth1", - "test.auth.access.aMultipleAuth2", - "test.auth.access.aMultipleAuth3" - ] - }, - { - "uri": "\/one\/[^\/]+\/required$", - "permissions": [ - "test.auth.access.aSimpleSingleAuth" - ] - }, - { - "uri": "\/services\/getAAFRequest$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/admin\/getAAFRequest$", - "permissions": [ - "test.auth.access|admin|GET,PUT,POST" - ] - }, - { - "uri": "\/service\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/services\/aai\/webapp\/index.html$", - "permissions": [ - "test.auth.access|services|GET,PUT" - ] - }, - { - "uri": "\/$", - "permissions": [ - "\\|services\\|GET", - "test\\.auth\\.access\\|services\\|GET,PUT" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$", - "permissions": [ - "test\\.auth\\.access\\|rest\\|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read" - ] - }, - { - "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$", - "permissions": [ - "test.auth.access|clouds|read", - "test.auth.access|tenants|read", - "test.auth.access|vservers|read" - ] - }, - { - "uri": "\/backend$", - "permissions": [ - "test\\.auth\\.access\\|services\\|GET,PUT", - "\\|services\\|GET" - ] - }, - { - "uri": "\/aai\/.*", - "permissions": [ - "org\\.onap\\.aai\\.resources\\|\\*\\|.*" - ] - }, - { - "uri": "\/aai\/util\/echo", - "permissions": [ - "org\\.onap\\.aai\\.resources\\|\\*\\|.*" - ] - } -] diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/cadi.properties deleted file mode 100644 index c2b628dbb3..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/cadi.properties +++ /dev/null @@ -1,39 +0,0 @@ -# This is a normal Java Properties File -# Comments are with Pound Signs at beginning of lines, -# and multi-line expression of properties can be obtained by backslash at end of line - -#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below -#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name -#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com -#to your hosts file on your machine. -#hostname=test.aic.cip.att.com - -cadi_loglevel=DEBUG - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 - -cadi_keyfile=/opt/app/rproxy/config/security/keyfile -cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore -cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -aaf_env=DEV - -aaf_id=demo@people.osaaf.org -aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz - -# This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/forward-proxy.properties deleted file mode 100644 index 1b58d4235c..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/forward-proxy.properties +++ /dev/null @@ -1,4 +0,0 @@ -forward-proxy.protocol = https -forward-proxy.host = localhost -forward-proxy.port = 10680 -forward-proxy.cacheurl = /credential-cache \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml deleted file mode 100644 index 799fd8689b..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable - - - - - - ${LOGS}/${FILEPREFIX}.log - - %d %p %C{1.} [%t] %m%n - - - - - ${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log - - - 10MB - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/primary-service.properties deleted file mode 100644 index 2c89d28180..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/primary-service.properties +++ /dev/null @@ -1,3 +0,0 @@ -primary-service.protocol = https -primary-service.host = localhost -primary-service.port = 8447 diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/readme.txt deleted file mode 100644 index 79cf29e73c..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/readme.txt +++ /dev/null @@ -1 +0,0 @@ -Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/reverse-proxy.properties deleted file mode 100644 index 8d46e1f429..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/reverse-proxy.properties +++ /dev/null @@ -1 +0,0 @@ -transactionid.header.name=X-TransactionId \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/security/keyfile deleted file mode 100644 index 3416d4a737..0000000000 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml deleted file mode 100644 index 0f40d04dae..0000000000 --- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml +++ /dev/null @@ -1,230 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-real-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-cached-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-realm-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaf-props - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/aaf/org.osaaf.location.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }} - ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-aaf-keys - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aai-policy-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/auth/aai_policy.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-log-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-log-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} -{{ end }} diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml deleted file mode 100644 index 9fe4c17cc9..0000000000 --- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml +++ /dev/null @@ -1,1111 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - msb.onap.org/service-info: '[ - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v11", - "url": "/aai/v11/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v12", - "url": "/aai/v12/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v13", - "url": "/aai/v13/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v14", - "url": "/aai/v14/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v15", - "url": "/aai/v15/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v16", - "url": "/aai/v16/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/cloud-infrastructure" - }, - { - "serviceName": "_aai-business", - "version": "v11", - "url": "/aai/v11/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/business" - }, - { - "serviceName": "_aai-business", - "version": "v12", - "url": "/aai/v12/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/business" - }, - { - "serviceName": "_aai-business", - "version": "v13", - "url": "/aai/v13/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/business" - }, - { - "serviceName": "_aai-business", - "version": "v14", - "url": "/aai/v14/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/business" - }, - { - "serviceName": "_aai-business", - "version": "v15", - "url": "/aai/v15/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/business" - }, - { - "serviceName": "_aai-business", - "version": "v16", - "url": "/aai/v16/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/business" - }, - { - "serviceName": "_aai-actions", - "version": "v11", - "url": "/aai/v11/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v12", - "url": "/aai/v12/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v13", - "url": "/aai/v13/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v14", - "url": "/aai/v14/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v15", - "url": "/aai/v15/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v16", - "url": "/aai/v16/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/actions" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v11", - "url": "/aai/v11/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v12", - "url": "/aai/v12/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v13", - "url": "/aai/v13/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v14", - "url": "/aai/v14/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v15", - "url": "/aai/v15/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v16", - "url": "/aai/v16/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/service-design-and-creation" - }, - { - "serviceName": "_aai-network", - "version": "v11", - "url": "/aai/v11/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/network" - }, - { - "serviceName": "_aai-network", - "version": "v12", - "url": "/aai/v12/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/network" - }, - { - "serviceName": "_aai-network", - "version": "v13", - "url": "/aai/v13/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/network" - }, - { - "serviceName": "_aai-network", - "version": "v14", - "url": "/aai/v14/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/network" - }, - { - "serviceName": "_aai-network", - "version": "v15", - "url": "/aai/v15/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/network" - }, - { - "serviceName": "_aai-network", - "version": "v16", - "url": "/aai/v16/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/network" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v11", - "url": "/aai/v11/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v12", - "url": "/aai/v12/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v13", - "url": "/aai/v13/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v14", - "url": "/aai/v14/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v15", - "url": "/aai/v15/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v16", - "url": "/aai/v16/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/external-system" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v11", - "url": "/aai/v11/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v12", - "url": "/aai/v12/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v13", - "url": "/aai/v13/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v14", - "url": "/aai/v14/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v15", - "url": "/aai/v15/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v16", - "url": "/aai/v16/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v11", - "url": "/aai/v11/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v12", - "url": "/aai/v12/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v13", - "url": "/aai/v13/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v14", - "url": "/aai/v14/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v15", - "url": "/aai/v15/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v16", - "url": "/aai/v16/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v11", - "url": "/aai/v11/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v12", - "url": "/aai/v12/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v13", - "url": "/aai/v13/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v14", - "url": "/aai/v14/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v15", - "url": "/aai/v15/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v16", - "url": "/aai/v16/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v11", - "url": "/aai/v11/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v12", - "url": "/aai/v12/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v13", - "url": "/aai/v13/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v14", - "url": "/aai/v14/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v15", - "url": "/aai/v15/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v16", - "url": "/aai/v16/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v11", - "url": "/aai/v11/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v12", - "url": "/aai/v12/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v13", - "url": "/aai/v13/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v14", - "url": "/aai/v14/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v15", - "url": "/aai/v15/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v16", - "url": "/aai/v16/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v11", - "url": "/aai/v11/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v12", - "url": "/aai/v12/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v13", - "url": "/aai/v13/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v14", - "url": "/aai/v14/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v15", - "url": "/aai/v15/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v16", - "url": "/aai/v16/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - } - ]' - spec: - hostname: aai-resources - {{ if .Values.global.initContainers.enabled }} - {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - {{ end }} - initContainers: - - command: - {{ if .Values.global.jobs.createSchema.enabled }} - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-aai-graphadmin-create-db-schema - {{ else }} - - /root/ready.py - args: - - --container-name - - aai-cassandra - - --container-name - - aai-schema-service - {{ end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - {{ if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.tproxyConfig.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - securityContext: - privileged: true - {{ end }} - {{ end }} - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: LOCAL_USER_ID - value: {{ .Values.global.config.userId | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.global.config.groupId | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf - subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf - subPath: janusgraph-cached.properties - - mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf - subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-RES - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/aai-resources/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf - subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties - name: {{ include "common.fullname" . }}-realm-conf - subPath: realm.properties - {{ if .Values.global.installSidecarSecurity }} - - mountPath: /opt/app/aai-resources/resources/etc/auth/aai_policy.json - name: {{ include "common.fullname" . }}-aai-policy - subPath: aai_policy.json - {{ end }} - - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.keyfile - - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv - name: {{ include "common.fullname" . }}-aaf-certs - subPath: bath_config.csv - - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.props - name: {{ include "common.fullname" . }}-aaf-properties - subPath: org.onap.aai.props - - mountPath: /opt/app/aai-resources/resources/aaf/org.osaaf.location.props - name: {{ include "common.fullname" . }}-aaf-properties - subPath: org.osaaf.location.props - - mountPath: /opt/app/aai-resources/resources/aaf/permissions.properties - name: {{ include "common.fullname" . }}-aaf-properties - subPath: permissions.properties - - mountPath: /opt/app/aai-resources/resources/cadi.properties - name: {{ include "common.fullname" . }}-aaf-properties - subPath: cadi.properties - - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.p12 - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.p12 - - mountPath: /opt/app/aai-resources/resources/aaf/truststoreONAPall.jks - name: aai-common-aai-auth-mount - subPath: truststoreONAPall.jks - - mountPath: /opt/app/aai-resources/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf - subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-resources/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-filebeat - resources: -{{ include "common.resources" . }} - {{ if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.rproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/rproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.sidecar.keyStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.rproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/forward-proxy.properties - subPath: forward-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/primary-service.properties - subPath: primary-service.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/reverse-proxy.properties - subPath: reverse-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/cadi.properties - subPath: cadi.properties - - name: {{ include "common.fullname" . }}-rproxy-log-config - mountPath: /opt/app/rproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - subPath: aaf_truststore.jks - - name: {{ include "common.fullname" . }}-rproxy-security-config - mountPath: /opt/app/rproxy/config/security/keyfile - subPath: keyfile - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 - subPath: org.onap.aai.p12 - ports: - - containerPort: {{ .Values.global.rproxy.port }} - - - name: {{ .Values.global.fproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/fproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.sidecar.keyStorePassword }} - - name: TRUST_STORE_PASSWORD - value: {{ .Values.sidecar.trustStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.fproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-fproxy-config - mountPath: /opt/app/fproxy/config/fproxy.properties - subPath: fproxy.properties - - name: {{ include "common.fullname" . }}-fproxy-log-config - mountPath: /opt/app/fproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/fproxy_truststore - subPath: fproxy_truststore - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - ports: - - containerPort: {{ .Values.global.fproxy.port }} - {{ end }} - - volumes: - - name: aai-common-aai-auth-mount - secret: - secretName: aai-common-aai-auth - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-aaf-properties - configMap: - name: {{ include "common.fullname" . }}-aaf-props - - name: {{ include "common.fullname" . }}-aaf-certs - secret: - secretName: {{ include "common.fullname" . }}-aaf-keys - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - {{ if .Values.global.installSidecarSecurity }} - - name: {{ include "common.fullname" . }}-aai-policy - configMap: - name: {{ include "common.fullname" . }}-aai-policy-configmap - - name: {{ include "common.fullname" . }}-rproxy-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-config - - name: {{ include "common.fullname" . }}-rproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-log-config - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-auth-config - - name: {{ include "common.fullname" . }}-rproxy-security-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config - - name: {{ include "common.fullname" . }}-fproxy-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-config - - name: {{ include "common.fullname" . }}-fproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config - {{ end }} - restartPolicy: {{ .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-resources/templates/service.yaml b/kubernetes/aai/charts/aai-resources/templates/service.yaml deleted file mode 100644 index d1199125d2..0000000000 --- a/kubernetes/aai/charts/aai-resources/templates/service.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/aai/charts/aai-resources/values.yaml b/kubernetes/aai/charts/aai-resources/values.yaml deleted file mode 100644 index 66a57d6389..0000000000 --- a/kubernetes/aai/charts/aai-resources/values.yaml +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for resources. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - -# application image -repository: nexus3.onap.org:10001 -image: onap/aai-resources:1.4-STAGING-latest -pullPolicy: Always -restartPolicy: Always -flavor: small -# default number of instances -replicaCount: 1 - -# Configuration for the resources deployment -config: - - # Specifies crud related operation timeouts and overrides - crud: - timeout: - # Specifies if the timeout for REST GET calls should be enabled - enabled: true - # Specifies the timeout values for application specific - # Its a pipe seperated list where each element before comma represents - # the X-FromAppId and the comma after specifies the timeout limit in ms - # If the timeout limit is -1 then it means for these apps no timeout - appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAIRctFeed,-1|NewvceCreator,-1|IANewvceCreator,-1|AAI-CSIOVALS,-1 - # Specifies what is the maximum timeout limit in milliseconds - limit: 100000 - - # Specifies configuration for bulk apis - bulk: - # Specifies for a bulk payload how many transactions in total allowed - limit: 30 - # Specifies if the bulk can be override and if it can the value - override: false - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 60 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 60 - periodSeconds: 10 - -# application configuration -sidecar: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -service: - type: ClusterIP - portName: aai-resources-8447 - internalPort: 8447 - portName2: aai-resources-5005 - internalPort2: 5005 - -ingress: - enabled: false - - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 1 - memory: 3Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-schema-service/.helmignore b/kubernetes/aai/charts/aai-schema-service/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-schema-service/Chart.yaml b/kubernetes/aai/charts/aai-schema-service/Chart.yaml deleted file mode 100644 index af462f03fa..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -apiVersion: v1 -description: ONAP AAI Schema Service -name: aai-schema-service -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-schema-service/config/aaiconfig.properties b/kubernetes/aai/charts/aai-schema-service/config/aaiconfig.properties deleted file mode 100644 index 2172d715de..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/config/aaiconfig.properties +++ /dev/null @@ -1,43 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2019 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ -aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ - -{{ if .Values.global.config.basic.auth.enabled }} -aai.tools.enableBasicAuth=true -aai.tools.username={{ .Values.global.config.basic.auth.username }} -aai.tools.password={{ .Values.global.config.basic.auth.passwd }} -{{ end }} - -aai.truststore.filename={{ .Values.global.config.truststore.filename }} -aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} -aai.keystore.filename={{ .Values.global.config.keystore.filename }} -aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} - -aai.default.api.version={{ .Values.global.config.schema.version.api.default }} - -aai.logging.trace.enabled=true -aai.logging.trace.logrequest=false -aai.logging.trace.logresponse=false - -aai.transaction.logging=true -aai.transaction.logging.get=false -aai.transaction.logging.post=false diff --git a/kubernetes/aai/charts/aai-schema-service/config/application.properties b/kubernetes/aai/charts/aai-schema-service/config/application.properties deleted file mode 100644 index 7b9312ff15..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/config/application.properties +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# The following info parameters are being referenced by ajsc6 -info.build.artifact=aai-schema-service -info.build.name=schema-service -info.build.description=Schema Service Microservice -info.build.version=1.1.0 - -spring.application.name=aai-schema-service -spring.jersey.type=filter - -server.contextPath=/ -spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration - -spring.profiles.active={{ .Values.global.config.profiles.active }} -spring.jersey.application-path=${schema.uri.base.path} -server.tomcat.max-threads=200 -server.tomcat.min-Spare-Threads=25 -server.tomcat.max-idle-time=60000 - -server.local.startpath=aai-schema-service/src/main/resources/ -server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties - -server.port=8452 -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) -server.ssl.client-auth=want -server.ssl.key-store-type=JKS - -schema.configuration.location=N/A -schema.source.name={{ .Values.global.config.schema.source.name }} -schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/ -schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/ -schema.query.location=${server.local.startpath}/schema/${schema.source.name}/query/ - -schema.ingest.file=${server.local.startpath}/application.properties - -# Schema Version Related Attributes -schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}/schema-service -# Lists all of the versions in the schema -schema.version.list={{ .Values.global.config.schema.version.list }} -# Specifies from which version should the depth parameter to default to zero -schema.version.depth.start={{ .Values.global.config.schema.version.depth }} -# Specifies from which version should the related link be displayed in response payload -schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }} - -# Specifies from which version should the client see only the uri excluding host info -# Before this version server base will also be included -schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }} -# Specifies from which version should the namespace be changed -schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }} -# Specifies from which version should the client start seeing the edge label in payload -schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }} -# Specifies the version that the application should default to -schema.version.api.default={{ .Values.global.config.schema.version.api.default }} diff --git a/kubernetes/aai/charts/aai-schema-service/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-schema-service/config/localhost-access-logback.xml deleted file mode 100644 index 447f2390b1..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/config/localhost-access-logback.xml +++ /dev/null @@ -1,58 +0,0 @@ - - - - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd} - - - - %a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - - - - - - diff --git a/kubernetes/aai/charts/aai-schema-service/config/logback.xml b/kubernetes/aai/charts/aai-schema-service/config/logback.xml deleted file mode 100644 index f10546ac69..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/config/logback.xml +++ /dev/null @@ -1,237 +0,0 @@ - - - - - - - - - - - - - - - - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - 1000 - true - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${eelfErrorLogPattern} - - - - 1000 - true - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{ if .Values.global.config.logback.console.enabled }} - - {{ end }} - - diff --git a/kubernetes/aai/charts/aai-schema-service/config/realm.properties b/kubernetes/aai/charts/aai-schema-service/config/realm.properties deleted file mode 100644 index 988bb2411b..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/config/realm.properties +++ /dev/null @@ -1,22 +0,0 @@ -AAI:OBF:1gfr1ev31gg7,admin -MSO:OBF:1jzx1lz31k01,admin -SDNC:OBF:1itr1i0l1i151isv,admin -DCAE:OBF:1g8u1f9d1f991g8w,admin -POLICY:OBF:1mk61i171ima1im41i0j1mko,admin -ASDC:OBF:1f991j0u1j001f9d,admin -VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin -ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin -AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin -OOF:OBF:1img1ke71ily,admin -aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-schema-service/templates/configmap.yaml b/kubernetes/aai/charts/aai-schema-service/templates/configmap.yaml deleted file mode 100644 index 91a831a557..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/templates/configmap.yaml +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "config/application.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-realm-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "config/realm.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/charts/aai-schema-service/templates/deployment.yaml deleted file mode 100644 index 38a19d3bd3..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/templates/deployment.yaml +++ /dev/null @@ -1,155 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: LOCAL_USER_ID - value: {{ .Values.global.config.userId | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.global.config.groupId | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/aai-schema-service/resources/etc/appprops/aaiconfig.properties - name: aaiconfig-conf - subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-SS - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/aai-schema-service/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - - mountPath: /opt/app/aai-schema-service/resources/localhost-access-logback.xml - name: localhost-access-log-conf - subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-schema-service/resources/etc/auth/realm.properties - name: realm-conf - subPath: realm.properties - - mountPath: /opt/app/aai-schema-service/resources/application.properties - name: springapp-conf - subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-schema-service/resources/etc/auth/{{ . }} - name: auth-truststore-sec - subPath: {{ . }} - {{ end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-filebeat - volumes: - - name: aai-common-aai-auth-mount - secret: - secretName: aai-common-aai-auth - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - - name: auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - restartPolicy: {{ .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-schema-service/templates/service.yaml b/kubernetes/aai/charts/aai-schema-service/templates/service.yaml deleted file mode 100644 index d1199125d2..0000000000 --- a/kubernetes/aai/charts/aai-schema-service/templates/service.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/aai/charts/aai-search-data/.helmignore b/kubernetes/aai/charts/aai-search-data/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-search-data/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-search-data/Chart.yaml b/kubernetes/aai/charts/aai-search-data/Chart.yaml deleted file mode 100644 index 9cf35239a0..0000000000 --- a/kubernetes/aai/charts/aai-search-data/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI search-data -name: aai-search-data -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/analysis-config.json b/kubernetes/aai/charts/aai-search-data/resources/config/analysis-config.json deleted file mode 100644 index 5fc135df5a..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/analysis-config.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "name": "whitespace_analyzer", - "description": "A standard whitespace analyzer.", - "behaviours": [ - "Tokenize the text using white space characters as delimeters.", - "Convert all characters to lower case.", - "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents." - ], - "tokenizer": "whitespace", - "filters": [ - "lowercase", - "asciifolding" - ] - }, - { - "name": "ngram_analyzer", - "description": "An analyzer which performs ngram filtering on the data stream.", - "behaviours": [ - "Tokenize the text using white space characters as delimeters.", - "Convert all characters to lower case.", - "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents.", - "Apply ngram filtering using the following values for minimum and maximum size in codepoints of a single n-gram: minimum = 1, maximum = 2." - ], - "tokenizer": "whitespace", - "filters": [ - "lowercase", - "asciifolding", - "ngram_filter" - ] - } -] \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/auth/search_policy.json b/kubernetes/aai/charts/aai-search-data/resources/config/auth/search_policy.json deleted file mode 100644 index bbbe52f5b5..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/auth/search_policy.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "roles": [ - { - "name": "admin", - "functions": [ - { - "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ] - } - ], - - "users": [ - { - "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" - } - ] - } - ] -} diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore deleted file mode 100644 index 842afebdf9..0000000000 Binary files a/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/dynamic-custom-template.json b/kubernetes/aai/charts/aai-search-data/resources/config/dynamic-custom-template.json deleted file mode 100644 index 2dac8f75c7..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/dynamic-custom-template.json +++ /dev/null @@ -1,12 +0,0 @@ -"dynamic_templates":[ - { - "strings":{ - "match_mapping_type":"string", - "match": "*", - "mapping":{ - "type":"text", - "fielddata":true - } - } - } -], diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties b/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties deleted file mode 100644 index 6232c149bc..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# ElasticSearch Configuration - -es.cluster-name=ES_AAI -es.ip-address=aai-elasticsearch.{{.Release.Namespace}} -es.http-port={{ .Values.config.elasticsearchHttpPort }} -es.uri-scheme=https -es.auth-user=admin -es.auth-password=OBF:1u2a1toa1w8v1tok1u30 -es.trust-store=auth/tomcat_keystore -es.trust-store-password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/es-payload-translation.json b/kubernetes/aai/charts/aai-search-data/resources/config/es-payload-translation.json deleted file mode 100644 index 8a29863bf3..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/es-payload-translation.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "attr-translations": [ - { - "query": "$..[?(@.type=='string' && @.index=='analyzed')]", - "update": {"type": "text", "index": true, "fielddata": true} - }, - { - "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", - "update": {"type": "keyword", "index": true} - }, - { - "query": "$..[?(@.type=='string' && !@.index)]", - "update": {"type": "text", "fielddata": true} - } - ] -} - diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/filter-config.json b/kubernetes/aai/charts/aai-search-data/resources/config/filter-config.json deleted file mode 100644 index a27f75b000..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/filter-config.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "name": "ngram_filter", - "description": "Custom NGram Filter.", - "configuration": " \"type\": \"nGram\", \"min_gram\": 1, \"max_gram\": 50, \"token_chars\": [ \"letter\", \"digit\", \"punctuation\", \"symbol\" ]" - } -] \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-search-data/resources/config/log/logback.xml deleted file mode 100644 index adfed4aa60..0000000000 --- a/kubernetes/aai/charts/aai-search-data/resources/config/log/logback.xml +++ /dev/null @@ -1,193 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - ${errorLogPattern} - - - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - - ${auditMetricPattern} - - - - - - 256 - - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - 256 - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml b/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml deleted file mode 100644 index b1547f42aa..0000000000 --- a/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-service-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml b/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml deleted file mode 100644 index 1d39d4e1d9..0000000000 --- a/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: /opt/app/search-data-service/config/ - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: KEY_MANAGER_PASSWORD - value: {{ .Values.config.keyManagerPassword }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/search-data-service/config/filter-config.json - subPath: filter-config.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/elastic-search.properties - subPath: elastic-search.properties - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/analysis-config.json - subPath: analysis-config.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/es-payload-translation.json - subPath: es-payload-translation.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/dynamic-custom-template.json - subPath: dynamic-custom-template.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore - subPath: tomcat_keystore - name: {{ include "common.fullname" . }}-service-auth-config - - mountPath: /opt/app/search-data-service/config/auth/search_policy.json - subPath: search_policy.json - name: {{ include "common.fullname" . }}-search-policy-config - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-service-logs - - mountPath: /opt/app/search-data-service/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-service-log-conf - subPath: logback.xml - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-service-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-service-filebeat - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-service-config - configMap: - name: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-service-auth-config - secret: - secretName: {{ include "common.fullname" . }}-keystone - - name: {{ include "common.fullname" . }}-search-policy-config - secret: - secretName: {{ include "common.fullname" . }}-policy - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-service-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-service-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-service-log-conf - configMap: - name: {{ include "common.fullname" . }}-service-log - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-search-data/templates/secret.yaml b/kubernetes/aai/charts/aai-search-data/templates/secret.yaml deleted file mode 100644 index ee32e19218..0000000000 --- a/kubernetes/aai/charts/aai-search-data/templates/secret.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-keystone - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-policy - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-search-data/values.yaml b/kubernetes/aai/charts/aai-search-data/values.yaml deleted file mode 100644 index 2a999b8a0c..0000000000 --- a/kubernetes/aai/charts/aai-search-data/values.yaml +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for search-data. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - - -# application image -repository: nexus3.onap.org:10001 -image: onap/search-data-service:1.3.1 -pullPolicy: Always -restartPolicy: Always -flavor: small -# application configuration -config: - elasticsearchHttpPort: 9200 - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - portName: aai-search-data - internalPort: 9509 - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.25 - memory: 750Mi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 0.5 - memory: 1Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-sparky-be/.helmignore b/kubernetes/aai/charts/aai-sparky-be/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-override.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-override.properties deleted file mode 100644 index 5c733e852b..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-override.properties +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -oxm.apiVersionOverride=v14 -oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14 \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties deleted file mode 100644 index c7f6bbc1d3..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -oxm.schemaNodeDir=/opt/app/sparky/onap/oxm -#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config -oxm.schemaServiceTranslatorList=config -# The end point for onap is https://:/onap/schema-service/v1/ -oxm.schemaServiceBaseUrl=https:///aai/schema-service/v1/ -oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12 -oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore -oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o -oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o - - - -# Schema Service need this variable for the time being -spring.applicationName=sparky diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-resources.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-resources.properties deleted file mode 100644 index cdd3d480b1..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-resources.properties +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -resources.hostname=aai -resources.port=8443 -resources.authType=SSL_BASIC -resources.basicAuthUserName=aai@aai.onap.org -resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek -resources.trust-store=tomcat_keystore diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-ssl.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-ssl.properties deleted file mode 100644 index 2ea1bf15ed..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-ssl.properties +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -server.port=8000 -server.ssl.key-store=file:${CONFIG_HOME}/auth/org.onap.aai.p12 -server.ssl.key-store-password=OBF:1x0v1g131lps1cix1rjb1n5p22691qab1hm51hfc1i2t1lmr1liz1hyx1hfq1hn51qcr22651n5t1rh31cgl1lu61g2f1x1r -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.trust-store=file:${CONFIG_HOME}/auth/truststoreONAPall.jks -server.ssl.trust-store-password=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-sync.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-sync.properties deleted file mode 100644 index 4fb10a21f7..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-sync.properties +++ /dev/null @@ -1,6 +0,0 @@ -aggregationSyncEnabled=true -historicalEntitySyncEnabled=true -autoSuggestSyncEnabled=true -vnfAliasSyncEnabled=true -geoSyncEnabled=true -viewInspectSyncEnabled=true \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties deleted file mode 100644 index 108f9ef7b5..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# disable the default thyme leaf icon on web-pages -# -spring.mvc.favicon.enabled=false - -# -# to switch to http, remove ssl and put http -# and in the values.yaml change the internalPort to 9517 -# - -spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal - -portal.cadiFileLocation={{.Values.config.cadiFileLocation}} -portal.cadiFileLocation={{.Values.config.cadiFileLocation}} -searchservice.hostname={{.Values.global.searchData.serviceName}} -searchservice.port=9509 -searchservice.client-cert=client-cert-onap.p12 -searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -searchservice.truststore=tomcat_keystore - -schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties deleted file mode 100644 index 6edc3d97db..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -global.login.url=aaiportal.onap.org - -# MOTS ID of the application -application.id=12345 - -# valid domains for open redirect -redirect-domain=domain.com - -# Required by esGateKeeper. Valid values are: -# DEVL - used during development -# PROD - used in production -gatekeeper.environment=TEST diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12 b/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12 deleted file mode 100644 index 71cea3e57c..0000000000 Binary files a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties deleted file mode 100644 index 67268e33e2..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties +++ /dev/null @@ -1 +0,0 @@ -cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==! diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties deleted file mode 100644 index 546955f98a..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -################################################################################ -############################## Portal properties ############################### -################################################################################ - -# Java class that implements the ECOMP role and user mgt API -portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPICentralServiceImpl - -# Instance of ECOMP Portal where the app has been on-boarded -# use insecure http for dev purposes to avoid self-signed certificate -ecomp_rest_url = http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi - -# Standard global logon page -ecomp_redirect_url = http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm - -# Name of cookie to extract on login request -csp_cookie_name = EPService -# Alternate values: DEVL, V_DEVL, V_PROD -csp_gate_keeper_prod_key = PROD - -# Toggles use of UEB -ueb_listeners_enable = false -# IDs application withing UEB flow -ueb_app_key = ueb_key_7 -# Use this tag if the app is centralized -role_access_centralized=remote - -# Connection and Read timeout values -ext_req_connection_timeout=15000 -ext_req_read_timeout=20000 - -#Add AAF namespace if the app is centralized -auth_namespace={{.Values.config.aafNamespace}} diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties deleted file mode 100644 index 41a49a0ed7..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties +++ /dev/null @@ -1,45 +0,0 @@ -# Configure AAF -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 -aaf_url=<%=https://AAF_LOCATE_URL/AAF_NS.service:2.0 - -#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE -# AAF Environment Designation - -#if you are running aaf service from a docker image you have to use aaf service IP and port number -aaf_id={{.Values.config.aafUsername}} -#Encrypt the password using AAF Jar -aaf_password={{.Values.config.aafPassword}} -# Sample CADI Properties, from CADI 1.4.2 -#hostname=org.onap.aai.orr -csp_domain=PROD -# Add Absolute path to Keyfile -cadi_keyfile={{.Values.config.cadiKeyFile}} - -# This is required to accept Certificate Authentication from Certman certificates. -# can be TEST, IST or PROD -aaf_env=DEV - -# DEBUG prints off all the properties. Use to get started. -cadi_loglevel=DEBUG - -# Add Absolute path to truststore2018.jks -cadi_truststore={{.Values.config.cadiTrustStore}} -# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs -cadi_truststore_password={{.Values.config.cadiTrustStorePassword}} - -# how to turn on SSL Logging -#javax.net.debug=ssl - -# Use "maps.bing.com" to get Lat and Long for an Address -AFT_LATITUDE=32.780140 -AFT_LONGITUDE=-96.800451 -AFT_ENVIRONMENT=AFTUAT -AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true -DME2.DEBUG=true -AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true - -cadi_latitude=32.780140 -cadi_longitude=-96.800451 - -aaf_root_ns=com.att.aaf -aaf_api_version=2.0 diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile deleted file mode 100644 index 921ce6714a..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile +++ /dev/null @@ -1,27 +0,0 @@ -77E_fh-8gTjeg8egAo-JgNkXYm1FGEBPMo44vKPgKyGCJj9Dn0xJqIBct2Ko35X4_HSU3wPq3I2q -YHIvJCjmzXTVu2zvu4rIGTlwycTtLGDkgPyhOYFytv4GgazbpSs9331MPUeVVrdpkDCQmjtHSB4m -DThhfEe2lkbZ35ljX3sVSf3JDy4ngRot0ktQwnnY4vxFdgVUl7LzVinXWgFLoqMyXmKh_bGw9aUH -VMgqFsF_YmqLZY5ZARAraeywktvrU5kXYh5SnfXoJy7XIk0TBjHKqO-1mW-TcIgS3_v6GIGkZnpq -e1FyE8cS21gTPFlc1KDoWUZE2yoEsQKJc4RFWfjid_mE6nckxym1TOsEn3G2_TlkZvliN_QMDB_c -RuFLDB9HCChm4YYHpSn-RBqtJFz29bMTHQX8VNVfZ_Zhh-4dWOlEfpSzJvAqm_boo-8y8YDGIusx -mvKyPXEKVCuBOljHaKhYg0d43nAXIFsssKpjmtQizA2L_TP1Mo_lDFIlCsPcRlHKTvzkTstEAhRj -JnepzA--olBMwBkPxjm1Y5XQBGZH72i_o4Hr7_NqHb9sP486I2Nd1-owjHkhacGrLO1oORnuBUxp -_SnaXYywe9tTz3BcfFupXSoDv4Sj7g9B53yPIWmjGggigidql3SNJsui6qOtwDHOejzEDFm23Lj7 -fXD6sb52U_ul9ahi4CoLTzpvMsPRYOqyRCk8K8FVBauZbG5D42oaFPn0S0rCSHOCU1TXbRdTF-Cs -I2R0pEHNgb33yx6vtInaTSYIQ5cxa3XDA_50AQearV5SuYSlp8dK0BkpVCKgvSQdTn-2WiaV_hvO -KzG7D2adT1kYY6TjYMXIaUiJ33y1XSNDG0s6r4NG5dNE6Jj7thdpnV-AAZoi0uZh1_bsHKLVmHRr -NCXAc6DZm1D4N9y5lOJwUprUlJisZXLFTQThGMRY5dtiY_eK9Xjj4FQygXXhuhFXHz2-e4YApORv -lXDcT29IZuuI1j26bxdNdhNr1wZsqqievBN6l6OQMiP21eIrxAUu1BEmiVOrfOzaEjxldDN2gFum -4-zf9gsQT9UT8KEuOje64wVeHr09JpWuddV9HOAMvqc6mKTWmvUv_QiLgtK_b39QccMrOfOA1usM -biRJ9wuTYIr584Q9CjHEcm5e2YufcbF-IDZ4IDui8gNXyYJuusTYdspeKzrtiLKfgI56ZWA3it9G -SOkN18YyUmhk7HFkx9qEifb4UEbUQPb0dyXBRotf-91c5CPkct-36uV4sZBA_AR1tX3-aRKKB_SQ -B0zaG-eaEdEqKv-ZYHqk23ZxiEsCX3ZdY7VSMWztE3_D5n8UgEl4et5LVfnjvU-arVVO93WUbXk0 -zi2QrOwytOZ0StAvFdF1nVwWllPg4EYcn8qLJIaaBRvLMlpHixtwRhltwJeMmJl3ExImOxNhVbhF -6LxVXW6JK8JfMIwb_TE4EShDBjemq76BojQOwrO4OAyPG7B5iUtefdY-Zu1EtjXPhrUgljI_A1tg -5_2WNjNTCT7Bvig3saFsIRi3cvgIcMAF2H7kJYw3UDvCFnx4LIom2u6vSeyatPxEOhRfpP0KvgEU -koM9DFJW7VWQ11mB_DcU2NoYHdFKFy_cM62kIvoRwZTADGryEtkLSWEDT8MLpVrGXP2RjSZ3HHqC -vVpVqQHC2VIqNKi2uHtYCiTEfj81Z0rCrnH3hYIRoOSe5W6m17xyb0RloG0G44uK0oNCfDYLwK0L -TJaBdWSIBYI__ISsKx8o8r-3XLtbwQPPhv4-LpGwJYd7sIcqnpTYAyNGSrbEM4ECzHCH9Hwf9Duy -cAQGWqXIbTV9i8ryw8OhcCZPTf3noPZyhzzdegiv6KNT-BBbxsgtDehtP-jvpd9eAhjlfUV_hoFJ -rBUVMFrIOEDnnItVqBDmnavRdhn6N9ObVjVMv_4inhkvtpBCEVxtVQT2kFuBmZvPu_uHHbXi7_g8 -SVs3AjJ2ya3pZraK6gH3IOYoGtTAH3rKl7XdTMjqWnUCbhepuJqeEOF-DhpsEW7Oo0Lqzbjg \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties deleted file mode 100644 index 97b5399f54..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -##################################################################################### -############################## Portal Auth Properties ############################## -##################################################################################### - -############################## Auth ############################## -username={{.Values.config.portalUsername}} -password={{.Values.config.portalPassword}} - -############################## ############################## -# -# ONAP Cookie Processing - During initial development, this flag, if true, will -# prevent the portal interface's login processing from searching for a user -# specific cookie, and will instead allow passage if a valid session cookie is discovered. -onap_enabled={{.Values.config.portalOnapEnabled}} -onap.user_id_cookie_name={{.Values.config.portalCookieName}} -cookie_decryptor_classname={{.Values.config.cookieDecryptorClass}} -app_roles={{.Values.config.portalAppRoles}} diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config b/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config deleted file mode 100644 index ce69e88918..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config +++ /dev/null @@ -1,20 +0,0 @@ -[{ - "orgId": null, - "managerId": null, - "firstName": "Demo", - "middleInitial": null, - "lastName": "User", - "phone": null, - "email": "demo@email.com", - "hrid": null, - "orgUserId": "demo", - "orgCode": null, - "orgManagerUserId": null, - "jobTitle": null, - "loginId": "demo", - "active": false, - "roles": [{ - "id": 1, - "name": "View" - }] -}] \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml deleted file mode 100644 index 50238aaea3..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prop - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/application-resources.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/application-ssl.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-portal - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/portal/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-portal-props - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/portal/BOOT-INF/classes/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml deleted file mode 100644 index ee18d9b24c..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml +++ /dev/null @@ -1,205 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aai-elasticsearch - - --container-name - - aai-search-data - - --container-name - - aai - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 - name: {{ include "common.fullname" . }}-auth-config - subPath: client-cert-onap.p12 - - - mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties - name: {{ include "common.fullname" . }}-auth-config - subPath: csp-cookie-filter.properties - - - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12 - name: {{ include "common.fullname" . }}-auth-config - subPath: org.onap.aai.p12 - - - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks - name: aai-common-aai-auth-mount - subPath: truststoreONAPall.jks - - - mountPath: /opt/app/sparky/config/portal/ - name: {{ include "common.fullname" . }}-portal-config - - - mountPath: /opt/app/sparky/config/portal/BOOT-INF/classes/ - name: {{ include "common.fullname" . }}-portal-config-props - - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - - mountPath: /opt/app/sparky/config/application.properties - name: {{ include "common.fullname" . }}-properties - subPath: application.properties - - - mountPath: /opt/app/sparky/config/application-resources.properties - name: {{ include "common.fullname" . }}-properties - subPath: application-resources.properties - - - mountPath: /opt/app/sparky/config/application-ssl.properties - name: {{ include "common.fullname" . }}-properties - subPath: application-ssl.properties - - - mountPath: /opt/app/sparky/config/application-oxm-default.properties - name: {{ include "common.fullname" . }}-properties - subPath: application-oxm-default.properties - - - mountPath: /opt/app/sparky/config/application-oxm-override.properties - name: {{ include "common.fullname" . }}-properties - subPath: application-oxm-override.properties - - - mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties - name: {{ include "common.fullname" . }}-properties - subPath: application-oxm-schema-prod.properties - - - mountPath: /opt/app/sparky/config/roles.config - name: {{ include "common.fullname" . }}-properties - subPath: roles.config - - - mountPath: /opt/app/sparky/config/users.config - name: {{ include "common.fullname" . }}-properties - subPath: users.config - - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-sparky-filebeat - resources: -{{ include "common.resources" . }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - - name: {{ include "common.fullname" . }}-properties - configMap: - name: {{ include "common.fullname" . }}-prop - - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - - - name: {{ include "common.fullname" . }}-portal-config - configMap: - name: {{ include "common.fullname" . }}-portal - - - name: {{ include "common.fullname" . }}-portal-config-props - configMap: - name: {{ include "common.fullname" . }}-portal-props - - - name: {{ include "common.fullname" . }}-auth-config - secret: - secretName: {{ include "common.fullname" . }} - - - name: aai-common-aai-auth-mount - secret: - secretName: aai-common-aai-auth - - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: aai-sparky-filebeat - emptyDir: {} - - name: modeldir - emptyDir: {} - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml deleted file mode 100644 index 24ee69d5e8..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml deleted file mode 100644 index 9755c8bcc2..0000000000 --- a/kubernetes/aai/charts/aai-sparky-be/values.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for sparky-be. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - aai: - serviceName: aai - aaiElasticsearch: - serviceName: aai-elasticsearch - gizmo: - serviceName: aai-gizmo - searchData: - serviceName: aai-search-data - -# application image -repository: nexus3.onap.org:10001 -image: onap/sparky-be:1.4-STAGING-latest -pullPolicy: Always -restartPolicy: Always -flavor: small -dockerhubRepository: registry.hub.docker.com -ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 -# application configuration -config: - elasticsearchHttpPort: 9200 - gerritBranch: 3.0.0-ONAP - gerritProject: http://gerrit.onap.org/r/aai/test-config - portalUsername: aaiui - portalPassword: OBF:1t2v1vfv1unz1vgz1t3b - portalCookieName: UserId - portalAppRoles: ui_view - aafUsername: aai@aai.onap.org - aafNamespace: org.onap.aai.aaiui - aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz - cadiKeyFile: /opt/app/sparky/config/portal/keyFile - cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks - cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties - cadiTrustStorePassword: changeit - cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor - -# ONAP Cookie Processing - During initial development, the following flag, if true, will -# prevent the portal interface's login processing from searching for a user -# specific cookie, and will instead allow passage if a valid session cookie is discovered. - portalOnapEnabled: true -# - -# override chart name (sparky-be) to share a common namespace -# suffix with parent chart (aai) -nsSuffix: aai - - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName: aai-sparky-be - internalPort: 8000 - nodePort: 20 - -ingress: - enabled: false - -# Configure resource requests and limits -# ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.25 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 0.5 - memory: 2Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-spike/Chart.yaml b/kubernetes/aai/charts/aai-spike/Chart.yaml deleted file mode 100644 index 587b84c537..0000000000 --- a/kubernetes/aai/charts/aai-spike/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI Spike microservice -name: aai-spike -version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12 deleted file mode 100644 index d9fe86e4ec..0000000000 Binary files a/kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-spike/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-spike/resources/config/auth/tomcat_keystore deleted file mode 100644 index 025f3c49da..0000000000 Binary files a/kubernetes/aai/charts/aai-spike/resources/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-spike/resources/config/logback.xml b/kubernetes/aai/charts/aai-spike/resources/config/logback.xml deleted file mode 100644 index e40ba13d04..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/logback.xml +++ /dev/null @@ -1,194 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - ${errorLogPattern} - - - - - - - - - - - ${logDirectory}/${generalLogName}.log - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - - INFO - - 256 - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${auditMetricPattern} - - - - 256 - - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - - ${auditMetricPattern} - - - - - 256 - - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 60 - - - ${errorLogPattern} - - - - - 256 - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json deleted file mode 100644 index 8d00636d27..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "contains-other-v": "java.lang.String", - "delete-other-v": "java.lang.String", - "SVC-INFRA": "java.lang.String", - "prevent-delete": "java.lang.String" -} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json deleted file mode 100644 index 7cbddae375..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "isParent":"java.lang.Boolean", - "isParent-REV":"java.lang.Boolean", - "usesResource":"java.lang.Boolean", - "usesResource-REV":"java.lang.Boolean", - "SVC-INFRA":"java.lang.Boolean", - "SVC-INFRA-REV":"java.lang.Boolean", - "hasDelTarget":"java.lang.Boolean", - "hasDelTarget-REV":"java.lang.Boolean" -} diff --git a/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties b/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties deleted file mode 100644 index 15697615df..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties +++ /dev/null @@ -1,65 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Copyright © 2018 Amdocs -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -####################################### -# Schema Version Related Attributes -####################################### -schema.uri.base.path=/aai -# Lists all of the versions in the schema -schema.version.list=v10,v11,v12,v13,v14,v15 -# Specifies from which version should the depth parameter to default to zero -schema.version.depth.start=v10 -# Specifies from which version should the related link be displayed in response payload -schema.version.related.link.start=v10 -# Specifies from which version should the client see only the uri excluding host info -# Before this version server base will also be included -schema.version.app.root.start=v11 -# Specifies from which version should the namespace be changed -schema.version.namespace.change.start=v11 -# Specifies from which version should the client start seeing the edge label in payload -schema.version.edge.label.start=v12 -# Specifies the version that the application should default to -schema.version.api.default=v15 - -####################################### -# Schema Location Related Attributes -####################################### -schema.configuration.location=NA -schema.nodes.location=/opt/app/spike/bundleconfig/etc/onap/oxm -schema.edges.location=/opt/app/spike/bundleconfig/etc/onap/dbedgerules - -############################################################################### -# Schema Service Related Attributes -############################################################################### -# Specifies whether to use the schema service (schema-service) or local schema files (config) -schema.translator.list=config - -schema.service.base.url=https://:8452/aai/schema-service/v1/ -schema.service.nodes.endpoint=nodes?version= -schema.service.edges.endpoint=edgerules?version= -schema.service.versions.endpoint=versions - -#Default rest client is the two-way-ssl -schema.service.client=two-way-ssl -#Replace the below with the A&AI client key store -schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12 -#Replace the below with the A&AI tomcat trust store -schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore diff --git a/kubernetes/aai/charts/aai-spike/resources/config/spike-beans.xml b/kubernetes/aai/charts/aai-spike/resources/config/spike-beans.xml deleted file mode 100644 index 50be8cb0f8..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/spike-beans.xml +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/aai/charts/aai-spike/resources/config/spike.properties b/kubernetes/aai/charts/aai-spike/resources/config/spike.properties deleted file mode 100644 index c3ba4a3d5f..0000000000 --- a/kubernetes/aai/charts/aai-spike/resources/config/spike.properties +++ /dev/null @@ -1,28 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Copyright © 2018 Amdocs -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# Spike configuration - -spike.event.poll.interval=30000 -spike.event.offset.period= 10000 -spike.event.queue.capacity=10000 -spike.event.queue.delay=10000 -spike.props.reserved=source-of-truth,last-mod-source-of-truth,aai-created-ts,aai-last-mod-ts diff --git a/kubernetes/aai/charts/aai-spike/templates/configmap.yaml b/kubernetes/aai/charts/aai-spike/templates/configmap.yaml deleted file mode 100644 index ebd4fb0c66..0000000000 --- a/kubernetes/aai/charts/aai-spike/templates/configmap.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-edge-props-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/model/edge_props/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-spike/templates/deployment.yaml b/kubernetes/aai/charts/aai-spike/templates/deployment.yaml deleted file mode 100644 index c962f1df2b..0000000000 --- a/kubernetes/aai/charts/aai-spike/templates/deployment.yaml +++ /dev/null @@ -1,166 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - message-router-kafka - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - name: {{ .Chart.Name }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: CONFIG_HOME - value: /opt/app/spike/config - - name: KEY_STORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_STORE_PASSWORD - - name: KEY_MANAGER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: KEY_MANAGER_PASSWORD - - name: SERVICE_BEANS - value: /opt/app/spike/dynamic/conf - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/spike/config/auth - name: {{ include "common.fullname" . }}-secrets - - mountPath: /opt/app/spike/dynamic/conf/spike-beans.xml - name: {{ include "common.fullname" . }}-config - subPath: spike-beans.xml - - mountPath: /opt/app/spike/config/spike.properties - subPath: spike.properties - name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/spike/config/schema-ingest.properties - subPath: schema-ingest.properties - name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/spike/config/edgeprops-ingest.properties - subPath: edgeprops-ingest.properties - name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/spike/config/model/edge_props - name: {{ include "common.fullname" . }}-edge-props-config - - mountPath: /opt/app/spike/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-config - subPath: logback.xml - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-filebeat - resources: -{{ include "common.resources" . }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-secrets - secret: - secretName: {{ include "common.fullname" . }}-spike-secrets - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }}-configmap - items: - - key: spike.properties - path: spike.properties - - key: spike-beans.xml - path: spike-beans.xml - - key: schema-ingest.properties - path: schema-ingest.properties - - key: edgeprops-ingest.properties - path: edgeprops-ingest.properties - - key: logback.xml - path: logback.xml - - name: {{ include "common.fullname" . }}-edge-props-config - configMap: - name: {{ include "common.fullname" . }}-edge-props-configmap - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: aai-filebeat - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-spike/templates/secrets.yaml b/kubernetes/aai/charts/aai-spike/templates/secrets.yaml deleted file mode 100644 index 510805d8cd..0000000000 --- a/kubernetes/aai/charts/aai-spike/templates/secrets.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-spike-secrets - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-pass - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }} - KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }} diff --git a/kubernetes/aai/charts/aai-spike/values.yaml b/kubernetes/aai/charts/aai-spike/values.yaml deleted file mode 100644 index fbe09f7d10..0000000000 --- a/kubernetes/aai/charts/aai-spike/values.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - readinessImage: readiness-check:2.0.2 - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# - -# application image -image: onap/spike:1.4-STAGING-latest -flavor: small -# application configuration -config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName: spike - externalPort: 9518 - internalPort: 9518 - nodePort: 39 - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 - memory: 1536Mi - unlimited: {} - -# XML bean configuration -event: - port: - dmaap: 3905 - protocol: https - consumer: - topic: champRawEvents - publisher: - topic: spikeEvents diff --git a/kubernetes/aai/charts/aai-traversal/.helmignore b/kubernetes/aai/charts/aai-traversal/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/charts/aai-traversal/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/aai/charts/aai-traversal/Chart.yaml b/kubernetes/aai/charts/aai-traversal/Chart.yaml deleted file mode 100644 index 0470d0ac7f..0000000000 --- a/kubernetes/aai/charts/aai-traversal/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI traversal -name: aai-traversal -version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv deleted file mode 100644 index 60a8fb5f0b..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv +++ /dev/null @@ -1,33 +0,0 @@ -# AAI -> aai@aai.onap.org -Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# ModelLoader -> aai@aai.onap.org -Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# AaiUI -> aai@aai.onap.org, -Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# MSO -> so@so.onap.org -Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03 - -# SDNC -> sdnc@sdnc.onap.org -Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# DCAE -> dcae@dcae.onap.org -Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# POLICY -> policy@policy.onap.org -Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# ASDC -> sdc@sdc.onap.org -Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# VID -> vid@vid.onap.org -Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# APPC -> appc@appc.onap.org -Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# OOF -> oof@oof.onap.org -Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03 - diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties deleted file mode 100644 index 9523367f27..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties +++ /dev/null @@ -1,8 +0,0 @@ - -cadi_loglevel=INFO -cadi_prop_files=/opt/app/aai-traversal/resources/aaf/org.osaaf.location.props:/opt/app/aai-traversal/resources/aaf/org.onap.aai.props - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile deleted file mode 100644 index 87219388f7..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k -brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 -AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM -EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo -UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L -02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM -qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw -mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 -VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 -vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM -8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe -O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT -x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu -5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID -dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o -eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl -uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl -YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 -EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI -dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l -ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ -15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi -ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl -m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa -iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk -_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw -PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 deleted file mode 100644 index 5737e48796..0000000000 Binary files a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props deleted file mode 100644 index 0f27dbdd76..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props +++ /dev/null @@ -1,14 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# @copyright 2016, AT&T -############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile -cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr -#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL -cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv -cadi_loglevel=INFO -cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props deleted file mode 100644 index 132fb242f4..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props +++ /dev/null @@ -1,23 +0,0 @@ -## -## org.osaaf.location.props -## -## Localized Machine Information -## -# Almeda California ? -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 - -# AAF Environment Designation -aaf_env=DEV - -# OAuth2 Endpoints -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - - diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties deleted file mode 100644 index d4956f577c..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties +++ /dev/null @@ -1,2 +0,0 @@ -permission.type=org.onap.aai.traversal -permission.instance=* \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties deleted file mode 100644 index 3859590aaf..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties +++ /dev/null @@ -1,81 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# - -aai.config.checktime=1000 - -# this could come from siteconfig.pl? -aai.config.nodename=AutomaticallyOverwritten - -aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ -aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ - -{{ if .Values.global.config.basic.auth.enabled }} -aai.tools.enableBasicAuth=true -aai.tools.username={{ .Values.global.config.basic.auth.username }} -aai.tools.password={{ .Values.global.config.basic.auth.passwd }} -{{ end }} - -aai.truststore.filename={{ .Values.global.config.truststore.filename }} -aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} -aai.keystore.filename={{ .Values.global.config.keystore.filename }} -aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} - -aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} -aai.notificationEvent.default.status=UNPROCESSED -aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }} -aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }} -aai.notificationEvent.default.sourceName=aai -aai.notificationEvent.default.sequenceNumber=0 -aai.notificationEvent.default.severity=NORMAL -aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }} -# This one lets us enable/disable resource-version checking on updates/deletes -aai.resourceversion.enableflag=true -aai.logging.maxStackTraceEntries=10 -aai.default.api.version={{ .Values.global.config.schema.version.api.default }} - -# Used by Model-processing code -aai.model.delete.sleep.per.vtx.msec=500 -aai.model.query.resultset.maxcount=50 -aai.model.query.timeout.sec=90 - -aai.model.proc.max.levels=50 -aai.edgeTag.proc.max.levels=50 - -aai.logging.trace.enabled=true -aai.logging.trace.logrequest=false -aai.logging.trace.logresponse=false - -aai.transaction.logging=true -aai.transaction.logging.get=false -aai.transaction.logging.post=false - -aai.realtime.clients={{ .Values.global.config.realtime.clients }} - -#timeout for traversal enabled flag -aai.traversal.timeoutenabled={{ .Values.config.timeout.enabled }} - -#timeout app specific -aai.traversal.timeout.appspecific={{ .Values.config.timeout.appspecific }} - -#default timeout limit added for traversal if not overridden (in ms) -aai.traversal.timeoutlimit={{ .Values.config.timeout.limit | int }} diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties deleted file mode 100644 index a7c86b6d73..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties +++ /dev/null @@ -1,97 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# The following info parameters are being referenced by ajsc6 -info.build.artifact=aai-traversal -info.build.name=traversal -info.build.description=Traversal Microservice -info.build.version=1.3.0 - -spring.application.name=aai-traversal -spring.jersey.type=filter - -server.contextPath=/ -spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration - -spring.profiles.active={{ .Values.global.config.profiles.active }} -spring.jersey.application-path=${schema.uri.base.path} -#The max number of active threads in this pool -server.tomcat.max-threads=200 -#The minimum number of threads always kept alive -server.tomcat.min-Spare-Threads=25 -#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads -server.tomcat.max-idle-time=60000 - -# If you get an application startup failure that the port is already taken -# If thats not it, please check if the key-store file path makes sense -server.local.startpath=aai-traversal/src/main/resources/ -server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties - -server.port=8446 -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) -server.ssl.client-auth=want -server.ssl.key-store-type=JKS - -# JMS bind address host port -jms.bind.address=tcp://localhost:61647 -dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3905 -dmaap.ribbon.transportType=https - -# Schema related attributes for the oxm and edges -# Any additional schema related attributes should start with prefix schema -schema.configuration.location=N/A -schema.source.name={{ .Values.global.config.schema.source.name }} -schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/ -schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/ -# Location of where the stored queries are -schema.queries.location=${server.local.startpath}/schema/${schema.source.name}/query/ - -schema.ingest.file=${server.local.startpath}/application.properties - -# Schema Version Related Attributes - -schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }} -# Lists all of the versions in the schema -schema.version.list={{ .Values.global.config.schema.version.list }} -# Specifies from which version should the depth parameter to default to zero -schema.version.depth.start={{ .Values.global.config.schema.version.depth }} -# Specifies from which version should the related link be displayed in response payload -schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }} - -# Specifies from which version should the client see only the uri excluding host info -# Before this version server base will also be included -schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }} -# Specifies from which version should the namespace be changed -schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }} -# Specifies from which version should the client start seeing the edge label in payload -schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }} -# Specifies the version that the application should default to -schema.version.api.default={{ .Values.global.config.schema.version.api.default }} - -schema.translator.list={{ .Values.global.config.schema.translator.list }} -schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/ -schema.service.nodes.endpoint=nodes?version= -schema.service.edges.endpoint=edgerules?version= -schema.service.versions.endpoint=versions -schema.service.custom.queries.endpoint=stored-queries -schema.service.client={{ .Values.global.config.schema.service.client }} - -schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties deleted file mode 100644 index 2c22d14a41..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties +++ /dev/null @@ -1,102 +0,0 @@ -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} -{{- $global := . }} - -storage.backend=cassandra -storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} - -storage.cassandra.keyspace=aaigraph - -storage.cassandra.read-consistency-level=LOCAL_QUORUM -storage.cassandra.write-consistency-level=LOCAL_QUORUM -storage.cassandra.replication-factor=3 -storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -#caching on -cache.db-cache = true -cache.db-cache-clean-wait = 20 -cache.db-cache-time = 180000 -cache.db-cache-size = 0.3 - -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties deleted file mode 100644 index b19c9b6df6..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties +++ /dev/null @@ -1,96 +0,0 @@ -# -# ============LICENSE_START======================================================= -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# - -query.fast-property=true -query.smart-limit=false - -{{ if .Values.global.config.cluster.cassandra.dynamic }} - -{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} -{{- $global := . }} - -storage.backend=cassandra -storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} - -storage.cassandra.keyspace=aaigraph - -storage.cassandra.read-consistency-level=LOCAL_QUORUM -storage.cassandra.write-consistency-level=LOCAL_QUORUM -storage.cassandra.replication-factor=3 -storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy - -{{ else }} - -{{ if .Values.global.config.storage }} - -storage.backend={{ .Values.global.config.storage.backend }} - -{{ if eq .Values.global.config.storage.backend "cassandra" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cassandra.keyspace={{ .Values.global.config.storage.name }} - -storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} -storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} -storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} -storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} -storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "cql" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.cql.keyspace={{ .Values.global.config.storage.name }} - -storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} -storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} - -storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} -storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} -storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ else if eq .Values.global.config.storage.backend "hbase" }} - -storage.hostname={{ .Values.global.config.storage.hostname }} -storage.hbase.table={{ .Values.global.config.storage.name }} - -storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} -cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} -log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} - -{{ end }} - -{{ end }} - -{{ end }} - -storage.lock.wait-time=300 -# Setting db-cache to false ensure the fastest propagation of changes across servers -cache.db-cache = false -#load graphson file on startup -load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml deleted file mode 100644 index 4cf6c74333..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml +++ /dev/null @@ -1,63 +0,0 @@ - - - - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log - - ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd} - - - - %a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - - - - - - diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml deleted file mode 100644 index d466ccf39a..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml +++ /dev/null @@ -1,268 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - 1000 - true - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${eelfErrorLogPattern} - - - - 1000 - true - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{if .Values.global.config.logback.console.enabled}} - - {{ end }} - - diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties deleted file mode 100644 index 0499b34f1c..0000000000 --- a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# format : username: password[,rolename ...] -# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader... -AAI:OBF:1gfr1ev31gg7,admin -MSO:OBF:1jzx1lz31k01,admin -SDNC:OBF:1itr1i0l1i151isv,admin -DCAE:OBF:1g8u1f9d1f991g8w,admin -POLICY:OBF:1mk61i171ima1im41i0j1mko,admin -ASDC:OBF:1f991j0u1j001f9d,admin -VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin -ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin -AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin -OOF:OBF:1img1ke71ily,admin -aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml deleted file mode 100644 index 106031edbc..0000000000 --- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml +++ /dev/null @@ -1,136 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-real-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-cached-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-realm-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaf-props - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/aaf/org.osaaf.location.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-aaf-keys - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml deleted file mode 100644 index be4b863195..0000000000 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ /dev/null @@ -1,627 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - msb.onap.org/service-info: '[ - { - "serviceName": "_aai-generic-query", - "version": "v11", - "url": "/aai/v11/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/search/generic-query" - }, - { - "serviceName": "_aai-generic-query", - "version": "v12", - "url": "/aai/v12/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/search/generic-query" - }, - { - "serviceName": "_aai-generic-query", - "version": "v13", - "url": "/aai/v13/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/search/generic-query" - }, - { - "serviceName": "_aai-generic-query", - "version": "v14", - "url": "/aai/v14/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/search/generic-query" - }, - { - "serviceName": "_aai-generic-query", - "version": "v15", - "url": "/aai/v15/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/search/generic-query" - }, - { - "serviceName": "_aai-generic-query", - "version": "v16", - "url": "/aai/v16/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/search/generic-query" - }, - { - "serviceName": "_aai-nodes-query", - "version": "v11", - "url": "/aai/v11/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/search/nodes-query" - }, - { - "serviceName": "_aai-nodes-query", - "version": "v12", - "url": "/aai/v12/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/search/nodes-query" - }, - { - "serviceName": "_aai-nodes-query", - "version": "v13", - "url": "/aai/v13/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/search/nodes-query" - }, - { - "serviceName": "_aai-nodes-query", - "version": "v14", - "url": "/aai/v14/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/search/nodes-query" - }, - { - "serviceName": "_aai-nodes-query", - "version": "v15", - "url": "/aai/v15/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/search/nodes-query" - }, - { - "serviceName": "_aai-nodes-query", - "version": "v16", - "url": "/aai/v16/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/search/nodes-query" - }, - { - "serviceName": "_aai-query", - "version": "v11", - "url": "/aai/v11/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/query" - }, - { - "serviceName": "_aai-query", - "version": "v12", - "url": "/aai/v12/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/query" - }, - { - "serviceName": "_aai-query", - "version": "v13", - "url": "/aai/v13/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/query" - }, - { - "serviceName": "_aai-query", - "version": "v14", - "url": "/aai/v14/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/query" - }, - { - "serviceName": "_aai-query", - "version": "v15", - "url": "/aai/v15/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/query" - }, - { - "serviceName": "_aai-query", - "version": "v16", - "url": "/aai/v16/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/query" - }, - { - "serviceName": "_aai-named-query", - "url": "/aai/search", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/search" - }, - { - "serviceName": "aai-generic-query", - "version": "v11", - "url": "/aai/v11/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-generic-query", - "version": "v12", - "url": "/aai/v12/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-generic-query", - "version": "v13", - "url": "/aai/v13/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-generic-query", - "version": "v14", - "url": "/aai/v14/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-generic-query", - "version": "v15", - "url": "/aai/v15/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-generic-query", - "version": "v16", - "url": "/aai/v16/search/generic-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-nodes-query", - "version": "v11", - "url": "/aai/v11/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-nodes-query", - "version": "v12", - "url": "/aai/v12/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-nodes-query", - "version": "v13", - "url": "/aai/v13/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-nodes-query", - "version": "v14", - "url": "/aai/v14/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-nodes-query", - "version": "v15", - "url": "/aai/v15/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-nodes-query", - "version": "v16", - "url": "/aai/v16/search/nodes-query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-query", - "version": "v11", - "url": "/aai/v11/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-query", - "version": "v12", - "url": "/aai/v12/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-query", - "version": "v13", - "url": "/aai/v13/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-query", - "version": "v14", - "url": "/aai/v14/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-query", - "version": "v15", - "url": "/aai/v15/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-query", - "version": "v16", - "url": "/aai/v16/query", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-named-query", - "url": "/aai/search", - "protocol": "REST", - "port": "8446", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - } - ]' - spec: - hostname: aai-traversal - {{ if .Values.global.initContainers.enabled }} - initContainers: - - command: - {{ if .Values.global.jobs.createSchema.enabled }} - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-aai-graphadmin-create-db-schema - {{ else }} - - /root/ready.py - args: - - --container-name - - aai-cassandra - - --container-name - - aai-schema-service - {{ end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - {{ end }} - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: DISABLE_UPDATE_QUERY - value: {{ .Values.config.disableUpdateQuery | quote }} - - name: LOCAL_USER_ID - value: {{ .Values.global.config.userId | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.global.config.groupId | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf - subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf - subPath: janusgraph-cached.properties - - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf - subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-GQ - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/aai-traversal/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf - subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties - name: {{ include "common.fullname" . }}-realm-conf - subPath: realm.properties - - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.keyfile - - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv - name: {{ include "common.fullname" . }}-aaf-certs - subPath: bath_config.csv - - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props - name: {{ include "common.fullname" . }}-aaf-properties - subPath: org.onap.aai.props - - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props - name: {{ include "common.fullname" . }}-aaf-properties - subPath: org.osaaf.location.props - - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties - name: {{ include "common.fullname" . }}-aaf-properties - subPath: permissions.properties - - mountPath: /opt/app/aai-traversal/resources/cadi.properties - name: {{ include "common.fullname" . }}-aaf-properties - subPath: cadi.properties - - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.p12 - - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks - name: aai-common-aai-auth-mount - subPath: truststoreONAPall.jks - - mountPath: /opt/app/aai-traversal/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf - subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-filebeat - resources: -{{ include "common.resources" . }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-aaf-properties - configMap: - name: {{ include "common.fullname" . }}-aaf-props - - name: {{ include "common.fullname" . }}-aaf-certs - secret: - secretName: {{ include "common.fullname" . }}-aaf-keys - - name: aai-common-aai-auth-mount - secret: - secretName: aai-common-aai-auth - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml deleted file mode 100644 index a746f54470..0000000000 --- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright © 2017-2018 AT&T -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{ if .Values.global.jobs.updateQueryData.enabled }} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-update-query-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - template: - metadata: - labels: - app: {{ include "common.name" . }}-job - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aai - {{ if eq .Values.global.aafEnabled true }} - - --container-name - - aaf-locate - {{ end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - name: {{ include "common.name" . }}-job - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - bash - - "-c" - - | - set -x - mkdir -p /opt/aai/logroot/AAI-GQ/misc - until nc -w10 -z -v aai.{{.Release.Namespace}} 8443; do echo "Retrying to reach aai on port 8443"; done; - bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh - env: - - name: LOCAL_USER_ID - value: {{ .Values.global.config.userId | quote }} - - name: LOCAL_GROUP_ID - value: {{ .Values.global.config.groupId | quote }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf - subPath: janusgraph-realtime.properties - - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf - subPath: janusgraph-cached.properties - - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf - subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-GQ/ - name: {{ include "common.fullname" . }}-logs - - mountPath: /opt/app/aai-traversal/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf - subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-traversal/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf - subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-logs - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-update-query - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - restartPolicy: OnFailure - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" -{{ end }} diff --git a/kubernetes/aai/charts/aai-traversal/templates/service.yaml b/kubernetes/aai/charts/aai-traversal/templates/service.yaml deleted file mode 100644 index d1199125d2..0000000000 --- a/kubernetes/aai/charts/aai-traversal/templates/service.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/aai/charts/aai-traversal/values.yaml b/kubernetes/aai/charts/aai-traversal/values.yaml deleted file mode 100644 index 63e1444f98..0000000000 --- a/kubernetes/aai/charts/aai-traversal/values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for traversal. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - - -# application image -repository: nexus3.onap.org:10001 -image: onap/aai-traversal:1.4-STAGING-latest -pullPolicy: Always -restartPolicy: Always -flavor: small -# application configuration -config: - - # Specifies timeout information such as application specific and limits - timeout: - # If set to true application will timeout for queries taking longer than limit - enabled: true - # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout - appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1 - # Specifies how long should it wait before timing out the REST request - limit: 180000 - - # Disables the updateQueryData script to run as part of traversal - disableUpdateQuery: true - -persistence: - mountPath: /dockerdata-nfs - mountSubPath: aai/aai-traversal - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 60 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - portName: aai-traversal-8446 - internalPort: 8446 - portName2: aai-traversal-5005 - internalPort2: 5005 - -ingress: - enabled: false - -# Configure resource requests and limits -# ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 1 - memory: 3Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi - unlimited: {} diff --git a/kubernetes/aai/requirements.yaml b/kubernetes/aai/requirements.yaml deleted file mode 100644 index 01f6f1a9aa..0000000000 --- a/kubernetes/aai/requirements.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~4.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore deleted file mode 100644 index d50b33ed93..0000000000 Binary files a/kubernetes/aai/resources/config/aai/aai_keystore and /dev/null differ diff --git a/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 b/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 deleted file mode 100644 index 7a4979a7a3..0000000000 Binary files a/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore deleted file mode 100644 index f6ebc75ed8..0000000000 Binary files a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore and /dev/null differ diff --git a/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore deleted file mode 100644 index d68bf73815..0000000000 Binary files a/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/resources/config/haproxy/aai.pem b/kubernetes/aai/resources/config/haproxy/aai.pem deleted file mode 100644 index e6dfd6a63d..0000000000 --- a/kubernetes/aai/resources/config/haproxy/aai.pem +++ /dev/null @@ -1,82 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE -BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp -bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow -azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ -YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx -CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj -PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr -qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ -XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY -yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM -r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl -ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E -BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN -MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN -MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS -Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh -cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs -YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2 -ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h -cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh -aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y -ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh -UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO -N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s -fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy -3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt -ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB -RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN -MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG -A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL -neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d -o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 -nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV -v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO -15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw -gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV -M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B -AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q -ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl -u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ -+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ -QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht -8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX -kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 -aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky -uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w -tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep -BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI -tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ -V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o -gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2 -J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6 -DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp -N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ -b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N -4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs -eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM -86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j -MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E -TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl -gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB -A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP -DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g -b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif -w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L -QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi -XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI -gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9 -71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J -lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9 -7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk -vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk= ------END RSA PRIVATE KEY----- diff --git a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg deleted file mode 100644 index 1c82050db0..0000000000 --- a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -global - log /dev/log local0 - stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin - stats timeout 30s - user root - group root - daemon - ################################# - # Default SSL material locations# - ################################# - ca-base /etc/ssl/certs - crt-base /etc/ssl/private - - # Default ciphers to use on SSL-enabled listening sockets. - # For more information, see ciphers(1SSL). This list is from: - # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ - # An alternative list with additional directives can be obtained from - # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy - tune.ssl.default-dh-param 2048 - -defaults - log global - mode http - option httplog - option ssl-hello-chk - option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ== - default-server init-addr none -# option dontlognull -# errorfile 400 /etc/haproxy/errors/400.http -# errorfile 403 /etc/haproxy/errors/403.http -# errorfile 408 /etc/haproxy/errors/408.http -# errorfile 500 /etc/haproxy/errors/500.http -# errorfile 502 /etc/haproxy/errors/502.http -# errorfile 503 /etc/haproxy/errors/503.http -# errorfile 504 /etc/haproxy/errors/504.http - - option http-server-close - option forwardfor except 127.0.0.1 - retries 6 - option redispatch - maxconn 50000 - timeout connect 50000 - timeout client 480000 - timeout server 480000 - timeout http-keep-alive 30000 - - -frontend IST_8443 - mode http - bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem -# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r - log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r" - option httplog - log global - option logasap - option forwardfor - capture request header Host len 100 - capture response header Host len 100 - option log-separate-errors - option forwardfor - http-request set-header X-Forwarded-Proto https if { ssl_fc } - http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used } - http-request set-header X-AAI-SSL %[ssl_fc] - http-request set-header X-AAI-SSL-Client-Verify %[ssl_c_verify] - http-request set-header X-AAI-SSL-Client-DN %{+Q}[ssl_c_s_dn] - http-request set-header X-AAI-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)] - http-request set-header X-AAI-SSL-Issuer %{+Q}[ssl_c_i_dn] - http-request set-header X-AAI-SSL-Client-NotBefore %{+Q}[ssl_c_notbefore] - http-request set-header X-AAI-SSL-Client-NotAfter %{+Q}[ssl_c_notafter] - http-request set-header X-AAI-SSL-ClientCert-Base64 %{+Q}[ssl_c_der,base64] - http-request set-header X-AAI-SSL-Client-OU %{+Q}[ssl_c_s_dn(OU)] - http-request set-header X-AAI-SSL-Client-L %{+Q}[ssl_c_s_dn(L)] - http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)] - http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)] - http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)] - reqadd X-Forwarded-Proto:\ https - reqadd X-Forwarded-Port:\ 8443 - -####################### -#ACLS FOR PORT 8446#### -####################### - - acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$ - acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$ - acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$ - acl is_named-query path_beg -i /aai/search/named-query - acl is_search-model path_beg -i /aai/search/model - use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model - - default_backend IST_Default_8447 - - -####################### -#DEFAULT BACKEND 847### -####################### - -backend IST_Default_8447 - balance roundrobin - http-request set-header X-Forwarded-Port %[src_port] - http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none - - -####################### -# BACKEND 8446######### -####################### - -backend IST_AAI_8446 - balance roundrobin - http-request set-header X-Forwarded-Port %[src_port] - http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none - -listen IST_AAI_STATS - mode http - bind *:8080 - stats uri /stats - stats enable - stats refresh 30s - stats hide-version - stats auth admin:admin - stats show-legends - stats show-desc IST AAI APPLICATION NODES - stats admin if TRUE diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg deleted file mode 100644 index 8beae0ee81..0000000000 --- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -global - log /dev/log local0 - stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin - stats timeout 30s - user root - group root - daemon - ################################# - # Default SSL material locations# - ################################# - ca-base /etc/ssl/certs - crt-base /etc/ssl/private - - # Default ciphers to use on SSL-enabled listening sockets. - # For more information, see ciphers(1SSL). This list is from: - # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ - # An alternative list with additional directives can be obtained from - # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy - tune.ssl.default-dh-param 2048 - -defaults - log global - mode http - option httplog - option ssl-hello-chk - option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ== - default-server init-addr none -# option dontlognull -# errorfile 400 /etc/haproxy/errors/400.http -# errorfile 403 /etc/haproxy/errors/403.http -# errorfile 408 /etc/haproxy/errors/408.http -# errorfile 500 /etc/haproxy/errors/500.http -# errorfile 502 /etc/haproxy/errors/502.http -# errorfile 503 /etc/haproxy/errors/503.http -# errorfile 504 /etc/haproxy/errors/504.http - - option http-server-close - option forwardfor except 127.0.0.1 - retries 6 - option redispatch - maxconn 50000 - timeout connect 50000 - timeout client 480000 - timeout server 480000 - timeout http-keep-alive 30000 - - -frontend IST_8443 - mode http - bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem -# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r - log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r" - option httplog - log global - option logasap - option forwardfor - capture request header Host len 100 - capture response header Host len 100 - option log-separate-errors - option forwardfor - http-request set-header X-Forwarded-Proto https if { ssl_fc } - http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used } - http-request set-header X-AAI-SSL %[ssl_fc] - http-request set-header X-AAI-SSL-Client-Verify %[ssl_c_verify] - http-request set-header X-AAI-SSL-Client-DN %{+Q}[ssl_c_s_dn] - http-request set-header X-AAI-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)] - http-request set-header X-AAI-SSL-Issuer %{+Q}[ssl_c_i_dn] - http-request set-header X-AAI-SSL-Client-NotBefore %{+Q}[ssl_c_notbefore] - http-request set-header X-AAI-SSL-Client-NotAfter %{+Q}[ssl_c_notafter] - http-request set-header X-AAI-SSL-ClientCert-Base64 %{+Q}[ssl_c_der,base64] - http-request set-header X-AAI-SSL-Client-OU %{+Q}[ssl_c_s_dn(OU)] - http-request set-header X-AAI-SSL-Client-L %{+Q}[ssl_c_s_dn(L)] - http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)] - http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)] - http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)] - reqadd X-Forwarded-Proto:\ https - reqadd X-Forwarded-Port:\ 8443 - -####################### -#ACLS FOR PORT 8446#### -####################### - - acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$ - acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$ - acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$ - acl is_named-query path_beg -i /aai/search/named-query - acl is_search-model path_beg -i /aai/search/model - use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model - - default_backend IST_Default_8447 - - -####################### -#DEFAULT BACKEND 847### -####################### - -backend IST_Default_8447 - balance roundrobin - http-request set-header X-Forwarded-Port %[src_port] - http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none - - -####################### -# BACKEND 8446######### -####################### - -backend IST_AAI_8446 - balance roundrobin - http-request set-header X-Forwarded-Port %[src_port] - http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none - -listen IST_AAI_STATS - mode http - bind *:8080 - stats uri /stats - stats enable - stats refresh 30s - stats hide-version - stats auth admin:admin - stats show-legends - stats show-desc IST AAI APPLICATION NODES - stats admin if TRUE diff --git a/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 b/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 deleted file mode 100644 index 023e2eaac6..0000000000 Binary files a/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 and /dev/null differ diff --git a/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore b/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore deleted file mode 100644 index 99129c145f..0000000000 Binary files a/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/resources/config/rproxy/security/keyfile b/kubernetes/aai/resources/config/rproxy/security/keyfile deleted file mode 100644 index 3416d4a737..0000000000 --- a/kubernetes/aai/resources/config/rproxy/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml deleted file mode 100644 index 651bf8dbba..0000000000 --- a/kubernetes/aai/templates/configmap.yaml +++ /dev/null @@ -1,103 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# this is a shared resource for subcharts -apiVersion: v1 -kind: ConfigMap -metadata: - name: aai-filebeat - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: aai-deployment-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ if .Values.global.installSidecarSecurity }} -{{ tpl (.Files.Glob "resources/config/haproxy/haproxy-pluggable-security.cfg").AsConfig . | indent 2 }} -{{ else }} -{{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }} -{{ end }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: aai-haproxy-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/haproxy/aai.pem").AsSecrets . | indent 2 }} -# This is a shared key for both resources and traversal ---- -apiVersion: v1 -kind: Secret -metadata: - name: aai-auth-truststore-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: aai-fproxy-auth-certs - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: aai-rproxy-auth-certs - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: aai-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }} -{{ end }} \ No newline at end of file diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml deleted file mode 100644 index 8c107303ac..0000000000 --- a/kubernetes/aai/templates/deployment.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ .Release.Name }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aai-resources - - --container-name - - aai-traversal - - --container-name - - aai-graphadmin - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /dev/log - name: aai-service-log - - mountPath: /usr/local/etc/haproxy/haproxy.cfg - {{ if .Values.global.installSidecarSecurity }} - subPath: haproxy-pluggable-security.cfg - {{ else }} - subPath: haproxy.cfg - {{ end }} - name: haproxy-cfg - - mountPath: /etc/ssl/private/aai.pem - name: aai-pem - subPath: aai.pem - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort2 }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - httpGet: - path: /aai/util/echo - port: {{ .Values.service.internalPort2 }} - scheme: HTTPS - httpHeaders: - - name: X-FromAppId - value: OOM_ReadinessCheck - {{ if .Values.global.installSidecarSecurity }} - - name: Authorization - value: Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ== - {{ end }} - - name: X-TransactionId - value: {{ uuidv4 }} - - name: Accept - value: application/json - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aai-service-log - hostPath: - path: "/dev/log" - - name: haproxy-cfg - configMap: - name: aai-deployment-configmap - - name: aai-pem - secret: - secretName: aai-haproxy-secret - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/templates/secret.yaml b/kubernetes/aai/templates/secret.yaml deleted file mode 100644 index f01f11df78..0000000000 --- a/kubernetes/aai/templates/secret.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: aai-common-aai-auth - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: aai-common-truststore - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml deleted file mode 100644 index 91bdb2e904..0000000000 --- a/kubernetes/aai/templates/service.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - {{if eq .Values.service.type "NodePort" -}} - - name: {{ .Values.service.portName }} - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - - name: {{ .Values.service.portName2 }} - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - type: {{ .Values.service.type }} - selector: - app: {{ include "common.name" . }} - clusterIP: {{ .Values.service.aaiServiceClusterIp }} diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml deleted file mode 100644 index 1d3a3a5d24..0000000000 --- a/kubernetes/aai/values.yaml +++ /dev/null @@ -1,291 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for aai. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - dockerhubRepository: docker.io - busyboxImage: busybox - - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - - restartPolicy: Always - - installSidecarSecurity: false - aafEnabled: true - - fproxy: - name: forward-proxy - activeSpringProfiles: noHostVerification,cadi - image: onap/fproxy:2.1-STAGING-latest - port: 10680 - - rproxy: - name: reverse-proxy - activeSpringProfiles: noHostVerification,cadi - image: onap/rproxy:2.1-STAGING-latest - port: 10692 - - tproxyConfig: - name: init-tproxy-config - image: onap/tproxy-config:2.1-STAGING-latest - - # AAF server details. Only needed if the AAF DNS does not resolve from the pod - aaf: - serverIp: 10.12.6.214 - serverHostname: aaf.osaaf.org - serverPort: 30247 - - cassandra: - serviceName: aai-cassandra - replicas: 3 - - aai: - serviceName: aai - babel: - serviceName: aai-babel - champ: - serviceName: aai-champ - aaiElasticsearch: - serviceName: aai-elasticsearch - resources: - serviceName: aai-resources - sparkyBe: - serviceName: aai-sparky-be - dataRouter: - serviceName: aai-data-router - gizmo: - serviceName: aai-gizmo - modelloader: - serviceName: aai-modelloader - searchData: - serviceName: aai-search-data - traversal: - serviceName: aai-traversal - graphadmin: - serviceName: aai-graphadmin - spike: - serviceName: aai-spike - - initContainers: - enabled: true - # Specifies a list of jobs to be run - jobs: - # When enabled, it will create the schema based on oxm and edge rules - createSchema: - enabled: true - # When enabled, it will create the widget models via REST API to haproxy - updateQueryData: - enabled: true - - # Common configuration for resources traversal and graphadmin - config: - # User information for the admin user in container - userId: 1000 - groupId: 1000 - - # Specifies that the cluster connected to a dynamic - # cluster being spinned up by kubernetes deployment - cluster: - cassandra: - dynamic: true - - # If cluster.cassandra.dynamic is set to false - # Then the following configuration should be uncommented - # This is if you are planning to connect to a existing - # Cassandra cluster instead of doing the deployment - #storage: - # backend: cassandra - # hostname: somehost1,somehost2,somehost3 - # connectionTimeout: 100000 - # cacheSize: 1000000 - # clusterName: someClusterName - # localDataCenter: someDataCenter - # keyConsistent: true - # # If backend is cql or cassandra it should be keyspace name - # # else backend is hbase it should be hbase table name - # name: your_hbase_table_or_keyspace_name - - # # CQL driver specific properties for janusgraph - # cql: - # # Name of the Cassandra Cluster - # cluster: someclustername - # readConsistency: QUORUM - # writeConsistency: QUORUM - # replicationFactor: 3 - # localConsistencyForSysOps: true - - # # Cassandra driver specific properties for janusgraph - # cassandra: - # # Name of the Cassandra Cluster - # cluster: someclustername - # readConsistency: LOCAL_QUORUM - # writeConsistency: LOCAL_QUORUM - # replicationFactor: 3 - - # Specifies if the basic authorization is enabled - basic: - auth: - enabled: true - username: AAI - passwd: AAI - - # Active spring profiles for the resources microservice - profiles: - active: production,dmaap,aaf-auth - - # Notification event specific properties - notification: - eventType: AAI-EVENT - domain: dev - - # Schema specific properties that include supported versions of api - schema: - # Specifies if the connection should be one way ssl, two way ssl or no auth - service: - client: one-way-ssl - # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service - translator: - list: schema-service - source: - # Specifies which folder to take a look at - name: onap - uri: - # Base URI Path of the application - base: - path: /aai - version: - # Current version of the REST API - api: - default: v16 - # Specifies which version the depth parameter is configurable - depth: v11 - # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16 - # Specifies from which version related link should appear - related: - link: v11 - # Specifies from which version the app root change happened - app: - root: v11 - # Specifies from which version the xml namespace changed - namespace: - change: v12 - # Specifies from which version the edge label appeared in API - edge: - label: v12 - - # Keystore configuration password and filename - keystore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Truststore configuration password and filename - truststore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Specifies a list of files to be included in auth volume - auth: - files: - - aai_keystore - - # Specifies which clients should always default to realtime graph connection - realtime: - clients: SDNC,MSO,SO,robot-ete - - # Logback debug enabled - logback: - console: - # If enabled, container will print all logback to standard output - # This will make debugging much easier but it should only be done - # when debugging the issue and changed back as it can affect performance - # since when this is enabled, it prints a lot of information to console - enabled: false - -# application image -dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.2.4 -pullPolicy: Always - -flavor: small - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: - logstashServiceName: log-ls - logstashPort: 5044 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName: aai - externalPort: 8080 - internalPort: 8080 - nodePort: 32 - portName2: aai-ssl - externalPort2: 8443 - internalPort2: 8443 - nodePort2: 33 - # POLICY hotfix - Note this must be temporary - # See https://jira.onap.org/browse/POLICY-510 - aaiServiceClusterIp: - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml index 5f1cc5ae24..1df20c291d 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml @@ -30,21 +30,6 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.config.appcChartName }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} command: ["/bin/bash"] diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml index 1e15919b82..59cf29f70c 100644 --- a/kubernetes/appc/charts/appc-ansible-server/values.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml @@ -29,7 +29,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-ansible-server-image:0.4.1-STAGING-latest +image: onap/ccsdk-ansible-server-image:0.4.2 pullPolicy: Always # flag to enable debugging - application support required @@ -89,7 +89,7 @@ persistence: size: 1Gi mountPath: /dockerdata-nfs mountSubPath: appc/ansible - playbookPath: /home/ansible + playbookPath: /var/local ingress: enabled: false diff --git a/kubernetes/appc/charts/appc-cdt/values.yaml b/kubernetes/appc/charts/appc-cdt/values.yaml index d302c4d630..0b84af1002 100644 --- a/kubernetes/appc/charts/appc-cdt/values.yaml +++ b/kubernetes/appc/charts/appc-cdt/values.yaml @@ -26,7 +26,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/appc-cdt-image:1.5.0-SNAPSHOT-latest +image: onap/appc-cdt-image:1.5.0 pullPolicy: Always # application configuration diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh index 481163a1d5..825f7ab56a 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh @@ -13,11 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -startODL_status=$(ps -e | grep startODL | wc -l) waiting_bundles=$(/opt/opendaylight/current/bin/client bundle:list | grep Waiting | wc -l) run_level=$(/opt/opendaylight/current/bin/client system:start-level) - if [ "$run_level" == "Level 100" ] && [ "$startODL_status" -lt "1" ] && [ "$waiting_bundles" -lt "1" ] + if [ "$run_level" == "Level 100" ] && [ "$waiting_bundles" -lt "1" ] then echo APPC is healthy. else diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index f3d20bc3a4..65e47567b7 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -31,7 +31,7 @@ global: flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/appc-image:1.5.0-SNAPSHOT-latest +image: onap/appc-image:1.5.0 pullPolicy: Always # flag to enable debugging - application support required @@ -103,15 +103,15 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 300 + periodSeconds: 60 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 300 + periodSeconds: 60 service: type: NodePort diff --git a/kubernetes/cds/Chart.yaml b/kubernetes/cds/Chart.yaml index fa430d2f78..acf35d4c8b 100644 --- a/kubernetes/cds/Chart.yaml +++ b/kubernetes/cds/Chart.yaml @@ -14,6 +14,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP Common Design Studio +description: ONAP Controller Design Studio (CDS) name: cds version: 4.0.0 diff --git a/kubernetes/cds/charts/blueprints-processor/Chart.yaml b/kubernetes/cds/charts/cds-blueprints-processor/Chart.yaml similarity index 87% rename from kubernetes/cds/charts/blueprints-processor/Chart.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/Chart.yaml index 389097437c..0563675792 100755 --- a/kubernetes/cds/charts/blueprints-processor/Chart.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Blueprints Processor Micro Service -name: blueprints-processor +description: ONAP CDS Blueprints Processor +name: cds-blueprints-processor version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/requirements.yaml b/kubernetes/cds/charts/cds-blueprints-processor/requirements.yaml similarity index 100% rename from kubernetes/cds/charts/blueprints-processor/requirements.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/requirements.yaml diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties similarity index 73% rename from kubernetes/cds/charts/blueprints-processor/resources/config/application.properties rename to kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties index c25176f971..d2d043deea 100755 --- a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties @@ -1,47 +1,60 @@ -# Copyright (c) 2019 IBM, Bell Canada. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Functionality config -blueprintsprocessor.grpcEnable=true -blueprintsprocessor.restconfEnabled=true -blueprintsprocessor.httpPort=8080 -blueprintsprocessor.grpcPort=9111 - -# Basic Authentication -security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu -security.user.name: ccsdkapps - -# Blueprint Processor File Execution and Handling Properties -blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy -blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive - -# Primary Database Configuration -blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl -blueprintsprocessor.db.primary.username=sdnctl -blueprintsprocessor.db.primary.password=sdnctl -blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver -blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update -blueprintsprocessor.db.primary.hibernateDDLAuto=update -blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy -blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect - -# Python executor -blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints -blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf - -# SDN-C's ODL Restconf Connection Details -blueprintsprocessor.restclient.sdncodl.type=basic-auth -blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/ -blueprintsprocessor.restclient.sdncodl.username=admin -blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U \ No newline at end of file +# +# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Web server config +blueprintsprocessor.grpcEnable=true +blueprintsprocessor.httpPort=8080 +blueprintsprocessor.grpcPort=9111 + +# Blueprint Processor File Execution and Handling Properties +blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy +blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive +blueprintsprocessor.blueprintWorkingPath=/opt/app/onap/blueprints/work + +# Primary Database Configuration +blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl +blueprintsprocessor.db.primary.username=sdnctl +blueprintsprocessor.db.primary.password=sdnctl +blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver +blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update +blueprintsprocessor.db.primary.hibernateDDLAuto=update +blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy +blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect + +# Python executor +blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints +blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf,/opt/app/onap/scripts/jython/ccsdk_restconf + +security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu +security.user.name: ccsdkapps + +# SDN-C's ODL Restconf Connection Details +blueprintsprocessor.restconfEnabled=true +blueprintsprocessor.restclient.sdncodl.type=basic-auth +blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/ +blueprintsprocessor.restclient.sdncodl.username=admin +blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + +# Executor Options +blueprintprocessor.resourceResolution.enabled=true +blueprintprocessor.netconfExecutor.enabled=true +blueprintprocessor.restConfExecutor.enabled=true +blueprintprocessor.remoteScriptCommand.enabled=true + +# Command executor +blueprintsprocessor.grpcclient.remote-python.type=token-auth +blueprintsprocessor.grpcclient.remote-python.host=cds-command-executor +blueprintsprocessor.grpcclient.remote-python.port=50051 +blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== \ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/logback.xml similarity index 96% rename from kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml rename to kubernetes/cds/charts/cds-blueprints-processor/resources/config/logback.xml index b73db7145f..349336ee79 100755 --- a/kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/logback.xml @@ -30,14 +30,13 @@ - - + - + diff --git a/kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/configmap.yaml similarity index 100% rename from kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/templates/configmap.yaml diff --git a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml similarity index 93% rename from kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index 876f24937d..736b5cea24 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -54,9 +54,7 @@ spec: value: {{ .Values.config.appConfigDir }} ports: - containerPort: {{ .Values.service.http.internalPort }} - {{ if .Values.config.grpcEnabled }} - containerPort: {{ .Values.service.grpc.internalPort }} - {{ end }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -89,6 +87,8 @@ spec: - mountPath: {{ .Values.config.appConfigDir }}/logback.xml name: {{ include "common.fullname" . }}-config subPath: logback.xml + - mountPath: {{ .Values.persistence.deployedBlueprint }} + name: {{ include "common.fullname" . }}-blueprints resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,5 +111,8 @@ spec: path: application.properties - key: logback.xml path: logback.xml + - name: {{ include "common.fullname" . }}-blueprints + persistentVolumeClaim: + claimName: {{ .Release.Name }}-cds-blueprints imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-cs/templates/pv.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml old mode 100644 new mode 100755 similarity index 86% rename from kubernetes/sdc/charts/sdc-cs/templates/pv.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml index 9ceef30007..812108760b --- a/kubernetes/sdc/charts/sdc-cs/templates/pv.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,17 +15,18 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if not .Values.persistence.storageClass -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-blueprints namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-blueprints spec: capacity: storage: {{ .Values.persistence.size}} @@ -36,3 +36,4 @@ spec: hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-cs/templates/pvc.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml old mode 100644 new mode 100755 similarity index 85% rename from kubernetes/sdc/charts/sdc-cs/templates/pvc.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml index 2f343c83dc..98b55716c5 --- a/kubernetes/sdc/charts/sdc-cs/templates/pvc.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ .Release.Name }}-cds-blueprints namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -28,12 +27,14 @@ metadata: heritage: "{{ .Release.Service }}" {{- if .Values.persistence.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: +{{- if not .Values.persistence.storageClass }} selector: matchLabels: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-blueprints +{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: diff --git a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/service.yaml old mode 100644 new mode 100755 similarity index 54% rename from kubernetes/aai/charts/aai-champ/templates/secrets.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/templates/service.yaml index fa1895645c..8985424576 --- a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,47 +13,46 @@ # limitations under the License. apiVersion: v1 -kind: Secret +kind: Service metadata: - name: {{ include "common.fullname" . }}-champ + name: {{ include "common.servicename" . }}-http namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/appconfig/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-pass - namespace: {{ include "common.namespace" . }} - labels: + annotations: +spec: + type: {{ .Values.service.http.type }} + ports: + - port: {{ .Values.service.http.externalPort }} + targetPort: {{ .Values.service.http.internalPort }} + {{- if eq .Values.service.http.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.http.nodePort }} + {{- end}} + name: {{ .Values.service.http.portName | default "http" }} + selector: app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }} - KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }} - -{{ if .Values.global.installSidecarSecurity }} --- apiVersion: v1 -kind: Secret +kind: Service metadata: - name: {{ include "common.fullname" . }}-rproxy-auth-config + name: {{ include "common.servicename" . }}-grpc namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} -{{ end }} \ No newline at end of file + annotations: +spec: + type: {{ .Values.service.grpc.type }} + ports: + - port: {{ .Values.service.grpc.externalPort }} + targetPort: {{ .Values.service.grpc.internalPort }} + name: {{ .Values.service.grpc.portName | default "grpc" }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/cds/charts/blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml similarity index 91% rename from kubernetes/cds/charts/blueprints-processor/values.yaml rename to kubernetes/cds/charts/cds-blueprints-processor/values.yaml index 10169d5dc7..6b88f841f4 100755 --- a/kubernetes/cds/charts/blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml @@ -20,7 +20,7 @@ global: # Change to an unused port prefix range to prevent port conflicts # with other instances running within the same k8s cluster - nodePortPrefix: 302 + nodePortPrefixExt: 304 # image repositories repository: nexus3.onap.org:10001 @@ -40,7 +40,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-blueprintsprocessor:0.4-STAGING-latest +image: onap/ccsdk-blueprintsprocessor:0.4.2 pullPolicy: Always # flag to enable debugging - application support required @@ -70,18 +70,26 @@ readiness: periodSeconds: 10 service: - type: ClusterIP http: + type: NodePort portName: blueprints-processor-http internalPort: 8080 externalPort: 8080 + nodePort: 99 grpc: + type: ClusterIP portName: blueprints-processor-grpc internalPort: 9111 externalPort: 9111 + persistence: + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi enabled: true + mountSubPath: cds/blueprints/deploy + deployedBlueprint: /opt/app/onap/blueprints/deploy ingress: enabled: false diff --git a/kubernetes/aai/charts/aai-sparky-be/Chart.yaml b/kubernetes/cds/charts/cds-command-executor/Chart.yaml old mode 100644 new mode 100755 similarity index 83% rename from kubernetes/aai/charts/aai-sparky-be/Chart.yaml rename to kubernetes/cds/charts/cds-command-executor/Chart.yaml index e10a0b917e..6f17c88c46 --- a/kubernetes/aai/charts/aai-sparky-be/Chart.yaml +++ b/kubernetes/cds/charts/cds-command-executor/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP AAI sparky-be -name: aai-sparky-be -version: 4.0.0 +description: ONAP CDS Command Executor +name: cds-command-executor +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-default.properties b/kubernetes/cds/charts/cds-command-executor/requirements.yaml old mode 100644 new mode 100755 similarity index 83% rename from kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-default.properties rename to kubernetes/cds/charts/cds-command-executor/requirements.yaml index 67a22f71f7..a57d2b6103 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-default.properties +++ b/kubernetes/cds/charts/cds-command-executor/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,5 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -oxm.apiVersion=v14 -oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14 \ No newline at end of file +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml new file mode 100755 index 0000000000..659eddbaef --- /dev/null +++ b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml @@ -0,0 +1,90 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - cds-blueprints-processor + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.grpc.internalPort }} + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.grpc.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.grpc.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: {{ .Values.persistence.deployedBlueprint }} + name: {{ include "common.fullname" . }}-blueprints + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-blueprints + persistentVolumeClaim: + claimName: {{ .Release.Name }}-cds-blueprints + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml b/kubernetes/cds/charts/cds-command-executor/templates/service.yaml similarity index 75% rename from kubernetes/cds/charts/blueprints-processor/templates/service.yaml rename to kubernetes/cds/charts/cds-command-executor/templates/service.yaml index 5c8bc8cc0d..a6888b2fca 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/charts/cds-command-executor/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2019 IBM, Bell Canada +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,12 +26,6 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.http.externalPort }} - targetPort: {{ .Values.service.http.internalPort }} - {{- if eq .Values.service.type "NodePort"}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - {{- end}} - name: {{ .Values.service.http.portName | default "http" }} - port: {{ .Values.service.grpc.externalPort }} targetPort: {{ .Values.service.grpc.internalPort }} {{- if eq .Values.service.type "NodePort"}} diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml old mode 100644 new mode 100755 similarity index 64% rename from kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml rename to kubernetes/cds/charts/cds-command-executor/values.yaml index 23489536e4..0c3ea78442 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml +++ b/kubernetes/cds/charts/cds-command-executor/values.yaml @@ -1,4 +1,6 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 Bell Canada +# +# Modifications Copyright (c) 2019 Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,30 +18,34 @@ # Global configuration defaults. ################################################################# global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster nodePortPrefix: 302 + + # image repositories + repository: nexus3.onap.org:10001 + + # readiness check readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 + + # image pull policy + pullPolicy: Always + + persistence: + mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. ################################################################# # application image -flavor: small - repository: nexus3.onap.org:10001 -image: onap/vfc/nfvo/svnfm/nokia:1.1.0 +image: onap/ccsdk-commandexecutor:0.4.2 pullPolicy: Always -#Istio sidecar injection policy -istioSidecar: true - -# flag to enable debugging - application support required -debugEnabled: false - # application configuration -config: {} +config: + basicAuth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== # default number of instances replicaCount: 1 @@ -50,7 +56,7 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 10 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container @@ -62,29 +68,32 @@ readiness: service: type: ClusterIP - name: vfc-nokia-vnfm-driver - portName: vfc-nokia-vnfm-driver - externalPort: 8486 - internalPort: 8486 -# nodePort: 12 + grpc: + portName: command-executor-grpc + internalPort: 50051 + externalPort: 50051 + +persistence: + enabled: true + mountSubPath: cds/blueprints/deploy + deployedBlueprint: /opt/app/onap/blueprints/deploy ingress: enabled: false -# Configure resource requests and limits resources: small: limits: - cpu: 200m - memory: 2000Mi + cpu: 2 + memory: 4Gi requests: - cpu: 100m - memory: 1000Mi + cpu: 1 + memory: 1Gi large: limits: - cpu: 400m - memory: 4000Mi + cpu: 4 + memory: 8Gi requests: - cpu: 200m - memory: 2000Mi - unlimited: {} \ No newline at end of file + cpu: 2 + memory: 4Gi + unlimited: {} diff --git a/kubernetes/aai/charts/aai-graphadmin/.helmignore b/kubernetes/cds/charts/cds-controller-blueprints/.helmignore similarity index 100% rename from kubernetes/aai/charts/aai-graphadmin/.helmignore rename to kubernetes/cds/charts/cds-controller-blueprints/.helmignore diff --git a/kubernetes/cds/charts/controller-blueprints/Chart.yaml b/kubernetes/cds/charts/cds-controller-blueprints/Chart.yaml similarity index 86% rename from kubernetes/cds/charts/controller-blueprints/Chart.yaml rename to kubernetes/cds/charts/cds-controller-blueprints/Chart.yaml index 5e8b3f35df..fa04a16b00 100644 --- a/kubernetes/cds/charts/controller-blueprints/Chart.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Controller Blueprints Micro Service -name: controller-blueprints +description: ONAP CDS Controller Blueprints +name: cds-controller-blueprints version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/cds/charts/controller-blueprints/requirements.yaml b/kubernetes/cds/charts/cds-controller-blueprints/requirements.yaml similarity index 100% rename from kubernetes/cds/charts/controller-blueprints/requirements.yaml rename to kubernetes/cds/charts/cds-controller-blueprints/requirements.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties similarity index 96% rename from kubernetes/cds/charts/controller-blueprints/resources/config/application.properties rename to kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties index 80fdaf542e..7fde0fd385 100755 --- a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties @@ -49,7 +49,7 @@ resourceSourceMappings=primary-db=source-primary-db,input=source-input,default=s # Controller Blueprints Core Configuration controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy controllerblueprints.blueprintArchivePath=/etc/blueprints/archive -controllerblueprints.blueprintEnrichmentPath=/etc/blueprints/enrichment +controllerblueprints.blueprintWorkingPath=/etc/blueprints/work # Controller Blueprint Load Configurations # blueprints.load.initial-data may be overridden by ENV variables controllerblueprints.loadInitialData={{ .Values.config.initDataLoad }} diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/logback.xml similarity index 97% rename from kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml rename to kubernetes/cds/charts/cds-controller-blueprints/resources/config/logback.xml index b73db7145f..24383587dd 100644 --- a/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml +++ b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/logback.xml @@ -30,12 +30,11 @@ - - + diff --git a/kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml b/kubernetes/cds/charts/cds-controller-blueprints/templates/configmap.yaml similarity index 100% rename from kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml rename to kubernetes/cds/charts/cds-controller-blueprints/templates/configmap.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml b/kubernetes/cds/charts/cds-controller-blueprints/templates/deployment.yaml similarity index 100% rename from kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml rename to kubernetes/cds/charts/cds-controller-blueprints/templates/deployment.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/templates/service.yaml b/kubernetes/cds/charts/cds-controller-blueprints/templates/service.yaml similarity index 100% rename from kubernetes/cds/charts/controller-blueprints/templates/service.yaml rename to kubernetes/cds/charts/cds-controller-blueprints/templates/service.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/values.yaml b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml similarity index 97% rename from kubernetes/cds/charts/controller-blueprints/values.yaml rename to kubernetes/cds/charts/cds-controller-blueprints/values.yaml index 246aae482b..1fc0acb435 100755 --- a/kubernetes/cds/charts/controller-blueprints/values.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml @@ -38,7 +38,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-controllerblueprints:0.4-STAGING-latest +image: onap/ccsdk-controllerblueprints:0.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/aai/charts/aai-data-router/Chart.yaml b/kubernetes/cds/charts/cds-sdc-listener/Chart.yaml old mode 100644 new mode 100755 similarity index 82% rename from kubernetes/aai/charts/aai-data-router/Chart.yaml rename to kubernetes/cds/charts/cds-sdc-listener/Chart.yaml index 47f9f312c7..4385de11c6 --- a/kubernetes/aai/charts/aai-data-router/Chart.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP AAI Data-Router -name: aai-data-router -version: 4.0.0 +description: ONAP CDS SDC listener microservice +name: cds-sdc-listener +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/cds/charts/cds-sdc-listener/requirements.yaml b/kubernetes/cds/charts/cds-sdc-listener/requirements.yaml new file mode 100755 index 0000000000..a57d2b6103 --- /dev/null +++ b/kubernetes/cds/charts/cds-sdc-listener/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml new file mode 100644 index 0000000000..c02eac2231 --- /dev/null +++ b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml @@ -0,0 +1,20 @@ +listenerservice: + config: + asdcAddress: sdc-be:8443 #SDC-BE + messageBusAddress: message-router #Message-Router + user: vid #SDC-username + password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password + pollingInterval: 15 + pollingTimeout: 60 + relevantArtifactTypes: TOSCA_CSAR + consumerGroup: cds + environmentName: AUTO + consumerId: cds + keyStorePassword: + keyStorePath: + activateServerTLSAuth : false + isUseHttpsWithDmaap: false + archivePath: /opt/app/onap/sdc-listener/ + grpcAddress: cds-blueprints-processor + grpcPort: 9111 + authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== \ No newline at end of file diff --git a/kubernetes/cds/charts/cds-sdc-listener/resources/config/logback.xml b/kubernetes/cds/charts/cds-sdc-listener/resources/config/logback.xml new file mode 100644 index 0000000000..5715226eb2 --- /dev/null +++ b/kubernetes/cds/charts/cds-sdc-listener/resources/config/logback.xml @@ -0,0 +1,43 @@ + + + + + + + + + + + + + + ${defaultPattern} + + + + + + + + + + + + + + \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/configmap.yaml b/kubernetes/cds/charts/cds-sdc-listener/templates/configmap.yaml similarity index 78% rename from kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/configmap.yaml rename to kubernetes/cds/charts/cds-sdc-listener/templates/configmap.yaml index 1d0751a01b..e82ac6f5dd 100644 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/configmap.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-logging-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} \ No newline at end of file +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/cds/charts/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/charts/cds-sdc-listener/templates/deployment.yaml new file mode 100644 index 0000000000..0dfc68b459 --- /dev/null +++ b/kubernetes/cds/charts/cds-sdc-listener/templates/deployment.yaml @@ -0,0 +1,102 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - sdc-be + - --container-name + - message-router + - --container-name + - cds-blueprints-processor + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: APP_CONFIG_HOME + value: {{ .Values.config.appConfigDir }} + ports: + - containerPort: {{ .Values.service.http.internalPort }} + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/v1/sdclistener/healthcheck + port: {{ .Values.service.http.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{end}} + readinessProbe: + httpGet: + path: /api/v1/sdclistener/healthcheck + port: {{ .Values.service.http.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: {{ .Values.config.appConfigDir }}/application.yaml + name: {{ include "common.fullname" . }}-config + subPath: application.yaml + - mountPath: {{ .Values.config.appConfigDir }}/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: application.yaml + path: application.yaml + - key: logback.xml + path: logback.xml + imagePullSecrets: + - name: {{ include "common.namespace" . }}-docker-registry-key \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/templates/service.yaml b/kubernetes/cds/charts/cds-sdc-listener/templates/service.yaml similarity index 73% rename from kubernetes/aai/charts/aai-spike/templates/service.yaml rename to kubernetes/cds/charts/cds-sdc-listener/templates/service.yaml index 745c73b0e1..82a6175431 100644 --- a/kubernetes/aai/charts/aai-spike/templates/service.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Service metadata: @@ -25,15 +24,12 @@ metadata: spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort}} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.service.http.externalPort }} + targetPort: {{ .Values.service.http.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.http.portName | default "http" }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-schema-service/values.yaml b/kubernetes/cds/charts/cds-sdc-listener/values.yaml similarity index 57% rename from kubernetes/aai/charts/aai-schema-service/values.yaml rename to kubernetes/cds/charts/cds-sdc-listener/values.yaml index cb8ac55803..7e1c4c5949 100644 --- a/kubernetes/aai/charts/aai-schema-service/values.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,21 +11,43 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -# Default values for resources. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults +################################################################# +# Global configuration defaults. +################################################################# +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster nodePortPrefix: 302 + + # image repositories + repository: nexus3.onap.org:10001 + + # readiness check readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: readiness-check:2.0.0 + # image pull policy + pullPolicy: Always + + persistence: + mountPath: /dockerdata-nfs + +################################################################# +# Application configuration defaults. +################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aai-schema-service:1.0-STAGING-latest +image: onap/ccsdk-sdclistener:0.4.2 +name: sdc-listener pullPolicy: Always -restartPolicy: Always -flavor: small + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + appConfigDir: /opt/app/onap/config + # default number of instances replicaCount: 1 @@ -35,26 +57,30 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 - periodSeconds: 60 + initialDelaySeconds: 10 + periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: false + enabled: true readiness: - initialDelaySeconds: 60 + initialDelaySeconds: 10 periodSeconds: 10 service: type: ClusterIP - portName: aai-schema-service-8452 - internalPort: 8452 - portName2: aai-schema-service-5005 - internalPort2: 5005 + http: + portName: cds-sdc-listener-http + internalPort: 8080 + externalPort: 8080 + +persistence: + enabled: true ingress: enabled: false +resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following @@ -64,7 +90,7 @@ ingress: # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory +# Minimum memory for production is 4 CPU cores and 8GB memory #resources: # limits: # cpu: 2 @@ -72,19 +98,3 @@ ingress: # requests: # cpu: 2 # memory: 4Gi -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 1 - memory: 3Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi - unlimited: {} diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config b/kubernetes/cds/charts/cds-ui/Chart.yaml similarity index 84% rename from kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config rename to kubernetes/cds/charts/cds-ui/Chart.yaml index ee131d8414..d168e7cb9f 100644 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config +++ b/kubernetes/cds/charts/cds-ui/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,9 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -[ - { - "id":1, - "name":"View" - } -] +apiVersion: v1 +description: ONAP CDS UI +name: cds-ui +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/cds/charts/cds-ui/requirements.yaml b/kubernetes/cds/charts/cds-ui/requirements.yaml new file mode 100644 index 0000000000..a57d2b6103 --- /dev/null +++ b/kubernetes/cds/charts/cds-ui/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/templates/deployment.yaml b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml similarity index 88% rename from kubernetes/cds/templates/deployment.yaml rename to kubernetes/cds/charts/cds-ui/templates/deployment.yaml index 134e6b7443..ead1b2edbd 100644 --- a/kubernetes/cds/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml @@ -50,6 +50,14 @@ spec: env: - name: HOST value: 0.0.0.0 + - name: API_BLUEPRINT_CONTROLLER_BASE_URL + value: {{ .Values.config.api.controller.baseUrl }} + - name: API_BLUEPRINT_CONTROLLER_AUTH_TOKEN + value: {{ .Values.config.api.controller.authToken }} + - name: API_BLUEPRINT_PROCESSOR_BASE_URL + value: {{ .Values.config.api.processor.baseUrl }} + - name: API_BLUEPRINT_PROCESSOR_AUTH_TOKEN + value: {{ .Values.config.api.processor.authToken }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} diff --git a/kubernetes/cds/templates/service.yaml b/kubernetes/cds/charts/cds-ui/templates/service.yaml similarity index 92% rename from kubernetes/cds/templates/service.yaml rename to kubernetes/cds/charts/cds-ui/templates/service.yaml index f8e91120eb..989321cc9b 100644 --- a/kubernetes/cds/templates/service.yaml +++ b/kubernetes/cds/charts/cds-ui/templates/service.yaml @@ -27,7 +27,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml similarity index 57% rename from kubernetes/aai/charts/aai-champ/values.yaml rename to kubernetes/cds/charts/cds-ui/values.yaml index 331786cf18..1b383fb9f9 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/cds/charts/cds-ui/values.yaml @@ -1,5 +1,5 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada +# Copyright © 2018 Orange +# Modifications Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,23 +17,29 @@ # Global configuration defaults. ################################################################# global: - readinessImage: readiness-check:2.0.2 + nodePortPrefixExt: 304 + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 -################################################################# -# Application configuration defaults. -################################################################# +subChartsOnly: + enabled: true # application image -image: onap/champ:1.4-STAGING-latest - -flavor: small +repository: nexus3.onap.org:10001 +image: onap/ccsdk-cds-ui-server:0.4.2 +pullPolicy: Always # application configuration config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + api: + controller: + baseUrl: http://cds-controller-blueprints:8080/api/v1 + authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + processor: + baseUrl: http://cds-blueprints-processor-http:8080/api/v1 + authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== # default number of instances replicaCount: 1 @@ -44,47 +50,47 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + httpGet: + path: / + port: 3000 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: false + enabled: true readiness: - initialDelaySeconds: 10 + httpGet: + path: /ping + port: 3000 + initialDelaySeconds: 30 periodSeconds: 10 service: type: NodePort - portName: aai-champ - internalPort: 9522 - externalPort: 9522 - nodePort: 78 + portName: cds-ui + name: cds-ui + nodePort: 97 + internalPort: 3000 ingress: enabled: false - +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: small: limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 + cpu: 1 memory: 1Gi + requests: + cpu: 10m + memory: 100Mi large: limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 + cpu: 2 memory: 2Gi + requests: + cpu: 200m + memory: 200Mi unlimited: {} - -# XML beans configuration -event: - port: - dmaap: 3905 - protocol: https - publisher: - topic: champRawEvents diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index 06b7cd1211..cdede47d09 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -1,5 +1,4 @@ -# Copyright © 2018 Orange -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,27 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 303 - readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -subChartsOnly: - enabled: true - -# application image -repository: nexus3.onap.org:10001 -image: onap/ccsdk-cds-ui:1.0.0-STAGING-latest -pullPolicy: Always - -# application configuration -config: - mariadb-galera: config: userName: sdnctl @@ -47,58 +25,4 @@ mariadb-galera: replicaCount: 1 persistence: enabled: true - mountSubPath: cds/data - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - httpGet: - path: /ping - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - -service: - type: NodePort - portName: ui - name: cds - nodePort: 97 - internalPort: 3000 - -ingress: - enabled: false -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 10m - memory: 100Mi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 200m - memory: 200Mi - unlimited: {} + mountSubPath: cds/data \ No newline at end of file diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index b60dbcff38..9356c47522 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:3.0.3 +image: onap/clamp-dashboard-kibana:4.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index ba8f46bdac..b3d93bb601 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:3.0.3 +image: onap/clamp-dashboard-logstash:4.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql index 8e51f62d22..5d6f14f5c6 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql @@ -22,7 +22,7 @@ id bigint not null, log_instant datetime(6) not null, log_type varchar(255) not null, - message varchar(255) not null, + message MEDIUMTEXT not null, loop_id varchar(255) not null, primary key (id) ) engine=InnoDB; @@ -63,22 +63,22 @@ primary key (name) ) engine=InnoDB; - alter table loop_logs - add constraint FK1j0cda46aickcaoxqoo34khg2 - foreign key (loop_id) + alter table loop_logs + add constraint FK1j0cda46aickcaoxqoo34khg2 + foreign key (loop_id) references loops (name); - alter table loops_microservicepolicies - add constraint FKem7tp1cdlpwe28av7ef91j1yl - foreign key (microservicepolicy_id) + alter table loops_microservicepolicies + add constraint FKem7tp1cdlpwe28av7ef91j1yl + foreign key (microservicepolicy_id) references micro_service_policies (name); - alter table loops_microservicepolicies - add constraint FKsvx91jekgdkfh34iaxtjfgebt - foreign key (loop_id) + alter table loops_microservicepolicies + add constraint FKsvx91jekgdkfh34iaxtjfgebt + foreign key (loop_id) references loops (name); - alter table operational_policies - add constraint FK1ddoggk9ni2bnqighv6ecmuwu - foreign key (loop_id) + alter table operational_policies + add constraint FK1ddoggk9ni2bnqighv6ecmuwu + foreign key (loop_id) references loops (name); diff --git a/kubernetes/clamp/resources/config/logback.xml b/kubernetes/clamp/resources/config/logback.xml index 03551fe241..551ed34ee4 100644 --- a/kubernetes/clamp/resources/config/logback.xml +++ b/kubernetes/clamp/resources/config/logback.xml @@ -17,66 +17,97 @@ - - - - - - - - - - + + + + + + + + + + - - - - INFO - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + - - - INFO - - ${logDirectory}/error2.log - true - - ${defaultPattern} - - - ${outputDirectory}/clamp/error.%d{yyyy-MM-dd}.%i.log.zip - 50MB - 30 - 10GB - - - 10MB - - + + + INFO + + ${logDirectory}/error.log + true + + ${defaultPattern} + + + ${outputDirectory}/clamp/error.%d{yyyy-MM-dd}.%i.log.zip + + 50MB + 30 + 10GB + + + 10MB + + - - ${logDirectory}/debug.log - true - - ${debugPattern} - - - ${outputDirectory}/clamp/debug.%d{yyyy-MM-dd}.%i.log.zip - 50MB - 30 - 10GB - - + + ${logDirectory}/debug.log + true + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + ${outputDirectory}/clamp/debug.%d{yyyy-MM-dd}.%i.log.zip + + 50MB + 30 + 10GB + + - ${logDirectory}/audit.log true @@ -95,13 +126,15 @@ 10MB - 256 - ${logDirectory}/metric.log true @@ -120,14 +153,16 @@ 10MB - 256 - ${logDirectory}/security.log true @@ -146,55 +181,15 @@ 10MB - 256 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -214,7 +209,8 @@ "%d [%thread] %-5level %logger{1024} - %msg%n" - @@ -234,14 +230,81 @@ "%d [%thread] %-5level %logger{1024} - %msg%n" - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + - + @@ -251,4 +314,3 @@ - diff --git a/kubernetes/clamp/templates/NOTES.txt b/kubernetes/clamp/templates/NOTES.txt index 1103affff1..e36d6a5bfb 100644 --- a/kubernetes/clamp/templates/NOTES.txt +++ b/kubernetes/clamp/templates/NOTES.txt @@ -27,6 +27,6 @@ echo http://$SERVICE_IP:{{ .Values.service.externalPort }} {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} + echo "Visit https://127.0.0.1:8443 to use your application" + kubectl port-forward $POD_NAME 8443:{{ .Values.service.internalPort }} {{- end }} diff --git a/kubernetes/clamp/templates/service.yaml b/kubernetes/clamp/templates/service.yaml index 8527ebb052..f1438a46c9 100644 --- a/kubernetes/clamp/templates/service.yaml +++ b/kubernetes/clamp/templates/service.yaml @@ -30,16 +30,10 @@ spec: - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 7edf75849c..f4c579b199 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp:3.0.3 +image: onap/clamp:4.0.1 pullPolicy: Always # flag to enable debugging - application support required @@ -55,7 +55,16 @@ config: "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", "clamp.config.dcae.inventory.url": "http://inventory.{{ include "common.namespace" . }}:8080", - "clamp.config.dcae.dispatcher.url": "https://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.userName": "none", + "clamp.config.dcae.deployment.password": "none", + "clamp.config.policy.api.url": "http4://policy-api.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.api.userName": "healthcheck", + "clamp.config.policy.api.password": "zb!XztG34", + "clamp.config.policy.pap.url": "http4://policy-pap.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.pap.userName": "healthcheck", + "clamp.config.policy.pap.password": "zb!XztG34", "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:9091/pap/ , testpap, alpha123", @@ -94,15 +103,11 @@ service: type: NodePort name: clamp portName: clamp - internalPort: 8080 - externalPort: 8080 - nodePort: 95 - portName2: clamp-ssl - internalPort2: 8443 - externalPort2: 8443 + internalPort: 8443 + externalPort: 8443 + nodePort: 58 # as of 20180904 port 58 is reserved for clamp from log/logdemonode # see https://wiki.onap.org/display/DW/OOM+NodePort+List - nodePort2: 58 ingress: diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh new file mode 100644 index 0000000000..5b652228a6 --- /dev/null +++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh @@ -0,0 +1,92 @@ +#!/bin/bash +set -e + +# first arg is `-f` or `--some-option` +# or there are no args +if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then + set -- cassandra -f "$@" +fi + +# allow the container to be started with `--user` +if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then + find /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" \ + \! -user cassandra -exec chown cassandra '{}' + + exec gosu cassandra "$BASH_SOURCE" "$@" +fi + +_ip_address() { + # scrape the first non-localhost IP address of the container + # in Swarm Mode, we often get two IPs -- the container IP, and the (shared) VIP, and the container IP should always be first + ip address | awk ' + $1 == "inet" && $NF != "lo" { + gsub(/\/.+$/, "", $2) + print $2 + exit + } + ' +} + +# "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example) +_sed-in-place() { + local filename="$1"; shift + local tempFile + tempFile="$(mktemp)" + sed "$@" "$filename" > "$tempFile" + cat "$tempFile" > "$filename" + rm "$tempFile" +} + +if [ "$1" = 'cassandra' ]; then + : ${CASSANDRA_RPC_ADDRESS='0.0.0.0'} + + : ${CASSANDRA_LISTEN_ADDRESS='auto'} + if [ "$CASSANDRA_LISTEN_ADDRESS" = 'auto' ]; then + CASSANDRA_LISTEN_ADDRESS="$(_ip_address)" + fi + + : ${CASSANDRA_BROADCAST_ADDRESS="$CASSANDRA_LISTEN_ADDRESS"} + + if [ "$CASSANDRA_BROADCAST_ADDRESS" = 'auto' ]; then + CASSANDRA_BROADCAST_ADDRESS="$(_ip_address)" + fi + : ${CASSANDRA_BROADCAST_RPC_ADDRESS:=$CASSANDRA_BROADCAST_ADDRESS} + + if [ -n "${CASSANDRA_NAME:+1}" ]; then + : ${CASSANDRA_SEEDS:="cassandra"} + fi + : ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"} + + _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ + -r 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/' + + for yaml in \ + broadcast_address \ + broadcast_rpc_address \ + cluster_name \ + endpoint_snitch \ + listen_address \ + num_tokens \ + rpc_address \ + start_rpc \ + authenticator \ + ; do + var="CASSANDRA_${yaml^^}" + val="${!var}" + if [ "$val" ]; then + _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ + -r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' + fi + done + + for rackdc in dc rack; do + var="CASSANDRA_${rackdc^^}" + val="${!var}" + if [ "$val" ]; then + _sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ + -r 's/^('"$rackdc"'=).*/\1 '"$val"'/' + fi + done +fi + +exec "$@" + diff --git a/kubernetes/common/cassandra/templates/configmap.yaml b/kubernetes/common/cassandra/templates/configmap.yaml index a9420d7e5b..abb8a7e65f 100644 --- a/kubernetes/common/cassandra/templates/configmap.yaml +++ b/kubernetes/common/cassandra/templates/configmap.yaml @@ -12,4 +12,16 @@ metadata: data: {{ toYaml .Values.configOverrides | indent 2 }} {{- end }} - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-entrypoint + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/docker-entrypoint.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index a0b6b5f738..0c7a112bcb 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -54,6 +54,9 @@ spec: - name: localtime mountPath: /etc/localtime readOnly: true + - name: cassandra-entrypoint + mountPath: /docker-entrypoint.sh + subPath: docker-entrypoint.sh {{- range $key, $value := .Values.configOverrides }} - name: cassandra-config-{{ $key | replace "." "-" }} mountPath: /etc/cassandra/{{ $key }} @@ -110,6 +113,8 @@ spec: value: {{ default "true" .Values.config.start_rpc | quote }} - name: CASSANDRA_ENDPOINT_SNITCH value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }} + - name: CASSANDRA_AUTHENTICATOR + value: {{ default "PasswordAuthenticator" .Values.config.authenticator | quote }} - name: POD_IP valueFrom: fieldRef: @@ -141,6 +146,10 @@ spec: configMap: name: {{ include "common.fullname" . }}-configOverrides {{- end }} + - name: cassandra-entrypoint + configMap: + name: {{ include "common.fullname" . }}-entrypoint + defaultMode: 0755 {{- if not .Values.persistence.enabled }} - name: cassandra-data emptyDir: {} diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 51e82f306e..17760a7858 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -21,7 +21,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: library/cassandra:3.11 +image: library/cassandra:2.2.14 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index e07c904711..944b63f212 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -47,7 +47,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-dgbuilder-image:0.4.2-STAGING-latest +image: onap/ccsdk-dgbuilder-image:0.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/cds/charts/controller-blueprints/.helmignore b/kubernetes/common/etcd/.helmignore similarity index 100% rename from kubernetes/cds/charts/controller-blueprints/.helmignore rename to kubernetes/common/etcd/.helmignore diff --git a/kubernetes/aai/charts/aai-babel/Chart.yaml b/kubernetes/common/etcd/Chart.yaml similarity index 62% rename from kubernetes/aai/charts/aai-babel/Chart.yaml rename to kubernetes/common/etcd/Chart.yaml index fe1a4ce241..31a8ad55f0 100644 --- a/kubernetes/aai/charts/aai-babel/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -1,5 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada +# Copyright © 2019 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,8 +11,13 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -apiVersion: v1 -description: Babel microservice -name: aai-babel + +name: etcd +home: https://github.com/coreos/etcd version: 4.0.0 +appVersion: 2.2.5 +description: Distributed reliable key-value store for the most critical data of a + distributed system. +-icon: https://raw.githubusercontent.com/coreos/etcd/master/logos/etcd-horizontal-color.png +sources: +- https://github.com/coreos/etcd diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml b/kubernetes/common/etcd/requirements.yaml similarity index 78% rename from kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml rename to kubernetes/common/etcd/requirements.yaml index 7748cc0689..0ddbcbef4a 100644 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml +++ b/kubernetes/common/etcd/requirements.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -10,9 +11,8 @@ # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP VFC - Nokia VNFM Driver -name: vfc-nokia-vnfm-driver -version: 4.0.0 \ No newline at end of file +# limitations under the License +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml b/kubernetes/common/etcd/templates/pv.yaml similarity index 91% rename from kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml rename to kubernetes/common/etcd/templates/pv.yaml index b949064077..eeaa64598d 100644 --- a/kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml +++ b/kubernetes/common/etcd/templates/pv.yaml @@ -12,9 +12,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if .Values.persistence.enabled }} +{{ if .Values.persistence.enabled }} {{- $root := . -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +{{ range $i, $e := until (int $root.Values.replicaCount) }} --- apiVersion: v1 kind: PersistentVolume @@ -36,4 +36,5 @@ spec: path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} {{ end }} -#{{ end }} +{{ end }} + diff --git a/kubernetes/aai/charts/aai-search-data/templates/service.yaml b/kubernetes/common/etcd/templates/service.yaml similarity index 50% rename from kubernetes/aai/charts/aai-search-data/templates/service.yaml rename to kubernetes/common/etcd/templates/service.yaml index a49553e65b..692faa9f2d 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/service.yaml +++ b/kubernetes/common/etcd/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright 2019 Intel Corporation Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,25 +15,23 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" +metadata: + name: {{ include "common.servicename" . }} labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} spec: - type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - name: {{ .Values.service.peerPortName }} + port: {{ .Values.service.peerInternalPort }} + - name: {{ .Values.service.clientPortName }} + port: {{ .Values.service.clientInternalPort }} + clusterIP: None selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None + release: "{{ .Release.Name }}" + diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml new file mode 100644 index 0000000000..ccc6b69971 --- /dev/null +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -0,0 +1,244 @@ +# Copyright © 2019 Intel Corporation Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.servicename" . }} + labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "common.name" . }} +spec: + serviceName: {{ include "common.servicename" . }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ include "common.name" . }} + spec: +{{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} +{{- end }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} + containers: + - name: {{ include "common.servicename" . }} + image: "{{ .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: "{{ .Values.pullPolicy }}" + ports: + - containerPort: {{ .Values.service.peerInternalPort }} + name: {{ .Values.service.peerPortName }} + - containerPort: {{ .Values.service.clientInternalPort }} + name: {{ .Values.service.clientPortName }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: ["/bin/sh", "-c", "etcdctl cluster-health | grep -w healthy" ] + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{ end -}} + readinessProbe: + exec: + command: ["/bin/sh", "-c", "etcdctl cluster-health | grep -w healthy" ] + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 10 }} + env: + - name: INITIAL_CLUSTER_SIZE + value: {{ .Values.replicaCount | quote }} + - name: SET_NAME + value: {{ include "common.servicename" . }} +{{- if .Values.extraEnv }} +{{ toYaml .Values.extraEnv | indent 8 }} +{{- end }} + lifecycle: + preStop: + exec: + command: + - "/bin/sh" + - "-ec" + - | + EPS="" + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + EPS="${EPS}${EPS:+,}http://${SET_NAME}-${i}.${SET_NAME}:2379" + done + + HOSTNAME=$(hostname) + + member_hash() { + etcdctl member list | grep http://${HOSTNAME}.${SET_NAME}:2380 | cut -d':' -f1 | cut -d'[' -f1 + } + + SET_ID=${HOSTNAME##*[^0-9]} + + if [ "${SET_ID}" -ge ${INITIAL_CLUSTER_SIZE} ]; then + echo "Removing ${HOSTNAME} from etcd cluster" + ETCDCTL_ENDPOINT=${EPS} etcdctl member remove $(member_hash) + if [ $? -eq 0 ]; then + # Remove everything otherwise the cluster will no longer scale-up + rm -rf /var/run/etcd/* + fi + fi + command: + - "/bin/sh" + - "-ec" + - | + HOSTNAME=$(hostname) + + # store member id into PVC for later member replacement + collect_member() { + while ! etcdctl member list &>/dev/null; do sleep 1; done + etcdctl member list | grep http://${HOSTNAME}.${SET_NAME}:2380 | cut -d':' -f1 | cut -d'[' -f1 > /var/run/etcd/member_id + exit 0 + } + + eps() { + EPS="" + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + EPS="${EPS}${EPS:+,}http://${SET_NAME}-${i}.${SET_NAME}:2379" + done + echo ${EPS} + } + + member_hash() { + etcdctl member list | grep http://${HOSTNAME}.${SET_NAME}:2380 | cut -d':' -f1 | cut -d'[' -f1 + } + + # we should wait for other pods to be up before trying to join + # otherwise we got "no such host" errors when trying to resolve other members + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + while true; do + echo "Waiting for ${SET_NAME}-${i}.${SET_NAME} to come up" + ping -W 1 -c 1 ${SET_NAME}-${i}.${SET_NAME} > /dev/null && break + sleep 1s + done + done + + # re-joining after failure? + if [ -e /var/run/etcd/default.etcd ]; then + echo "Re-joining etcd member" + member_id=$(cat /var/run/etcd/member_id) + + # re-join member + ETCDCTL_ENDPOINT=$(eps) etcdctl member update ${member_id} http://${HOSTNAME}.${SET_NAME}:2380 | true + exec etcd --name ${HOSTNAME} \ + --listen-peer-urls http://0.0.0.0:2380 \ + --listen-client-urls http://0.0.0.0:2379\ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --data-dir /var/run/etcd/default.etcd + fi + + # etcd-SET_ID + SET_ID=${HOSTNAME##*[^0-9]} + + # adding a new member to existing cluster (assuming all initial pods are available) + if [ "${SET_ID}" -ge ${INITIAL_CLUSTER_SIZE} ]; then + export ETCDCTL_ENDPOINT=$(eps) + + # member already added? + MEMBER_HASH=$(member_hash) + if [ -n "${MEMBER_HASH}" ]; then + # the member hash exists but for some reason etcd failed + # as the datadir has not be created, we can remove the member + # and retrieve new hash + etcdctl member remove ${MEMBER_HASH} + fi + + echo "Adding new member" + etcdctl member add ${HOSTNAME} http://${HOSTNAME}.${SET_NAME}:2380 | grep "^ETCD_" > /var/run/etcd/new_member_envs + + if [ $? -ne 0 ]; then + echo "Exiting" + rm -f /var/run/etcd/new_member_envs + exit 1 + fi + + cat /var/run/etcd/new_member_envs + source /var/run/etcd/new_member_envs + + collect_member & + + exec etcd --name ${HOSTNAME} \ + --listen-peer-urls http://0.0.0.0:2380 \ + --listen-client-urls http://0.0.0.0:2379 \ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --data-dir /var/run/etcd/default.etcd \ + --initial-advertise-peer-urls http://${HOSTNAME}.${SET_NAME}:2380 \ + --initial-cluster ${ETCD_INITIAL_CLUSTER} \ + --initial-cluster-state ${ETCD_INITIAL_CLUSTER_STATE} + fi + + PEERS="" + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + PEERS="${PEERS}${PEERS:+,}${SET_NAME}-${i}=http://${SET_NAME}-${i}.${SET_NAME}:2380" + done + + collect_member & + + # join member + exec etcd --name ${HOSTNAME} \ + --initial-advertise-peer-urls http://${HOSTNAME}.${SET_NAME}:2380 \ + --listen-peer-urls http://0.0.0.0:2380 \ + --listen-client-urls http://0.0.0.0:2379 \ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --initial-cluster-token etcd-cluster-1 \ + --initial-cluster ${PEERS} \ + --initial-cluster-state new \ + --data-dir /var/run/etcd/default.etcd + volumeMounts: + - name: {{ include "common.servicename" . }}-datadir + mountPath: /var/run/etcd + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.servicename" . }}-data + spec: + accessModes: + - "{{ .Values.persistence.accessMode }}" + resources: + requests: + # upstream recommended max is 700M + storage: "{{ .Values.persistence.storage }}" + {{- if .Values.persistence.storageClass }} + {{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} + {{- end }} + {{- else }} + volumes: + - name: {{ include "common.servicename" . }}-datadir + {{- if .Values.memoryMode }} + emptyDir: + medium: Memory + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + diff --git a/kubernetes/common/etcd/values.yaml b/kubernetes/common/etcd/values.yaml new file mode 100644 index 0000000000..a999b0c530 --- /dev/null +++ b/kubernetes/common/etcd/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# + +#repository: etcd +repository: "k8s.gcr.io" +image: "etcd-amd64:2.2.5" +pullPolicy: Always + +# default number of instances in the StatefulSet +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 90 + periodSeconds: 10 + timeoutSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 90 + periodSeconds: 10 + +persistence: + enabled: false + ## etcd data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "-" + accessMode: "ReadWriteOnce" + storage: "1Gi" + mountPath: /dockerdata-nfs + mountSubPath: k8s-etcd + +## This is only available when persistentVolume is false: +## If persistentVolume is not enabled, one can choose to use memory mode for ETCD by setting memoryMode to "true". +## The system will create a volume with "medium: Memory" +memoryMode: false + +service: + name: k8s-etcd + peerInternalPort: 2380 + peerPortName: etcd-server + clientInternalPort : 2379 + clientPortName: etcd-client + +## Node labels and tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature +nodeSelector: {} +tolerations: [] +affinity: {} +extraEnv: [] +resources: {} + diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 601057ff6f..6dc5a7aad6 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -113,6 +113,7 @@ spec: initContainers: - name: mariadb-galera-prepare image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"] volumeMounts: - name: {{ include "common.fullname" . }}-data diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index 449949992f..ae5f7c5a81 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -74,7 +74,7 @@ spec: - -c - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - timeoutSeconds: {{ .Values.liveness.periodSeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} lifecycle: preStop: exec: diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 5ba48a21d3..888a07a640 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -54,7 +54,7 @@ mariadb-galera: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-apps-ms-neng:0.3.2 +image: onap/ccsdk-apps-ms-neng:0.4.2 pullPolicy: IfNotPresent # application configuration diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh index 78f79cedb7..5db036f708 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh @@ -70,11 +70,11 @@ curl --silent -X POST \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ - "prefix": "{{ .Values.service.vfw_protected_pool }}", + "prefix": "{{ .Values.service.private2 }}", "site": 1, "tenant": 1, "is_pool": false, - "description": "IP Pool for protected network - vFW use case" + "description": "IP Pool for private network 2" }' echo "Create Prefix for vFW unprotected network" @@ -83,11 +83,11 @@ curl --silent -X POST \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ - "prefix": "{{ .Values.service.vfw_unprotected_pool }}", + "prefix": "{{ .Values.service.private1 }}", "site": 1, "tenant": 1, "is_pool": false, - "description": "IP Pool for unprotected network - vFW use case" + "description": "IP Pool for private network 1" }' echo "Create Prefix for ONAP general purpose network" @@ -96,7 +96,7 @@ curl --silent -X POST \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ - "prefix": "{{ .Values.service.vfw_mgmt_pool }}", + "prefix": "{{ .Values.service.management }}", "site": 1, "tenant": 1, "is_pool": false, diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml index 92888ea20f..399e03868d 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml @@ -34,26 +34,24 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + image: {{ .Values.repository }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - httpGet: - path: /api/dcim/regions/ - port: {{ .Values.service.internalPort }} - scheme: HTTP - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: DB_PASSWORD valueFrom: diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml index 96328caa95..ddfdc4b976 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml @@ -66,9 +66,9 @@ service: # The following subnet pool will be # configured in Netbox by provisioning script. - vfw_protected_pool: 192.168.20.0/24 - vfw_unprotected_pool: 192.168.10.0/24 - vfw_mgmt_pool: 10.0.101.0/24 + private1: 192.168.10.0/24 + private2: 192.168.20.0/24 + management: 10.0.101.0/24 ingress: enabled: false diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh index cc71522f12..409da3987c 100755 --- a/kubernetes/contrib/tools/rke/rke_setup.sh +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -17,12 +17,13 @@ # # This installation is for an RKE install of kubernetes # after this run the standard oom install -# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host +# this installation can be run on any ubuntu 16.04/18.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host # https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment # source from https://jira.onap.org/browse/OOM-1598 # # master/dublin # RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 +# 20190428 RKE 0.2.1, Kubernetes 1.13.5, kubectl 1.13.5, Helm 2.12.3, Docker 18.09.5 # single node install, HA pending usage() { @@ -42,19 +43,11 @@ EOF install_onap() { #constants PORT=8880 - if [ "$BRANCH" == "casablanca" ]; then - KUBERNETES_VERSION= - RKE_VERSION=0.1.15 - KUBECTL_VERSION=1.11.3 - HELM_VERSION=2.9.1 - DOCKER_VERSION=17.03 - else - KUBERNETES_VERSION= - RKE_VERSION=0.1.16 - KUBECTL_VERSION=1.11.6 - HELM_VERSION=2.9.1 - DOCKER_VERSION=18.06 - fi + KUBERNETES_VERSION= + RKE_VERSION=0.2.1 + KUBECTL_VERSION=1.13.5 + HELM_VERSION=2.12.3 + DOCKER_VERSION=18.09 # copy your private ssh key and cluster.yml file to the vm # on your dev machine @@ -68,7 +61,7 @@ install_onap() { # sudo vi ~/.ssh/authorized_keys echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/" - echo "The RKE version specific cluster.yaml is already integrated in this script for 0.1.15/0.1.16 no need for below generation..." + echo "The RKE version specific cluster.yaml is already integrated in this script for 0.2.1 no need for below generation..." echo "rke config --name cluster.yml" echo "specifically" echo "address: $SERVER" @@ -78,16 +71,9 @@ install_onap() { RKETOOLS= HYPERCUBE= POD_INFRA_CONTAINER= - if [ "$RKE_VERSION" == "0.1.16" ]; then - RKETOOLS=0.1.15 - HYPERCUBE=1.11.6-rancher1 - POD_INFRA_CONTAINER=rancher/pause-amd64:3.1 - else - # 0.1.15 - RKETOOLS=0.1.14 - HYPERCUBE=1.11.3-rancher1 - POD_INFRA_CONTAINER=gcr.io.google_containers/pause-amd64:3.1 - fi + RKETOOLS=0.1.27 + HYPERCUBE=1.13.5-rancher1 + POD_INFRA_CONTAINER=rancher/pause:3.1 cat > cluster.yml < - if [ -d /tmp/zookeeper/topics/version-2 ]; then - echo "nothing to do"; - else - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/zookeeper/gerrit; - echo "Clone complete. Copying from /tmp/zookeeper/gerrit/oom-projects/data-zookeeper/* to /tmp/zookeeper/topics"; - cp -var /tmp/zookeeper/gerrit/oom-topics/data-zookeeper/* /tmp/zookeeper/topics; - chown -R 1000:1000 /tmp/zookeeper/topics; - echo "Done."; - fi - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + chown -R 1000:1000 /tmp/zookeeper/apikeys; + image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: /tmp/zookeeper/topics + - mountPath: /tmp/zookeeper/apikeys name: zookeeper-data containers: - name: {{ include "common.name" . }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index 22daf946bb..4c5541bf2e 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -30,9 +30,11 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/zookeeper:4.0.0 +image: onap/dmaap/zookeeper:6.0.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 +busyBoxImage: busybox:1.30 +busyBoxRepository: docker.io # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index 948577aaa7..4e0b085e20 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -3,15 +3,15 @@ aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm -cadi_truststore=/appl/dmaapMR1/etc/truststoreONAPall.jks -cadi_truststore_password=changeit +cadi_truststore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.trust.jks +cadi_truststore_password=enc:gvXm0E9p-_SRNw5_feOUE7wqXBxgxV3S_bdAyB08Sq9F35cCUZHWgQyKIDtTAbEw -cadi_keyfile=/appl/dmaapMR1/etc/keyfilenew +cadi_keyfile=/appl/dmaapMR1/etc/org.onap.dmaap.mr.keyfile cadi_alias=dmaapmr@mr.dmaap.onap.org cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12 -cadi_keystore_password=Messaging for All -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_keystore_password=enc:pLMCzQzk-OP7IpYNi0TPtQSkNcraFAdarZG8HbdOKq4BycW6g_7mfhphLhOZo6ht +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_loglevel=INFO diff --git a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json index 9e732d2af8..6c201f6b30 100644 --- a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json +++ b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json @@ -1,6 +1,6 @@ { "dcaeLocationName": "san-francisco", "fqdn": "message-router", - "topicProtocol": "http", - "topicPort": "3904" + "topicProtocol": "https", + "topicPort": "3905" } diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index b141207a03..54c8982eca 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.12 +image: onap/dmaap/dmaap-mr:1.1.14 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index e7b39af1ad..aa5165d443 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -22,7 +22,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - clientImage: onap/dmaap/dbc-client:1.0.5 + clientImage: onap/dmaap/dbc-client:1.0.9 # application configuration config: logstashServiceName: log-ls diff --git a/kubernetes/esr/charts/esr-gui/values.yaml b/kubernetes/esr/charts/esr-gui/values.yaml index 004d473b99..952dd0ab48 100644 --- a/kubernetes/esr/charts/esr-gui/values.yaml +++ b/kubernetes/esr/charts/esr-gui/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-gui:1.2.1 +image: onap/aai/esr-gui:1.4.0 pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:80 diff --git a/kubernetes/esr/charts/esr-server/values.yaml b/kubernetes/esr/charts/esr-server/values.yaml index ce5688f267..98203fc12f 100644 --- a/kubernetes/esr/charts/esr-server/values.yaml +++ b/kubernetes/esr/charts/esr-server/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-server:1.2.1 +image: onap/aai/esr-server:1.4.0 pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:80 diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index a07c7f4ce1..2bbae80a3e 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -52,7 +52,7 @@ generate_overrides() { if [[ $START == "global:" ]]; then echo "global:" > $GLOBAL_OVERRIDES cat $COMPUTED_OVERRIDES | sed '/common:/,/consul:/d' \ - | sed -n '/'"$START"'/,/'log:'/p' | sed '1d;$d' >> $GLOBAL_OVERRIDES + | sed -n '/^'"$START"'/,/'log:'/p' | sed '1d;$d' >> $GLOBAL_OVERRIDES else SUBCHART_DIR="$CACHE_SUBCHART_DIR/$(cut -d':' -f1 <<<"$START")" if [[ -d "$SUBCHART_DIR" ]]; then diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index d0e9d96ce7..bc279e0dcb 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_discovery:1.2.3-STAGING-latest +image: onap/msb/msb_discovery:1.2.3 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index e58e51bacb..e8b28ac2f2 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.4-STAGING-latest +image: onap/msb/msb_apigateway:1.2.4 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index d091a84164..6008cea479 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.4-STAGING-latest +image: onap/msb/msb_apigateway:1.2.4 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/aai/charts/aai-cassandra/Chart.yaml b/kubernetes/multicloud/Makefile similarity index 76% rename from kubernetes/aai/charts/aai-cassandra/Chart.yaml rename to kubernetes/multicloud/Makefile index 3987a111c0..fde29904c7 100644 --- a/kubernetes/aai/charts/aai-cassandra/Chart.yaml +++ b/kubernetes/multicloud/Makefile @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright 2019 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,8 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +make-multicloud: make-multicloud-k8s -apiVersion: v1 -description: ONAP AAI Cassandra -name: aai-cassandra -version: 4.0.0 +make-multicloud-k8s: + cd charts && helm dep up multicloud-k8s && helm lint multicloud-k8s diff --git a/kubernetes/aai/charts/aai-elasticsearch/Chart.yaml b/kubernetes/multicloud/charts/multicloud-k8s/Chart.yaml similarity index 84% rename from kubernetes/aai/charts/aai-elasticsearch/Chart.yaml rename to kubernetes/multicloud/charts/multicloud-k8s/Chart.yaml index fbc7abd0d9..5a73ee32b4 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright 2019 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP AAI elasticsearch -name: aai-elasticsearch +description: ONAP Multicloud Kubernetes Plugin +name: multicloud-k8s version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-spike/requirements.yaml b/kubernetes/multicloud/charts/multicloud-k8s/requirements.yaml similarity index 88% rename from kubernetes/aai/charts/aai-spike/requirements.yaml rename to kubernetes/multicloud/charts/multicloud-k8s/requirements.yaml index 8915b751c5..566af50cfe 100644 --- a/kubernetes/aai/charts/aai-spike/requirements.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T +# Copyright 2019 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,3 +19,7 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: mongo + version: ~4.x-0 + repository: '@local' + diff --git a/kubernetes/multicloud/charts/multicloud-k8s/resources/config/k8sconfig.json b/kubernetes/multicloud/charts/multicloud-k8s/resources/config/k8sconfig.json new file mode 100644 index 0000000000..e451421a5b --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/resources/config/k8sconfig.json @@ -0,0 +1,10 @@ +{ + "ca-file": "/opt/multicloud/k8splugin/certs/root_ca.cer", + "server-cert": "/opt/multicloud/k8splugin/certs/multicloud-k8s.pub", + "server-key": "/opt/multicloud/k8splugin/certs/multicloud-k8s.pr", + "password": "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA==", + + "database-type": "mongo", + "database-address": "multicloud-k8s-mongo", + "plugin-dir": "/opt/multicloud/k8splugin/plugins" +} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml b/kubernetes/multicloud/charts/multicloud-k8s/templates/configmap.yaml similarity index 85% rename from kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml rename to kubernetes/multicloud/charts/multicloud-k8s/templates/configmap.yaml index 6084ca3d4d..c9d55fedf3 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/templates/configmap.yaml @@ -1,4 +1,5 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +{{/* +# Copyright 2019 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,9 +12,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 -kind: Secret +kind: ConfigMap metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} @@ -22,6 +24,5 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-k8s/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-k8s/templates/deployment.yaml new file mode 100644 index 0000000000..846a751336 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/templates/deployment.yaml @@ -0,0 +1,80 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + command: ["/opt/multicloud/k8splugin/k8plugin"] + workingDir: /opt/multicloud/k8splugin + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/multicloud/k8splugin/k8sconfig.json + name: {{ include "common.name" .}} + subPath: k8sconfig.json + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-k8s/templates/service.yaml similarity index 59% rename from kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/service.yaml rename to kubernetes/multicloud/charts/multicloud-k8s/templates/service.yaml index 48c0d80670..eaf9f4dee5 100644 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/service.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +{{/* +# Copyright 2019 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service @@ -18,34 +20,33 @@ metadata: name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} annotations: msb.onap.org/service-info: '[ - { - "serviceName": "nokiavnfmdriver", - "version": "v1", - "url": "/api/nokiavnfmdriver/v1", - "protocol": "REST", - "port": "{{.Values.service.externalPort}}", - "visualRange":"1" - } - ]' + { + "serviceName": "multicloud-k8s", + "version": "v1", + "url": "/", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' spec: type: {{ .Values.service.type }} ports: + - name: {{ .Values.service.PortName }} {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default "302" }}{{ .Values.service.nodePort }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} {{- end}} + protocol: TCP selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml new file mode 100644 index 0000000000..15aade560d --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml @@ -0,0 +1,108 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/k8s:0.1.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration is via config files + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 30 + +service: + type: ClusterIP + name: multicloud-k8s + portName: multicloud-k8s + internalPort: 9015 + externalPort: 9015 + nodePort: 98 + +#Mongo chart overrides for k8splugin +mongo: + nameOverride: multicloud-k8s-mongo + service: + name: multicloud-k8s-mongo + internalPort: 27017 + nfsprovisionerPrefix: multicloud-k8s + sdnctlPrefix: multicloud-k8s + persistence: + mountSubPath: multicloud-k8s/mongo/data + enabled: true + disableNfsProvisioner: true + + +# No persistence right now as we rely on Mongo to handle that +persistence: + enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: multicloud-k8s/data + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: large +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml index 2642b5a172..53ce0d0ed6 100644 --- a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-ocata:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-ocata:1.3.1 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml index c39d41f879..42aa7ca9e8 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-pike:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-pike:1.3.1 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/config.json b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/config.json new file mode 100644 index 0000000000..d62fec6d85 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/config.json @@ -0,0 +1,70 @@ +{ + "name":"SDCDistributionGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":9014, + "userName":"healthcheck", + "password":"zb!XztG34", + "https":true + }, + "receptionHandlerParameters":{ + "SDCReceptionHandler":{ + "receptionHandlerType":"SDC", + "receptionHandlerClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandler", + "receptionHandlerConfigurationName":"sdcConfiguration", + "pluginHandlerParameters":{ + "artifactForwarders":{ + "PAPEngineForwarder":{ + "forwarderType":"PAPEngine", + "forwarderClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarder", + "forwarderConfigurationName": "k8sConfiguration" + } + } + } + } + }, + "receptionHandlerConfigurationParameters":{ + "sdcConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", + "parameters":{ + "asdcAddress": "sdc-be:8443", + "messageBusAddress": [ + "message-router" + ], + "user": "policy", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U", + "pollingInterval":20, + "pollingTimeout":30, + "consumerId": "policy-id", + "artifactTypes": [ + "TOSCA_CSAR", + "HEAT", + "HEAT_ENV", + "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT" + ], + "consumerGroup": "policy-group", + "environmentName": "AUTO", + "keystorePath": "null", + "keystorePassword": "null", + "activeserverTlsAuth": false, + "isFilterinEmptyResources": true, + "isUseHttpsWithDmaap": false + } + } + }, + "artifactForwarderConfigurationParameters":{ + "k8sConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarderParameterGroup", + "parameters":{ + "useHttps": true, + "hostname": "pdp", + "port": 8081, + "userName": "testpdp", + "password": "alpha123", + "clientAuth": "cHl0aG9uOnRlc3Q=", + "isManaged": true, + "pdpGroup": "default" + } + } + } +} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml index 0ccc3f9f95..62bacd7da5 100644 --- a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml @@ -61,6 +61,8 @@ spec: - mountPath: /opt/starlingx/starlingx/pub/config/log.yml name: starlingx-logconfig subPath: log.yml + - mountPath: /opt/artifacts/ + name: artifact-data resources: {{ include "common.resources" . | indent 12 }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -93,6 +95,19 @@ spec: name: starlingx-log - mountPath: /usr/share/filebeat/data name: starlingx-data-filebeat + - image: "{{ include "common.repository" . }}/{{ .Values.global.artifactImage }}" + name: framework-artifactbroker + command: ["/opt/app/distribution/bin/artifact-dist.sh"] + args: ["/opt/app/distribution/etc/mounted/config.json"] + ports: + - containerPort: 9014 + protocol: TCP + volumeMounts: + - mountPath: /opt/app/distribution/etc/mounted/config.json + name: starlingx-logconfig + subPath: config.json + - mountPath: /data + name: artifact-data volumes: - name: starlingx-log @@ -105,6 +120,8 @@ spec: - name: starlingx-logconfig configMap: name: {{ include "common.fullname" . }}-log-configmap + - name: artifact-data + emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml index 2ca696c704..723d77d6cb 100644 --- a/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-starlingx:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-starlingx:1.3.1 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-vio/values.yaml b/kubernetes/multicloud/charts/multicloud-vio/values.yaml index a916a049f4..0da23ddeac 100644 --- a/kubernetes/multicloud/charts/multicloud-vio/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-vio/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/vio:1.2.1 +image: onap/multicloud/vio:1.3.1 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/config.json b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/config.json new file mode 100644 index 0000000000..d62fec6d85 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/config.json @@ -0,0 +1,70 @@ +{ + "name":"SDCDistributionGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":9014, + "userName":"healthcheck", + "password":"zb!XztG34", + "https":true + }, + "receptionHandlerParameters":{ + "SDCReceptionHandler":{ + "receptionHandlerType":"SDC", + "receptionHandlerClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandler", + "receptionHandlerConfigurationName":"sdcConfiguration", + "pluginHandlerParameters":{ + "artifactForwarders":{ + "PAPEngineForwarder":{ + "forwarderType":"PAPEngine", + "forwarderClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarder", + "forwarderConfigurationName": "k8sConfiguration" + } + } + } + } + }, + "receptionHandlerConfigurationParameters":{ + "sdcConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", + "parameters":{ + "asdcAddress": "sdc-be:8443", + "messageBusAddress": [ + "message-router" + ], + "user": "policy", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U", + "pollingInterval":20, + "pollingTimeout":30, + "consumerId": "policy-id", + "artifactTypes": [ + "TOSCA_CSAR", + "HEAT", + "HEAT_ENV", + "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT" + ], + "consumerGroup": "policy-group", + "environmentName": "AUTO", + "keystorePath": "null", + "keystorePassword": "null", + "activeserverTlsAuth": false, + "isFilterinEmptyResources": true, + "isUseHttpsWithDmaap": false + } + } + }, + "artifactForwarderConfigurationParameters":{ + "k8sConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarderParameterGroup", + "parameters":{ + "useHttps": true, + "hostname": "pdp", + "port": 8081, + "userName": "testpdp", + "password": "alpha123", + "clientAuth": "cHl0aG9uOnRlc3Q=", + "isManaged": true, + "pdpGroup": "default" + } + } + } +} diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml index 99b1ea9557..e6f1456874 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml @@ -62,6 +62,8 @@ spec: - mountPath: /opt/windriver/titanium_cloud/pub/config/log.yml name: windriver-logconfig subPath: log.yml + - mountPath: /opt/artifacts/ + name: artifact-data resources: {{ include "common.resources" . | indent 12 }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -94,6 +96,19 @@ spec: name: windriver-log - mountPath: /usr/share/filebeat/data name: windriver-data-filebeat + - image: "{{ include "common.repository" . }}/{{ .Values.global.artifactImage }}" + name: framework-artifactbroker + command: ["/opt/app/distribution/bin/artifact-dist.sh"] + args: ["/opt/app/distribution/etc/mounted/config.json"] + ports: + - containerPort: 9014 + protocol: TCP + volumeMounts: + - mountPath: /opt/app/distribution/etc/mounted/config.json + name: windriver-logconfig + subPath: config.json + - mountPath: /data + name: artifact-data volumes: - name: windriver-log @@ -106,6 +121,8 @@ spec: - name: windriver-logconfig configMap: name: {{ include "common.fullname" . }}-log-configmap + - name: artifact-data + emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml index 234ad3f0f6..8a6acbd05f 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-windriver:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-windriver:1.3.1 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 8ebcb826ae..889c06bd47 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -20,6 +20,7 @@ global: nodePortPrefix: 302 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.3.1 prometheus: enabled: false @@ -28,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/framework:1.2.2 +image: onap/multicloud/framework:1.3.1 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index 9f9f166e91..1716415b3e 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -15,14 +15,17 @@ ################################################################### # This override file enables helm charts for all ONAP applications. ################################################################### +cassandra: + enabled: true +mariadb-galera: + enabled: true + aaf: enabled: true aai: enabled: true appc: enabled: true -cassandra: - enabled: true clamp: enabled: true cli: diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml new file mode 100644 index 0000000000..323961fba3 --- /dev/null +++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml @@ -0,0 +1,55 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################### +# This override file enables ONAP Application helm charts for the +# vFW use case. +################################################################### +cassandra: + enabled: true +mariadb-galera: + enabled: true + +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: true +clamp: + enabled: true +consul: + enabled: true +dcaegen2: + enabled: true +dmaap: + enabled: true +log: + enabled: true +oof: + enabled: true +msb: + enabled: true +policy: + enabled: true +portal: + enabled: true +robot: + enabled: true +sdc: + enabled: true +sdnc: + enabled: true +so: + enabled: true \ No newline at end of file diff --git a/kubernetes/onap/resources/overrides/openstack.yaml b/kubernetes/onap/resources/overrides/openstack.yaml new file mode 100644 index 0000000000..a8294d249f --- /dev/null +++ b/kubernetes/onap/resources/overrides/openstack.yaml @@ -0,0 +1,62 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# This override file configures openstack parameters for ONAP +################################################################# +appc: + config: + enableClustering: false + openStackType: "OpenStackProvider" + openStackName: "OpenStack" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" + openStackDomain: "Default" + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +robot: + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + openStackKeyStoneUrl: "http://10.12.25.2:5000" + openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" + openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" + openStackUserName: "OPENSTACK_USERNAME_HERE" + ubuntu14Image: "ubuntu-14-04-cloud-amd64" + ubuntu16Image: "ubuntu-16-04-cloud-amd64" + openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313" + openStackPrivateSubnetId: "2a0e8888-f93e-4615-8d28-fc3d4d087fc3" + openStackPrivateNetCidr: "10.0.0.0/16" + openStackSecurityGroup: "3a7a1e7e-6d15-4264-835d-fab1ae81e8b0" + openStackOamNetworkCidrPrefix: "10.0" + dcaeCollectorIp: "10.12.6.88" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0-SNAPSHOT" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0-SNAPSHOT" + rancherIpAddress: "10.12.5.127" + config: + # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +so: + # so server configuration + so-catalog-db-adapter: + config: + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +nbi: + config: + # openstack configuration + openStackRegion: "Yolo" + openStackVNFTenantId: "1234" \ No newline at end of file diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index b62606ebde..613a223ed8 100644 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -112,7 +112,7 @@ nbi: openStackRegion: "Yolo" openStackVNFTenantId: "1234" nfs-provisioner: - enabled: true + enabled: false policy: enabled: false pomba: diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties index 9a6b91c602..871341d1fa 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties @@ -17,5 +17,5 @@ # #------------------------------------------------------------------------------- cadi_loglevel=DEBUG -cadi_prop_files=src/main/resources/aaf/org.onap.oof.props +cadi_prop_files=/share/etc/certs/org.onap.oof.props diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties index 83ed89a844..6b72dd4360 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties @@ -41,8 +41,8 @@ logging.level.org.hibernate=WARN #------------------------------------------------------------------------------- -cmso.topology.create.request.url=http://${TOPOLOGY_HOST}:${TOPOLOGY_PORT}/topology/v1/current -cmso.ticket.create.request.url=http://${TICKETMGT_HOST}:${TICKETMGT_PORT}/ticketmgt/v1/activetickets +cmso.topology.create.request.url=https://oof-cmso-topology:7998/topology/v1/current +cmso.ticket.create.request.url=https://oof-cmso-ticketmgt:7999/ticketmgt/v1/activetickets cmso.local.policy.folder=data/policies cmso.minizinc.command.exe=/mz-dist/bin/minizinc @@ -51,4 +51,8 @@ cmso.minizinc.command.timelimit=60000 cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn mechid.user=oof@oof.onap.org -mechid.pass=changeit +mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== + +cadi_loglevel=DEBUG +cadi_prop_files=/share/etc/certs/org.onap.oof.props +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml index 4e418bf756..e28dfca453 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml @@ -66,21 +66,13 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-config mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-logs + - name: {{ include "common.fullname" . }}-logs mountPath: /share/logs containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - - name: TOPOLOGY_HOST - value: {{ .Values.config.topology_host }}.{{.Release.Namespace}} - - name: TOPOLOGY_PORT - value: {{ .Values.config.topology_port | quote}} - - name: TICKETMGT_HOST - value: {{ .Values.config.ticketmgt_host }}.{{.Release.Namespace}} - - name: TICKETMGT_PORT - value: {{ .Values.config.ticketmgt_port | quote}} - name: DB_HOST value: {{ .Values.config.db_host }}.{{.Release.Namespace}} - name: DB_PORT @@ -94,6 +86,16 @@ spec: secretKeyRef: name: {{ .Release.Name}}-cmso-db key: db-root-password + - name: JAVA_TRUSTSTORE + value: /share/etc/certs/{{ .Values.global.truststoreFile }} + - name: SSL_KEYSTORE + value: /share/etc/certs/{{ .Values.global.keystoreFile }} + - name: JAVA_TRUSTSTORE_PASSWORD + value: {{ .Values.global.truststorePassword }} + - name: SSL_KEYSTORE_PASSWORD + value: {{ .Values.global.keystorePassword }} + - name: AUTHENTICATION + value: {{ .Values.global.authentication }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -116,7 +118,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /share/debug-logs - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-certs + mountPath: /share/etc/certs + - name: {{ include "common.fullname" . }}-certs + mountPath: /opt/app/cmso/src/main/resources/aaf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -142,5 +148,8 @@ spec: path: liquibase.properties - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: {{ include "common.fullname" . }}-certs + secret: + secretName: {{ .Release.Name }}-{{ .Values.global.commonConfigPrefix }}-certs imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties index 9a6b91c602..871341d1fa 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties @@ -17,5 +17,5 @@ # #------------------------------------------------------------------------------- cadi_loglevel=DEBUG -cadi_prop_files=src/main/resources/aaf/org.onap.oof.props +cadi_prop_files=/share/etc/certs/org.onap.oof.props diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties index ce94f573f6..c6c93eda9c 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -2,27 +2,27 @@ #------------------------------------------------------------------------------- # Copyright (c) 2017-2018 AT&T Intellectual Property. # Modifications Copyright (c) 2018 IBM. -# +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# -# +# +# # Unless otherwise specified, all documentation contained herein is licensed # under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at -# +# # https://creativecommons.org/licenses/by/4.0/ -# +# # Unless required by applicable law or agreed to in writing, documentation # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -74,7 +74,7 @@ cmso.cm.polling.job.interval.ms=10000 # How many management cmso polling intervals to look ahead to dispatch # (To account for possible latency of the polling job) cmso.cm.polling.job.lookahead.intervals=5 -# Lead time before event time to enable dispatcher to +# Lead time before event time to enable dispatcher to # test that it is safe to dispatch (i.e. meeting reminder lead time) cmso.cm.dispatcher.lead.time.ms=5000 # Lead time to prepare and call VID to dispatch work to MSO @@ -93,11 +93,15 @@ so.polling.interval.ms=10000 #mso.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== ## loopback settings -so.url=http://localhost:8080/cmso/v1/loopbacktest/onap/so/infra/orchestrationRequests/v7 +so.url=http://127.0.0.1:5000/onap/so/infra/orchestrationRequests/v7 so.user=oof@oof.onap.org -so.pass=changeit +so.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== mechid.user=oof@oof.onap.org -mechid.pass=changeit +mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== cmso.dispatch.url=http://localhost:8089 + +cadi_loglevel=DEBUG +cadi_prop_files=/share/etc/certs/org.onap.oof.props +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py new file mode 100644 index 0000000000..b678a4e8d4 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py @@ -0,0 +1,83 @@ + # ------------------------------------------------------------------------- + # Copyright (c) 2019 AT&T Intellectual Property + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # ------------------------------------------------------------------------- + # + +from flask import Flask +from flask import request +from flask import Response +from flask import json +from flask import send_from_directory +import requests +from threading import Thread +import time + +import os +import fnmatch +import re +import time +import datetime + +app = Flask(__name__) +ROOT_MOCK_DIR = os.path.dirname(os.path.abspath(__file__)) +DATA_DIR = os.path.join(ROOT_MOCK_DIR, "data") +global requestNum +requestNum = 1 + +######################################################################## +######################################################################## +@app.route('/onap/so/infra/orchestrationRequests/v7/schedule/', methods=['GET', 'POST']) +def soSchedule(VNFNAME): + if request.method == 'POST': + testid = request.headers.environ["HTTP_X_TRANSACTIONID"] + response = { + "status" : "202", + "entity" : { + "requestReferences" : { + "requestId" : "000001" + } + } + } + resp = Response(json.dumps(response), 200, mimetype='application/json') + return resp + + + else : + return "Helloooooo!!!!" + +######################################################################## +######################################################################## +@app.route('/onap/so/infra/orchestrationRequests/v7/', methods=['GET']) +def soStatus(REQUESTID): + response = {"request" : { "requestStatus" : { + "requestState" : "COMPLETE", + "statusMessage" : "Done.", + "percentProgress" : 100, + "finishTime" : "" + }}} + now = datetime.datetime.utcnow() + #response["finishTime"] = now.strftime("%Y-%m-%dT%H:%M:%SZ") + response["request"]["requestStatus"]["finishTime"] = now.strftime("%a, %d %b %Y %H:%M:%S GMT") + resp = Response(json.dumps(response), 200, mimetype='application/json') + + return resp + +######################################################################## +######################################################################## +if __name__ == "__main__": + app.run(host= '0.0.0.0',port=5000) + #app.run() + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh new file mode 100644 index 0000000000..c87a26bb7a --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh @@ -0,0 +1,4 @@ +#!/bin/sh +pip install flask +pip install requests +python /share/etc/config/mock.py diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties index 498a1e5870..1e4a8417c4 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties @@ -29,6 +29,6 @@ # limitations under the License. #------------------------------------------------------------------------------- -cmso.optimizer.request.url=$http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule -cmso.optimizer.status.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule -cmso.optimizer.health.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/health?checkInterfaces=true \ No newline at end of file +cmso.optimizer.request.url=https://oof-cmso-optimizer:7997/optimizer/v1/optimize/schedule +cmso.optimizer.status.url=https://oof-cmso-optimizer:7997/optimizer/v1/optimize/schedule +cmso.optimizer.health.url=https://oof-cmso-optimizer:7997/optimizer/v1/health?checkInterfaces=true \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties index bfdaec6b8d..bdf483d289 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/ticketmgt.properties @@ -30,9 +30,9 @@ #------------------------------------------------------------------------------- tm.vnfs.per.ticket=1 -tm.getPath=http://localhost:8080/cmso/v1/tm/getChangeRecord -tm.createPath=http://localhost:8080/cmso/v1/tm/createChangeRecord -tm.closePath=http://localhost:8080/cmso/v1/tm/closeCancelChangeRecord -tm.updatePath=http://localhost:8080/cmso/v1/tm/updateChangeRecord +tm.getPath=http://localhost:8089/cmso/v1/tm/getChangeRecord +tm.createPath=http://localhost:8089/cmso/v1/tm/createChangeRecord +tm.closePath=http://localhost:8089/cmso/v1/tm/closeCancelChangeRecord +tm.updatePath=http://localhost:8089/cmso/v1/tm/updateChangeRecord tm.approvalStatus=Approved|Scheduled,Approved|Assigned tm.template.folder=data/templates/tm diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml index 350708f078..b26f6dd6c0 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -66,9 +66,38 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-config mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-logs + - name: {{ include "common.fullname" . }}-logs mountPath: /share/logs containers: + # side car containers + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + name: filebeat-conf + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-logs + - mountPath: /usr/share/filebeat/data + name: {{ include "common.fullname" . }}-filebeat + resources: +{{ include "common.resources" . }} + - name: mso-simulator + image: "{{ .Values.global.pythonRepository }}/{{ .Values.global.pythonImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + command: + - /bin/sh + args: + - -x + - /share/etc/config/msosimulator.sh + ports: + - containerPort: 5000 + resources: +{{ include "common.resources" . }} - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -86,10 +115,16 @@ spec: secretKeyRef: name: {{ .Release.Name}}-cmso-db key: user-password - - name: OPTIMIZER_HOST - value: {{ .Values.config.optimizer_host }}.{{.Release.Namespace}} - - name: OPTIMIZER_PORT - value: {{ .Values.config.optimizer_port | quote}} + - name: JAVA_TRUSTSTORE + value: /share/etc/certs/{{ .Values.global.truststoreFile }} + - name: SSL_KEYSTORE + value: /share/etc/certs/{{ .Values.global.keystoreFile }} + - name: JAVA_TRUSTSTORE_PASSWORD + value: {{ .Values.global.truststorePassword }} + - name: SSL_KEYSTORE_PASSWORD + value: {{ .Values.global.keystorePassword }} + - name: AUTHENTICATION + value: {{ .Values.global.authentication }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -112,7 +147,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /share/debug-logs - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-certs + mountPath: /share/etc/certs + - name: {{ include "common.fullname" . }}-certs + mountPath: /opt/app/cmso/src/main/resources/aaf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -140,7 +179,19 @@ spec: path: ticketmgt.properties - key: liquibase.properties path: liquibase.properties + - key: mock.py + path: mock.py + - key: msosimulator.sh + path: msosimulator.sh - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: {{ include "common.fullname" . }}-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-cmso-filebeat-configmap + - name: {{ include "common.fullname" . }}-certs + secret: + secretName: {{ .Release.Name }}-{{ .Values.global.commonConfigPrefix }}-certs imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index 6df3049b1b..f4d3ffb8ff 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -19,6 +19,8 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 + pythonRepository: library + pythonImage: python:3.6-alpine subChartsOnly: enabled: true diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties index 9a6b91c602..871341d1fa 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties @@ -17,5 +17,5 @@ # #------------------------------------------------------------------------------- cadi_loglevel=DEBUG -cadi_prop_files=src/main/resources/aaf/org.onap.oof.props +cadi_prop_files=/share/etc/certs/org.onap.oof.props diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties index 5ca252f9bc..d687ab376d 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties @@ -28,3 +28,6 @@ # See the License for the specific language governing permissions and # limitations under the License. #------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=/share/etc/certs/org.onap.oof.props +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml index e01034e8d2..38a8c929d5 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml @@ -34,6 +34,17 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: JAVA_TRUSTSTORE + value: /share/etc/certs/{{ .Values.global.truststoreFile }} + - name: SSL_KEYSTORE + value: /share/etc/certs/{{ .Values.global.keystoreFile }} + - name: JAVA_TRUSTSTORE_PASSWORD + value: {{ .Values.global.truststorePassword }} + - name: SSL_KEYSTORE_PASSWORD + value: {{ .Values.global.keystorePassword }} + - name: AUTHENTICATION + value: proprietary-auth ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -56,7 +67,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /share/debug-logs - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-certs + mountPath: /share/etc/certs + - name: {{ include "common.fullname" . }}-certs + mountPath: /opt/app/cmso/src/main/resources/aaf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -80,5 +95,8 @@ spec: path: cadi.properties - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: {{ include "common.fullname" . }}-certs + secret: + secretName: {{ .Release.Name }}-{{ .Values.global.commonConfigPrefix }}-certs imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml index f19b8e2b1b..7c687f521b 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -19,7 +19,8 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + authentication: proprietary-auth + subChartsOnly: enabled: true diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties index 9a6b91c602..871341d1fa 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties @@ -17,5 +17,5 @@ # #------------------------------------------------------------------------------- cadi_loglevel=DEBUG -cadi_prop_files=src/main/resources/aaf/org.onap.oof.props +cadi_prop_files=/share/etc/certs/org.onap.oof.props diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties index 5ca252f9bc..d687ab376d 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties @@ -28,3 +28,6 @@ # See the License for the specific language governing permissions and # limitations under the License. #------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=/share/etc/certs/org.onap.oof.props +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml index 02f398301f..2b36b296cd 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml @@ -34,6 +34,17 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: JAVA_TRUSTSTORE + value: /share/etc/certs/{{ .Values.global.truststoreFile }} + - name: SSL_KEYSTORE + value: /share/etc/certs/{{ .Values.global.keystoreFile }} + - name: JAVA_TRUSTSTORE_PASSWORD + value: {{ .Values.global.truststorePassword }} + - name: SSL_KEYSTORE_PASSWORD + value: {{ .Values.global.keystorePassword }} + - name: AUTHENTICATION + value: {{ .Values.global.authentication }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -56,7 +67,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /share/debug-logs - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-certs + mountPath: /share/etc/certs + - name: {{ include "common.fullname" . }}-certs + mountPath: /opt/app/cmso/src/main/resources/aaf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -80,5 +95,8 @@ spec: path: topology.properties - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: {{ include "common.fullname" . }}-certs + secret: + secretName: {{ .Release.Name }}-{{ .Values.global.commonConfigPrefix }}-certs imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/AAFUserRoles.properties b/kubernetes/oof/charts/oof-cmso/resources/certs/AAFUserRoles.properties new file mode 100644 index 0000000000..e7fc221a20 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/resources/certs/AAFUserRoles.properties @@ -0,0 +1 @@ +/**=org.onap.oof.access|*|get ALL \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.cred.props b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.cred.props new file mode 100644 index 0000000000..b56c500ffd --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.cred.props @@ -0,0 +1,22 @@ + # ------------------------------------------------------------------------- + # Copyright (c) 2019 AT&T Intellectual Property + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # ------------------------------------------------------------------------- + # + +aaf_id=oof@oof.onap.org +aaf_password=demo123456! +cadi_keyfile=/share/etc/certs/org.onap.oof.keyfile +cadi_truststore=/share/etc/certs//truststoreONAPall.jks diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks new file mode 100644 index 0000000000..535abaa92b Binary files /dev/null and b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks differ diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile new file mode 100644 index 0000000000..f85a567981 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile @@ -0,0 +1,27 @@ +liD-IR8Y1MHqPDTUqq3AaTtqnWn5jCpfIRBlyi6xY4A0fbQz8ZPlTZPHkshRt0dHdST3R7TIvTyQ +JpTCeBNBu2df3vBbUzsN0rIpPG9TGjzmE7cRu4V4kfefSqsIj-S7OTAaWaWpwGWJYLLCB2sQALkS +f68VWdupUEw3g9jqCU1QzjKOnLGvhlp6Qrc1xG4Z5Ar8WERw-C3DqTWUKANoEvjWkvH2rAywzj93 +pmspvd5fQfH1rp1ACNvnPrRb_oYNfwPrNpE7Sb4LvM1muoiKMDF64IDO0TkxhjHZ9wpJgVsnowby +qmokqf39dMRRk3S1IEpOiBGyLS_885JDj_XJKYRQsjvkTzjpFJ7wE2-HDZEVWCITvtS9-Xorm5TI +3iU4rjMDew5fkBnjoKuSOS7Lksva4ouZOCiUkDos1jAJ5XMDEQm4BcPHtcW6PpC602-qRcgnNjjP +wOPdF7hCm27ZTai3lAtNGByR7oBr9r5Uma-soORFvg8drV8Rgh0lax-poFVhoEH7RhKPIzYpSco9 +jnpURzi_epTjAhjjup-erTv2GAIllKsSEHZLbfsFWlNUZTOx58PSB0jBN5m_8HxTyNm0zsm0Cb7U +KsjPduQ5ZblsfRIJwqpOBXoof7WerKReMZSOdgjZUNueiuEImVH9_SYOdKZhkluSi4yfEtme7CCP +kZ2JhdiT5km3SeonalhU2MUsx60krxyQ1mnjI4jS9QagUME4mujdvM_L7mtjcPZVSfXUn49whakE +J-NQV6q2iZgN2IxsT_uCnlZYwnE5i-IbQkQAEu13m6ETsMmf0cwPnKaSwRhb8G48EkJhTL-GP9Z0 +-EsIKT7lQt7kfX-mmNoEirTg9gQAaN3uxLmdHvXpeJdlETnnaLYYJJ3h-SL0e_5Yz2SpdsEwZ3Bk +PtR-QvlYKDhG1nhPOna65ctCzn81PZOUP3lsO6MSTOK6D6Taxfh1TYEBAvzCP0BfFBodw4lSglFP +I5IfdiJmomTGARa36nC_O5YzH_jBWLQrgd2gxI5H5bB-5zqzu79SGX9o2_LRVY_LVV0BmI3xSYOI +vziYYC1XyTY6blfdiOM5a5KjraErxSTEFZVFrsx4OQ_dLA0woVtixawrIy1rgfQr49U1oIRe8BgN +j3eis_UQAbPbmdbEe1qtXnvi6T7trHskzt6K-vTgo5ITJkr-F2Sds_QgNdaFBGuES6X5RwRGlbHT +Tl_M8Ja_1K-RMNKJRssoRTKstpwnrhk9IcoSwYcLykbDLgeC0mhSMHOOuWv1RGRaZdzObc5YA1eB +idQmzy5xAHzNxPHHrB-fpjFJRYv_QZY9qZcGvP58d6bHO0upxbj-BBt9zfc7Qt0JLU6EAdYbW5TI +2v4JImikrx6KvtoK8vcjJMTDAanTVB31J65tat0rq9wYKxUdjBJLzkT3psYs_DRtYQc0i02YTD7t +dWya0-3p1Yrt0em3XGb8JAh2PA3BsQKmvKAOc054wf_B8n8saxSFw1WQL30vU5c4-Z_p53HfaUYd +Qg7DZskzgwBRy48sLJNCrn81RtxXfQP1XtPEZs-AAlTUslHoUdoQ1cwrYEgkNT1cjk6sLI_oKSK- +dDICBnlYLrZRBS3sH8K38WaIh1WRY6vbGVDs1tUectUpng_-Khavd0Crw7D_CE6T7Rnfcn0pnTV- +HW1PIXejFsONQn-2c3a9HZ-v6Hg4JL6UWm-qgBPC5118ymO0LfmrviAFAC6Wt3WFiNzrvx9Jggus +lE0qvLVfkQVZXAy-hSPHlYZmtxk5voVsf60qPoDN2-NdpWz62M9PrXd_A03YGxzt0G6J4VXExRES +xqLeGNGB496AfX_vEub97sR8xcbbUXsyt12uVnygifGyND60coikaKrMktv2OLOLEl8AudLp0ZNA +oOoYJZqfUnQqaLt0dNmNa5OtzYjf7f6bYX0V8XLTHlFqZ6QzqYGFMPNhDYjqtet6d--Q8t7_5S5C +RfXP8Wh8CjbEh2_rsr9rvy1nhM_Cptxc0BFXcS5Dt_R4vjd2G4B_LEC4Hy1s_rZThzUVxRCl \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.location.props b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.location.props new file mode 100644 index 0000000000..7e154c4665 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.location.props @@ -0,0 +1,20 @@ + # ------------------------------------------------------------------------- + # Copyright (c) 2019 AT&T Intellectual Property + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # ------------------------------------------------------------------------- + # + +cadi_latitude=0.00 +cadi_longitude=0.00 diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.props b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.props new file mode 100644 index 0000000000..c96e7f7b04 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.props @@ -0,0 +1,26 @@ + # ------------------------------------------------------------------------- + # Copyright (c) 2019 AT&T Intellectual Property + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # ------------------------------------------------------------------------- + # + +aaf_id=oof@oof.onap.org +aaf_locate_url=https://aaf-locate:8095 +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_etc_dir=/share/etc/certs/ +cadi_latitude=0.00 +cadi_longitude=0.00 +cadi_prop_files=/share/etc/certs/org.onap.oof.location.props:/share/etc/certs/org.onap.oof.cred.props +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 diff --git a/kubernetes/aai/resources/config/auth/truststoreONAPall.jks b/kubernetes/oof/charts/oof-cmso/resources/certs/truststoreONAPall.jks similarity index 100% rename from kubernetes/aai/resources/config/auth/truststoreONAPall.jks rename to kubernetes/oof/charts/oof-cmso/resources/certs/truststoreONAPall.jks diff --git a/kubernetes/aai/resources/config/log/filebeat/filebeat.yml b/kubernetes/oof/charts/oof-cmso/resources/log/filebeat/filebeat.yml similarity index 95% rename from kubernetes/aai/resources/config/log/filebeat/filebeat.yml rename to kubernetes/oof/charts/oof-cmso/resources/log/filebeat/filebeat.yml index 39cc6db9bf..50586783e9 100644 --- a/kubernetes/aai/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/oof/charts/oof-cmso/resources/log/filebeat/filebeat.yml @@ -35,7 +35,7 @@ output.logstash: #List of logstash server ip addresses with port number. #But, in our case, this will be the loadbalancer IP address. #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + hosts: ["{{.Values.config.log.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.log.logstashPort}}"] #If enable will do load balancing among availabe Logstash, automatically. loadbalance: true diff --git a/kubernetes/so/charts/so-mariadb/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/templates/configmap.yaml old mode 100755 new mode 100644 similarity index 84% rename from kubernetes/so/charts/so-mariadb/templates/configmap.yaml rename to kubernetes/oof/charts/oof-cmso/templates/configmap.yaml index a470bb268c..f906fac23e --- a/kubernetes/so/charts/so-mariadb/templates/configmap.yaml +++ b/kubernetes/oof/charts/oof-cmso/templates/configmap.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,10 +12,11 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + apiVersion: v1 kind: ConfigMap metadata: - name: confd-configmap + name: {{ .Release.Name }}-cmso-filebeat-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -22,4 +24,4 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} \ No newline at end of file +{{ tpl (.Files.Glob "resources/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-data-router/templates/secret.yaml b/kubernetes/oof/charts/oof-cmso/templates/secret.yaml similarity index 88% rename from kubernetes/aai/charts/aai-data-router/templates/secret.yaml rename to kubernetes/oof/charts/oof-cmso/templates/secret.yaml index 6084ca3d4d..a742914c49 100644 --- a/kubernetes/aai/charts/aai-data-router/templates/secret.yaml +++ b/kubernetes/oof/charts/oof-cmso/templates/secret.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-certs namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -24,4 +24,4 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/values.yaml b/kubernetes/oof/charts/oof-cmso/values.yaml index 3c5edb3754..c4985df5a1 100644 --- a/kubernetes/oof/charts/oof-cmso/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/values.yaml @@ -32,4 +32,19 @@ mariadb-galera: mysqlDatabase: cmso externalConfig: | [mysqld] - lower_case_table_names = 1 \ No newline at end of file + lower_case_table_names = 1 + +global: + commonConfigPrefix: "oof-cmso" + truststoreFile: "truststoreONAPall.jks" + keystoreFile: "org.onap.oof.jks" + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + keystorePassword: N{$tSp*U)RQzjqE;)%4z;Pv[ + truststorePassword: + authentication: aaf-auth + +config: + log: + logstashServiceName: log-ls + logstashPort: 5044 \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml index 9940305659..43015c729f 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml @@ -84,15 +84,10 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - python - args: - - /usr/local/bin/conductor-api - - --port={{ .Values.service.internalPort }} - - -- - - --config-file=/usr/local/bin/conductor.conf + command: ["/bin/bash","-c"] + args: ["nginx && /usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port=80 --die-on-term --exit-on-reload --logto /opt/conductor-uwsgi.log --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --logfile-chown --logfile-chmod 664 --protocol=uwsgi --socket 0.0.0.0:80"] ports: - - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.liveness.periodSeconds }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if .Values.liveness.enabled }} @@ -112,8 +107,11 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - mountPath: /usr/local/bin/conductor.conf - name: {{ .Values.global.commonConfigPrefix }}-config + - mountPath: /etc/nginx/nginx.conf + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: nginx.conf + - mountPath: /usr/local/etc/conductor/conductor.conf + name: {{ .Values.global.commonConfigPrefix }}-config subPath: conductor.conf - mountPath: /usr/local/bin/log.conf name: {{ .Values.global.commonConfigPrefix }}-config @@ -121,6 +119,12 @@ spec: - mountPath: /usr/local/bin/AAF_RootCA.cer name: {{ .Values.global.commonConfigPrefix }}-config subPath: AAF_RootCA.cer + - mountPath: /etc/nginx/ssl/org.onap.oof.crt + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: org.onap.oof.crt + - mountPath: /etc/nginx/ssl/org.onap.oof.key + name: {{ .Values.global.commonConfigPrefix }}-config + subPath: org.onap.oof.key resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -139,11 +143,17 @@ spec: configMap: name: {{ .Values.global.commonConfigPrefix }}-configmap items: + - key: nginx.conf + path: nginx.conf - key: conductor.conf path: conductor.conf - key: log.conf path: log.conf - key: AAF_RootCA.cer path: AAF_RootCA.cer + - key: org.onap.oof.key + path: org.onap.oof.key + - key: org.onap.oof.crt + path: org.onap.oof.crt imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/values.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/values.yaml index c1f18ef048..df13309087 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/values.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/values.yaml @@ -12,6 +12,9 @@ # See the License for the specific language governing permissions and # limitations under the License. +global: # global defaults + nodePortPrefix: 302 + service: type: NodePort name: oof-has-api diff --git a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf index 4db857a898..2b5a0115bb 100755 --- a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf @@ -20,7 +20,7 @@ # # Configuration file for WSGI definition of API. (string value) -#api_paste_config = api_paste.ini +api_paste_config = /usr/local/etc/conductor/api_paste.ini # Music keyspace for content (string value) #keyspace = conductor diff --git a/kubernetes/oof/charts/oof-has/resources/config/nginx.conf b/kubernetes/oof/charts/oof-has/resources/config/nginx.conf new file mode 100644 index 0000000000..3db6a21c3a --- /dev/null +++ b/kubernetes/oof/charts/oof-has/resources/config/nginx.conf @@ -0,0 +1,31 @@ +events { + worker_connections 768; + # multi_accept on; +} + +http { + # ... + upstream conductor_uwsgi { + server 127.0.0.1:80; + } + + server { + + listen 8091 ssl; + server_name oof; + ssl_certificate /etc/nginx/ssl/org.onap.oof.crt; + ssl_certificate_key /etc/nginx/ssl/org.onap.oof.key; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; + + location / { + include /etc/nginx/uwsgi_params; + uwsgi_pass conductor_uwsgi; + + uwsgi_param Host $host; + uwsgi_param X-Real-IP $remote_addr; + uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for; + uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto; + } + } +} diff --git a/kubernetes/oof/charts/oof-has/resources/config/org.onap.oof.crt b/kubernetes/oof/charts/oof-has/resources/config/org.onap.oof.crt new file mode 100644 index 0000000000..ddd9b64a36 --- /dev/null +++ b/kubernetes/oof/charts/oof-has/resources/config/org.onap.oof.crt @@ -0,0 +1,84 @@ +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIIfDQFJU4qiGIwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDUwOTAzMzYxN1oXDTIwMDUwOTAzMzYxN1ow +fjEkMCIGA1UEAwwbb29mLmFwaS5zaW1wbGVkZW1vLm9uYXAub3JnMQ8wDQYJKoZI +hvcNAQkBFgAxGTAXBgNVBAsMEG9vZkBvb2Yub25hcC5vcmcxDjAMBgNVBAsMBU9T +QUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAIVFAR2i+qXd4hYeiXiTgoTyHeZQt0ndSq1aJ/tsiPEz +cH3/egq2nYGzC9zccDip8Vyd8uP54hw6OD8ulgssuxrRUppR0TcNp7TPzNIYbnOI +hjxU4XHCUQbhH4lt8+KVZDGCeWuDOTKXMZ2ZDj/WUcHXJA+2XDpUY6Gdg4K8+Mgu +CIOzqTkLl0Nz1a0FopZkSjf8nF0R1hf7XtbQorywLz7RL++nEh1a+vDkmVcSmLyW +fhI2uteuRFg3v9Y+Ebkp37QZ4oTpAjSyUKbvKuE0dhRvoTSRmjIxKFxiGrQBrMyJ +S3eQJR6USuRhxk2fZx9jTTPiVS5QotoTOO0C2xw9sBsCAwEAAaOCAUgwggFEMAkG +A1UdEwQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjBUBgNVHSMETTBLgBSB95lbELnIjN7zUl7qTmmgQz6s3aEwpC4w +LDEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEH +MB0GA1UdDgQWBBSaLxp34n5RCgXcMF4JKn+Z+HqMRTCBjwYDVR0RBIGHMIGEghtv +b2YuYXBpLnNpbXBsZWRlbW8ub25hcC5vcmeCCWNtc28tb25hcIIcY21zby5hcGku +c2ltcGxlZGVtby5vbmFwLm9yZ4IJY21zby5vbmFwggtvb2YtaGFzLWFwaYIQb29m +LWhhcy1hcGkub25hcIIIb29mLW9uYXCCCG9vZi5vbmFwMA0GCSqGSIb3DQEBCwUA +A4IBAQBarLs2rX/Av0CevlVcvGi73CsvBCtS18jz4Bj/cxuIDZzEHXtOoUmJ8FrI +9sG2cyZlqCBcND67VJfXsd34amhORnAwzzOjZGWgqvNfP9ayT/Ai1IAeBC0q33vu +h7v7wgV/cbZ+uNeU6ubN47JaW0pw6q7IBIhbTtnmBC+JmM0MLXt/zdU+/mbHEq7N +X+1AHDfM7VTzGrDTLt9DEX2tpBlj7l46Xp6UXWlbXUk2cHVzhNrhdgGDPHVs1MRT +ts3PvNAKyo1zHBRRS0asLVSes0Fge1O6x4RD5vbvFQxhawZsrvS2RRrLiCJNoMP3 +BiU0GD9vLvQy2SB+xBER57WuBsas +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/kubernetes/oof/charts/oof-has/resources/config/org.onap.oof.key b/kubernetes/oof/charts/oof-has/resources/config/org.onap.oof.key new file mode 100644 index 0000000000..848db05de7 --- /dev/null +++ b/kubernetes/oof/charts/oof-has/resources/config/org.onap.oof.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCFRQEdovql3eIW +Hol4k4KE8h3mULdJ3UqtWif7bIjxM3B9/3oKtp2Bswvc3HA4qfFcnfLj+eIcOjg/ +LpYLLLsa0VKaUdE3Dae0z8zSGG5ziIY8VOFxwlEG4R+JbfPilWQxgnlrgzkylzGd +mQ4/1lHB1yQPtlw6VGOhnYOCvPjILgiDs6k5C5dDc9WtBaKWZEo3/JxdEdYX+17W +0KK8sC8+0S/vpxIdWvrw5JlXEpi8ln4SNrrXrkRYN7/WPhG5Kd+0GeKE6QI0slCm +7yrhNHYUb6E0kZoyMShcYhq0AazMiUt3kCUelErkYcZNn2cfY00z4lUuUKLaEzjt +AtscPbAbAgMBAAECggEAUSSNpFzaXel2Qd9/9kFiQ84jNFtK7hdl45y0IVqZGrsm +MCFATouX5SN+ApDZZzbZ9XlaLUK1UFiGbLnRs6Ydmht/PuS4DNwsk2O+ouErRv8G +NG++AIS+zwB9MjEXQIuTQK3fff2c8tep5voM+gNlLi/vDf4Ls5w0OW/tZcnndAHp +qpepSMd29gIwi9nViCD11k32UdQ7oAb7pB+RXleol1181945reuuvzIqfGamvfhl +TXdGO3GT7bSiy0q2iFGiAeEBfCNqYs3ptJrDrUSiPD7CZOybUFxGfI8lnrW/yvya +FrwIZuOkLdnCDssXsFzWz08NJ8sr2/HZZBgl9nbFoQKBgQDHVwq244eyUtNalRvZ +HPiRewSwp4A1pYBzk5DmcYLgKrXUlukYy7pKr8VoH899iWVPzWKqNkHavV2KvcSr +4dyNnEytAKiBqcb4piAzajgWG+m27WvITDF2zJhzx+91E1tngtyjKNzAHWG57A/W +S3H4Cm2eidXe6lKURL0RJ4QLcQKBgQCrJlnyPCf3qfcHkXW/EYlzmJMDSasgLEBl +/dthVZ8QRshooyzJTCckN2PXO+mbuarwmnjtb8ZS/PzPSZ7cAKfZOHgzWOPM5I45 +n0axJmrSZ+dUz270q8R1sVfqd0/jH4LjwuCQMKZmN+UpTijA2hKVWUCxcML7KtXT +QP3TQSy2SwKBgDlPgxsVy3uvaGiQmhMPyz84WR7Y6XmC/a087dnzJKeCYAig4p9o +Y0T5yA2pp6P2DpSk/grl0oUrEGvFJ3grVZe5KipLGCc/Qp9WU8e0cC+bEtSu6eAK +V+ZJ6ELRZr0INa1K6FhYdS8ew2wKvHrl8fxYMy/zfPO79sX+BUWbUNFhAoGAK5FQ +tkw/9FjM7J1HtwLU1ZtSWTTongEFx7DOpsFwA2mxXImlPfznvd1nygOTXTPvYt4/ +yFl6x+dkx7O6/9Ae6jnox1Fqc97+oYZ9LV1VNgiDJ+DCIwCSu08QzTvgFzYPUMFr +/uiTg1PZPyGJWEZrEp+syz6kM+HcmrFhq+RcaG8CgYEAtgHnJWL3v9r1jTP1YLRm +C7tXJ5a/xs3+KuM6vmSpAwkDvV50RK07ypGZqWsG2ewjUqxpAOeoiMn0dRRGP324 +yNCXUWjTVFbzdtzOQuOZVnEeje3K8xHUS3kv9zm1TgMbCRJgvc1THXhderiBShOK +ATP2Y7+WNByxs+TXGI//cFQ= +-----END PRIVATE KEY----- \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-has/values.yaml b/kubernetes/oof/charts/oof-has/values.yaml index d223f4b9a2..69e24c7176 100755 --- a/kubernetes/oof/charts/oof-has/values.yaml +++ b/kubernetes/oof/charts/oof-has/values.yaml @@ -25,7 +25,7 @@ global: commonConfigPrefix: onap-oof-has image: readiness: oomk8s/readiness-check:2.0.0 - optf_has: onap/optf-has:1.2.5 + optf_has: onap/optf-has:1.3.0-SNAPSHOT-latest filebeat: docker.elastic.co/beats/filebeat:5.5.0 pullPolicy: Always diff --git a/kubernetes/oof/resources/config/common_config.yaml b/kubernetes/oof/resources/config/common_config.yaml new file mode 100644 index 0000000000..03972a7e1f --- /dev/null +++ b/kubernetes/oof/resources/config/common_config.yaml @@ -0,0 +1,82 @@ +osdf_system: + libpath: /opt/app/osdf/libs + osdf_ports: + internal: 8699 # inside the Docker container, the app listens to this port + external: 8698 # clients use this port on DockerHost + osdf_ip_default: 0.0.0.0 +# # Important Note: At deployment time, we need to ensure the port mapping is done + ssl_context: ['/opt/app/ssl_cert/org.onap.oof.crt', '/opt/app/ssl_cert/org.onap.oof.key'] + +osdf_temp: # special configuration required for "workarounds" or testing + local_policies: + global_disabled: True + local_placement_policies_enabled: True + placement_policy_dir_vcpe: "./test/policy-local-files/" + placement_policy_files_vcpe: # workaroud for policy platform glitches (or "work-arounds" for other components) + - Affinity_vCPE_1.json + #- Capacity_vGMuxInfra.json + #- Capacity_vG_1.json + - Distance_vG_1.json + - Distance_vGMuxInfra_1.json + - hpa_policy_vG_1.json + - hpa_policy_vGMuxInfra_1.json + - Placement_Optimization_1.json + - QueryPolicy_vCPE.json + - vnfPolicy_vG.json + - vnfPolicy_vGMuxInfra.json + placement_policy_dir_vfw: "./test/policy-local-files/" + placement_policy_files_vfw: # workaroud for policy platform glitches (or "work-arounds" for other components) + #- Capacity_vFW_1.json + - Distance_vFW_1.json + - hpa_policy_vFW_1.json + - Placement_Optimization_1.json + - QueryPolicy_vFW.json + - vnfPolicy_vFW.json + placement_policy_dir_vfw_td: "./test/policy-local-files/" + placement_policy_files_vfw_td: + - vnfPolicy_vFW_TD.json + - vnfPolicy_vPGN_TD.json + - affinity_vFW_TD.json + - QueryPolicy_vFW_TD.json +service_info: + vCPE: + vcpeHostName: requestParameters.vcpeHostName + e2eVpnKey: requestParameters.e2eVpnKey + vFW: + vcpeHostName: requestParameters.vcpeHostName + e2eVpnKey: requestParameters.e2eVpnKey + +references: + service_name: + source: request + value: serviceInfo.serviceName + subscriber_role: + source: SubscriberPolicy + value: content.properties.subscriberRole + +policy_info: + prioritization_attributes: + policy_type: + - content.policyType + resources: + - content.resources + - content.objectiveParameter.parameterAttributes.resources + service_name: + - content.serviceName + + placement: + policy_fetch: by_scope + policy_scope: + default_scope: OSDF_CASABLANCA + vcpe_scope: OSDF_CASABLANCA + vfw_scope: OSDF_DUBLIN + secondary_scopes: + - + - get_param: service_name + - US + # - + # - get_param: service_name + # - get_param: subscriber_role + default: # if no explicit service related information is needed + policy_fetch: by_name + policy_scope: none diff --git a/kubernetes/oof/resources/config/org.onap.oof.crt b/kubernetes/oof/resources/config/org.onap.oof.crt new file mode 100644 index 0000000000..224d39375b --- /dev/null +++ b/kubernetes/oof/resources/config/org.onap.oof.crt @@ -0,0 +1,86 @@ +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIIfDQFJU4qiGIwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDUwOTAzMzYxN1oXDTIwMDUwOTAzMzYxN1ow +fjEkMCIGA1UEAwwbb29mLmFwaS5zaW1wbGVkZW1vLm9uYXAub3JnMQ8wDQYJKoZI +hvcNAQkBFgAxGTAXBgNVBAsMEG9vZkBvb2Yub25hcC5vcmcxDjAMBgNVBAsMBU9T +QUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAIVFAR2i+qXd4hYeiXiTgoTyHeZQt0ndSq1aJ/tsiPEz +cH3/egq2nYGzC9zccDip8Vyd8uP54hw6OD8ulgssuxrRUppR0TcNp7TPzNIYbnOI +hjxU4XHCUQbhH4lt8+KVZDGCeWuDOTKXMZ2ZDj/WUcHXJA+2XDpUY6Gdg4K8+Mgu +CIOzqTkLl0Nz1a0FopZkSjf8nF0R1hf7XtbQorywLz7RL++nEh1a+vDkmVcSmLyW +fhI2uteuRFg3v9Y+Ebkp37QZ4oTpAjSyUKbvKuE0dhRvoTSRmjIxKFxiGrQBrMyJ +S3eQJR6USuRhxk2fZx9jTTPiVS5QotoTOO0C2xw9sBsCAwEAAaOCAUgwggFEMAkG +A1UdEwQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjBUBgNVHSMETTBLgBSB95lbELnIjN7zUl7qTmmgQz6s3aEwpC4w +LDEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEH +MB0GA1UdDgQWBBSaLxp34n5RCgXcMF4JKn+Z+HqMRTCBjwYDVR0RBIGHMIGEghtv +b2YuYXBpLnNpbXBsZWRlbW8ub25hcC5vcmeCCWNtc28tb25hcIIcY21zby5hcGku +c2ltcGxlZGVtby5vbmFwLm9yZ4IJY21zby5vbmFwggtvb2YtaGFzLWFwaYIQb29m +LWhhcy1hcGkub25hcIIIb29mLW9uYXCCCG9vZi5vbmFwMA0GCSqGSIb3DQEBCwUA +A4IBAQBarLs2rX/Av0CevlVcvGi73CsvBCtS18jz4Bj/cxuIDZzEHXtOoUmJ8FrI +9sG2cyZlqCBcND67VJfXsd34amhORnAwzzOjZGWgqvNfP9ayT/Ai1IAeBC0q33vu +h7v7wgV/cbZ+uNeU6ubN47JaW0pw6q7IBIhbTtnmBC+JmM0MLXt/zdU+/mbHEq7N +X+1AHDfM7VTzGrDTLt9DEX2tpBlj7l46Xp6UXWlbXUk2cHVzhNrhdgGDPHVs1MRT +ts3PvNAKyo1zHBRRS0asLVSes0Fge1O6x4RD5vbvFQxhawZsrvS2RRrLiCJNoMP3 +BiU0GD9vLvQy2SB+xBER57WuBsas +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- + + diff --git a/kubernetes/oof/resources/config/org.onap.oof.key b/kubernetes/oof/resources/config/org.onap.oof.key new file mode 100644 index 0000000000..a261fda9ed --- /dev/null +++ b/kubernetes/oof/resources/config/org.onap.oof.key @@ -0,0 +1,29 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCFRQEdovql3eIW +Hol4k4KE8h3mULdJ3UqtWif7bIjxM3B9/3oKtp2Bswvc3HA4qfFcnfLj+eIcOjg/ +LpYLLLsa0VKaUdE3Dae0z8zSGG5ziIY8VOFxwlEG4R+JbfPilWQxgnlrgzkylzGd +mQ4/1lHB1yQPtlw6VGOhnYOCvPjILgiDs6k5C5dDc9WtBaKWZEo3/JxdEdYX+17W +0KK8sC8+0S/vpxIdWvrw5JlXEpi8ln4SNrrXrkRYN7/WPhG5Kd+0GeKE6QI0slCm +7yrhNHYUb6E0kZoyMShcYhq0AazMiUt3kCUelErkYcZNn2cfY00z4lUuUKLaEzjt +AtscPbAbAgMBAAECggEAUSSNpFzaXel2Qd9/9kFiQ84jNFtK7hdl45y0IVqZGrsm +MCFATouX5SN+ApDZZzbZ9XlaLUK1UFiGbLnRs6Ydmht/PuS4DNwsk2O+ouErRv8G +NG++AIS+zwB9MjEXQIuTQK3fff2c8tep5voM+gNlLi/vDf4Ls5w0OW/tZcnndAHp +qpepSMd29gIwi9nViCD11k32UdQ7oAb7pB+RXleol1181945reuuvzIqfGamvfhl +TXdGO3GT7bSiy0q2iFGiAeEBfCNqYs3ptJrDrUSiPD7CZOybUFxGfI8lnrW/yvya +FrwIZuOkLdnCDssXsFzWz08NJ8sr2/HZZBgl9nbFoQKBgQDHVwq244eyUtNalRvZ +HPiRewSwp4A1pYBzk5DmcYLgKrXUlukYy7pKr8VoH899iWVPzWKqNkHavV2KvcSr +4dyNnEytAKiBqcb4piAzajgWG+m27WvITDF2zJhzx+91E1tngtyjKNzAHWG57A/W +S3H4Cm2eidXe6lKURL0RJ4QLcQKBgQCrJlnyPCf3qfcHkXW/EYlzmJMDSasgLEBl +/dthVZ8QRshooyzJTCckN2PXO+mbuarwmnjtb8ZS/PzPSZ7cAKfZOHgzWOPM5I45 +n0axJmrSZ+dUz270q8R1sVfqd0/jH4LjwuCQMKZmN+UpTijA2hKVWUCxcML7KtXT +QP3TQSy2SwKBgDlPgxsVy3uvaGiQmhMPyz84WR7Y6XmC/a087dnzJKeCYAig4p9o +Y0T5yA2pp6P2DpSk/grl0oUrEGvFJ3grVZe5KipLGCc/Qp9WU8e0cC+bEtSu6eAK +V+ZJ6ELRZr0INa1K6FhYdS8ew2wKvHrl8fxYMy/zfPO79sX+BUWbUNFhAoGAK5FQ +tkw/9FjM7J1HtwLU1ZtSWTTongEFx7DOpsFwA2mxXImlPfznvd1nygOTXTPvYt4/ +yFl6x+dkx7O6/9Ae6jnox1Fqc97+oYZ9LV1VNgiDJ+DCIwCSu08QzTvgFzYPUMFr +/uiTg1PZPyGJWEZrEp+syz6kM+HcmrFhq+RcaG8CgYEAtgHnJWL3v9r1jTP1YLRm +C7tXJ5a/xs3+KuM6vmSpAwkDvV50RK07ypGZqWsG2ewjUqxpAOeoiMn0dRRGP324 +yNCXUWjTVFbzdtzOQuOZVnEeje3K8xHUS3kv9zm1TgMbCRJgvc1THXhderiBShOK +ATP2Y7+WNByxs+TXGI//cFQ= +-----END PRIVATE KEY----- + diff --git a/kubernetes/oof/resources/config/osdf_config.yaml b/kubernetes/oof/resources/config/osdf_config.yaml index fea3d908cf..4dd3097918 100755 --- a/kubernetes/oof/resources/config/osdf_config.yaml +++ b/kubernetes/oof/resources/config/osdf_config.yaml @@ -60,7 +60,7 @@ osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }} osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }} is_aaf_enabled: {{ .Values.config.is_aaf_enabled }} -aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }} +aaf_cache_expiry_mins: {{ .Values.config.aaf_cache_expiry_mins }} aaf_url: {{ .Values.config.aaf_url }} aaf_user_roles: {{- range .Values.config.aaf_user_roles }} diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index d4558b72dd..3c5306e644 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -95,6 +95,15 @@ spec: - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer name: {{ include "common.fullname" . }}-config subPath: aaf_root_ca.cer + - mountPath: /opt/app/ssl_cert/org.onap.oof.crt + name: {{ include "common.fullname" . }}-config + subPath: org.onap.oof.crt + - mountPath: /opt/app/ssl_cert/org.onap.oof.key + name: {{ include "common.fullname" . }}-config + subPath: org.onap.oof.key + - mountPath: /opt/osdf/config/common_config.yaml + name: {{ include "common.fullname" . }}-config + subPath: common_config.yaml resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -118,5 +127,11 @@ spec: path: osdf_config.yaml - key: aaf_root_ca.cer path: aaf_root_ca.cer + - key: common_config.yaml + path: common_config.yaml + - key: org.onap.oof.crt + path: org.onap.oof.crt + - key: org.onap.oof.key + path: org.onap.oof.key imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index 24a0333e5a..5099091b4a 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/optf-osdf:1.2.4 +image: onap/optf-osdf:1.3.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required @@ -49,7 +49,7 @@ config: soUsername: "" # SO username for call back. soPassword: "" # SO password for call back. # Url and credentials for Conductor. - conductorUrl: http://oof-has-api:8091/v1/plans/ + conductorUrl: https://oof-has-api:8091/v1/plans/ conductorUsername: admin1 conductorPassword: plan.15 conductorPingWaitTime: 60 @@ -87,10 +87,11 @@ config: osdfCMSchedulerPassword: testpwd1 #AAF Authentication is_aaf_enabled: False - aaf_cache_expiry_hrs: 3 + aaf_cache_expiry_mins: 5 aaf_url: https://aaf-service:8100 aaf_user_roles: - - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL' + - '/placement:org.onap.oof.access|*|read ALL' + - '/pci:org.onap.oof.access|*|read ALL' # Secret Management Service from AAF aaf_sms_url: https://aaf-sms aaf_sms_port: 10443 diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index 841aa3a6a7..e7c6928b0a 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -70,15 +70,15 @@ POLICY_PDP_PAP_API_SECRET= # PAP -PAP_HOST={{.Values.global.pap.nameOverride}} -PAP_USERNAME=testpap -PAP_PASSWORD=alpha123 +PAP_HOST=policy-pap +PAP_USERNAME=healthcheck +PAP_PASSWORD=zb!XztG34 # PDP-X -PDP_HOST={{.Values.global.pdp.nameOverride}} -PDP_USERNAME=testpdp -PDP_PASSWORD=alpha123 +PDP_HOST=policy-xacml-pdp +PDP_USERNAME=healthcheck +PDP_PASSWORD=zb!XztG34 PDP_CLIENT_USERNAME=python PDP_CLIENT_PASSWORD=test PDP_ENVIRONMENT=TEST @@ -113,6 +113,6 @@ VFC_PASSWORD= # SDNC -SDNC_URL= -SDNC_USERNAME= -SDNC_PASSWORD= +SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations +SDNC_USERNAME=admin +SDNC_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json b/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json new file mode 100644 index 0000000000..9de4a8b5b5 --- /dev/null +++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json @@ -0,0 +1,16 @@ +{ + "name":"OnapPfParameterGroup", + "restServerParameters": { + "host": "0.0.0.0", + "port": 6969, + "userName": "healthcheck", + "password": "zb!XztG34", + "https": true + }, + "pdpStatusParameters":{ + "timeIntervalMs": 120000, + "pdpType":"apex", + "description":"Pdp Heartbeat", + "supportedPolicyTypes":[{"name":"onap.policies.controlloop.operational.Apex","version":"1.0.0"}] + } +} diff --git a/kubernetes/aai/charts/aai-spike/resources/config/edgeprops-ingest.properties b/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties similarity index 68% rename from kubernetes/aai/charts/aai-spike/resources/config/edgeprops-ingest.properties rename to kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties index b0a315041d..b61626b2da 100644 --- a/kubernetes/aai/charts/aai-spike/resources/config/edgeprops-ingest.properties +++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties @@ -1,23 +1,23 @@ -# # ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Copyright © 2018 Amdocs +# Copyright (C) 2019 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# ============LICENSE_END========================================================= # +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dmaap.source.topics=POLICY-PDP-PAP +dmaap.sink.topics=POLICY-PDP-PAP -# DB Edge Property files are copied here: -edgePropsDir=/opt/app/spike/config/model/edge_props +dmaap.source.topics.POLICY-PDP-PAP.servers= message-router +dmaap.sink.topics.POLICY-PDP-PAP.servers= message-router \ No newline at end of file diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml index 318ad34491..937a5b4afd 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml @@ -22,5 +22,4 @@ metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} - +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml index 29a24e66bf..f1c024bc4e 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml @@ -42,9 +42,11 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" command: - - /opt/app/policy/apex-pdp/bin/apexEngine.sh + - /opt/app/policy/apex-pdp/bin/apexOnapPf.sh - -c - - /home/apexuser/config/config.json + - /home/apexuser/config/OnapPfConfig.json + - -p + - /home/apexuser/config/topic.properties imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.externalPort }} diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml index 95b2d2c28d..70994300db 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml @@ -59,7 +59,7 @@ service: type: NodePort name: policy-apex-pdp portName: policy-apex-pdp - externalPort: 12345 + externalPort: 6969 nodePort: 37 ingress: diff --git a/kubernetes/policy/charts/policy-api/resources/config/config.json b/kubernetes/policy/charts/policy-api/resources/config/config.json index 16e0a51682..397f850095 100644 --- a/kubernetes/policy/charts/policy-api/resources/config/config.json +++ b/kubernetes/policy/charts/policy-api/resources/config/config.json @@ -21,7 +21,9 @@ "host":"0.0.0.0", "port":6969, "userName":"healthcheck", - "password":"zb!XztG34" + "password":"zb!XztG34", + "https": true, + "aaf": false }, "databaseProviderParameters": { "name": "PolicyProviderParameterGroup", @@ -32,4 +34,4 @@ "databasePassword": "cG9saWN5X3VzZXI=", "persistenceUnit": "PolicyMariaDb" } -} \ No newline at end of file +} diff --git a/kubernetes/policy/charts/policy-api/values.yaml b/kubernetes/policy/charts/policy-api/values.yaml index 92960a2d56..acb9f6bb58 100644 --- a/kubernetes/policy/charts/policy-api/values.yaml +++ b/kubernetes/policy/charts/policy-api/values.yaml @@ -56,7 +56,7 @@ readiness: periodSeconds: 10 service: - type: ClusterIP + type: NodePort name: policy-api portName: policy-api internalPort: 6969 diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json index 995c951b81..fa80bf2190 100644 --- a/kubernetes/policy/charts/policy-pap/resources/config/config.json +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -21,7 +21,9 @@ "host":"0.0.0.0", "port":6969, "userName":"healthcheck", - "password":"zb!XztG34" + "password":"zb!XztG34", + "https": true, + "aaf": false }, "pdpParameters": { "updateParameters": { diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json index 7fb864bb31..789dde4491 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -16,11 +16,14 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= { - "name":"XacmlPdpGroup", - "restServerParameters":{ - "host":"0.0.0.0", - "port":6969, - "userName":"healthcheck", - "password":"zb!XztG34" - } -} + "name": "XacmlPdpGroup", + "restServerParameters": { + "host": "0.0.0.0", + "port": 6969, + "userName": "healthcheck", + "password": "zb!XztG34", + "https": true, + "aaf": false + }, + "applicationPath": "/opt/app/policy/pdpx/apps" +} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-graphadmin/Chart.yaml b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties similarity index 72% rename from kubernetes/aai/charts/aai-graphadmin/Chart.yaml rename to kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties index 7772ab0753..a56de8bc5e 100644 --- a/kubernetes/aai/charts/aai-graphadmin/Chart.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties @@ -1,14 +1,13 @@ -# # ============LICENSE_START======================================================= -# org.onap.aai +# ONAP PAP # ================================================================================ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -17,7 +16,7 @@ # limitations under the License. # ============LICENSE_END========================================================= -apiVersion: v1 -description: ONAP AAI GraphAdmin -name: aai-graphadmin -version: 4.0.0 +dmaap.sink.topics=POLICY-PDP-PAP +dmaap.sink.topics.POLICY-PDP-PAP.servers=message-router +dmaap.source.topics=POLICY-PDP-PAP +dmaap.source.topics.POLICY-PDP-PAP.servers=message-router \ No newline at end of file diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties new file mode 100644 index 0000000000..f4b4f93756 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties @@ -0,0 +1,53 @@ +# +# Properties that the embedded PDP engine uses to configure and load +# +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory +xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory +# +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +# +# ONAP PDP Implementation Factories +# +xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory + +# +# Use a root combining algorithm +# +xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides + +# +# PIP Engine Definitions +# +count-recent-operations.classname=org.onap.policy.pdp.xacml.application.common.operationshistory.CountRecentOperationsPip +count-recent-operations.issuer=urn:org:onap:xacml:guard:count-recent-operations +count-recent-operations.name=CountRecentOperations +count-recent-operations.description=Returns operation counts based on time window +count-recent-operations.persistenceunit=OperationsHistoryPU + +get-operation-outcome.classname=org.onap.policy.pdp.xacml.application.common.operationshistory.GetOperationOutcomePip +get-operation-outcome.issuer=urn:org:onap:xacml:guard:get-operation-outcome +get-operation-outcome.name=GetOperationOutcome +get-operation-outcome.description=Returns operation outcome +get-operation-outcome.persistenceunit=OperationsHistoryPU + +# +# Make pips available to finder +# +xacml.pip.engines=count-recent-operations,get-operation-outcome + +# +# JPA Properties +# +javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver +javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:3306/operationshistory +javax.persistence.jdbc.user=policy_user +javax.persistence.jdbc.password=cG9saWN5X3VzZXI= \ No newline at end of file diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml index d90b0c93dc..f689f4d6e8 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -22,4 +22,4 @@ metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml index 20b2afbf50..e5e94ccc95 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -16,12 +16,27 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"] - args: ["/opt/app/policy/pdpx/etc/mounted/config.json"] + args: ["/opt/app/policy/pdpx/etc/mounted/config.json","/opt/app/policy/pdpx/etc/mounted/topic.properties"] ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger diff --git a/kubernetes/policy/resources/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf index 1cd9290379..85fda3549c 100644 --- a/kubernetes/policy/resources/config/pe/console.conf +++ b/kubernetes/policy/resources/config/pe/console.conf @@ -135,8 +135,8 @@ onap_application_name= #-----------------------ONAP-PORTAL-Properties---------------------- -ONAP_REDIRECT_URL=https://portal-app.{{.Release.Namespace}}:30225/ONAPPORTAL/login.htm -ONAP_REST_URL=https://portal-app:8443/ONAPPORTAL/auxapi +ONAP_REDIRECT_URL=https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm +ONAP_REST_URL=https://portal-app:30225/ONAPPORTAL/auxapi ONAP_UEB_URL_LIST= ONAP_PORTAL_INBOX_NAME= ONAP_UEB_APP_KEY=ueb_key_5 diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh index a9a8687824..ddb352be89 100644 --- a/kubernetes/policy/resources/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -197,51 +197,21 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A #########################################Create SDNC Naming Policies########################################## -echo "Create SDNC Naming Policies" +echo "Create Generic SDNC Naming Policy for VNF" sleep 2 echo "Create SDNC vFW Naming Policy" curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "configBody": "{\"service\":\"SDNC-GenerateName\",\"version\":\"CSIT\",\"content\":{\"policy-instance-name\":\"ONAP_VFW_NAMING_TIMESTAMP\",\"naming-models\":[{\"naming-properties\":[{\"property-name\":\"AIC_CLOUD_REGION\"},{\"property-name\":\"nfRole\"},{\"property-name\":\"TIMESTAMP\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNF\",\"nfRole\":\"vFW\",\"naming-recipe\":\"AIC_CLOUD_REGION|DELIMITER|nfRole|DELIMITER|TIMESTAMP\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"ENTIRETY\",\"start-value\":\"001\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}},{\"property-name\":\"NFC_NAMING_CODE\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNFC\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"},{\"property-name\":\"VF_MODULE_LABEL\"},{\"property-name\":\"VF_MODULE_TYPE\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"PRECEEDING\",\"start-value\":\"01\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}}],\"naming-type\":\"VF-MODULE\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"}],\"naming-type\":\"KEY\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"protected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"protected_private_net_id\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"unprotected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"unprotected_private_net_id\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"}]}}", - "policyName": "SDNC_Policy.ONAP_VFW_NAMING_TIMESTAMP", + "configBody": "{ \"service\": \"SDNC-GenerateName\", \"version\": \"CSIT\", \"content\": { \"policy-instance-name\": \"ONAP_VNF _NAMING_TIMESTAMP\", \"naming-models\": [ { \"naming-properties\": [ { \"property-name\": \"AIC_CLOUD_REGION\" }, { \"property-name\": \"nfRole\" }, { \"property-name\": \"TIMESTAMP\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" } ], \"naming-type\": \"VNF\", \"naming-recipe\": \"AIC_CLOUD_REGION|DELIMITER|nfRole|DELIMITER|TIMESTAMP\" }, { \"naming-properties\": [ { \"property-name\": \"VNF_NAME\" }, { \"property-name\": \"SEQUENCE\", \"increment-sequence\": { \"max\": \"zzz\", \"scope\": \"ENTIRETY\", \"start-value\": \"001\", \"length\": \"3\", \"increment\": \"1\", \"sequence-type\": \"alpha-numeric\" } }, { \"property-name\": \"NFC_NAMING_CODE\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" } ], \"naming-type\": \"VNFC\", \"naming-recipe\": \"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\" }, { \"naming-properties\": [ { \"property-name\": \"VNF_NAME\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" }, { \"property-name\": \"VF_MODULE_LABEL\" }, { \"property-name\": \"VF_MODULE_TYPE\" }, { \"property-name\": \"SEQUENCE\", \"increment-sequence\": { \"max\": \"zzz\", \"scope\": \"PRECEEDING\", \"start-value\": \"01\", \"length\": \"3\", \"increment\": \"1\", \"sequence-type\": \"alpha-numeric\" } } ], \"naming-type\": \"VF-MODULE\", \"naming-recipe\": \"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\" } ] } }", + "policyName": "SDNC_Policy.ONAP_VNF_NAMING_TIMESTAMP", "policyConfigType": "MicroService", "onapName": "SDNC", "riskLevel": "4", "riskType": "test", "guard": "false", "priority": "4", - "description": "ONAP_VFW_NAMING_TIMESTAMP" -}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' - -sleep 2 - -echo "Create SDNC vPG Naming Policy" -curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "configBody": "{\"service\":\"SDNC-GenerateName\",\"version\":\"CSIT\",\"content\":{\"policy-instance-name\":\"ONAP_VPG_NAMING_TIMESTAMP\",\"naming-models\":[{\"naming-properties\":[{\"property-name\":\"AIC_CLOUD_REGION\"},{\"property-name\":\"nfRole\"},{\"property-name\":\"TIMESTAMP\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNF\",\"nfRole\":\"vPG\",\"naming-recipe\":\"AIC_CLOUD_REGION|DELIMITER|nfRole|DELIMITER|TIMESTAMP\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"ENTIRETY\",\"start-value\":\"001\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}},{\"property-name\":\"NFC_NAMING_CODE\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNFC\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"},{\"property-name\":\"VF_MODULE_LABEL\"},{\"property-name\":\"VF_MODULE_TYPE\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"PRECEEDING\",\"start-value\":\"01\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}}],\"naming-type\":\"VF-MODULE\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"}],\"naming-type\":\"KEY\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"protected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"protected_private_net_id\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"unprotected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"unprotected_private_net_id\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"}]}}", - "policyName": "SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP", - "policyConfigType": "MicroService", - "onapName": "SDNC", - "riskLevel": "4", - "riskType": "test", - "guard": "false", - "priority": "4", - "description": "ONAP_VPG_NAMING_TIMESTAMP" -}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' - -sleep 2 - -echo "Create SDNC vSN Naming Policy" -curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "configBody": "{\"service\":\"SDNC-GenerateName\",\"version\":\"CSIT\",\"content\":{\"policy-instance-name\":\"ONAP_VSN_NAMING_TIMESTAMP\",\"naming-models\":[{\"naming-properties\":[{\"property-name\":\"AIC_CLOUD_REGION\"},{\"property-name\":\"nfRole\"},{\"property-name\":\"TIMESTAMP\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNF\",\"nfRole\":\"vSN\",\"naming-recipe\":\"AIC_CLOUD_REGION|DELIMITER|nfRole|DELIMITER|TIMESTAMP\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"ENTIRETY\",\"start-value\":\"001\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}},{\"property-name\":\"NFC_NAMING_CODE\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNFC\",\"nfRole\":\"vSN\",\"naming-recipe\":\"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"},{\"property-name\":\"VF_MODULE_LABEL\"},{\"property-name\":\"VF_MODULE_TYPE\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"PRECEEDING\",\"start-value\":\"01\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}}],\"naming-type\":\"VF-MODULE\",\"nfRole\":\"vSN\",\"naming-recipe\":\"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"}],\"naming-type\":\"KEY\",\"nfRole\":\"vSN\",\"naming-recipe\":\"VNF_NAME\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"protected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"protected_private_net_id\",\"nfRole\":\"vSN\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"unprotected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"unprotected_private_net_id\",\"nfRole\":\"vSN\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"}]}}", - "policyName": "SDNC_Policy.ONAP_VSN_NAMING_TIMESTAMP", - "policyConfigType": "MicroService", - "onapName": "SDNC", - "riskLevel": "4", - "riskType": "test", - "guard": "false", - "priority": "4", - "description": "ONAP_VSN_NAMING_TIMESTAMP" + "description": "ONAP_VNF_NAMING_TIMESTAMP" }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' #########################################Creating OOF PCI Policies########################################## @@ -479,28 +449,10 @@ echo "Pushing SDNC Naming Policies" sleep 2 -echo "pushPolicy : PUT : SDNC_Policy.ONAP_VFW_NAMING_TIMESTAMP" -curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "SDNC_Policy.ONAP_VFW_NAMING_TIMESTAMP", - "policyType": "MicroService" -}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' - -sleep 10 - -echo "pushPolicy : PUT : SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP" -curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP", - "policyType": "MicroService" -}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' - -sleep 10 - -echo "pushPolicy : PUT : SDNC_Policy.ONAP_VSN_NAMING_TIMESTAMP" +echo "pushPolicy : PUT : SDNC_Policy.ONAP_VNF_NAMING_TIMESTAMP" curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "SDNC_Policy.ONAP_VSN_NAMING_TIMESTAMP", + "policyName": "SDNC_Policy.ONAP_VNF_NAMING_TIMESTAMP", "policyType": "MicroService" }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index 5815b9667a..ec70f4b619 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/pomba/charts/pomba-search-data/values.yaml b/kubernetes/pomba/charts/pomba-search-data/values.yaml index 7404f71232..88f45e35c2 100644 --- a/kubernetes/pomba/charts/pomba-search-data/values.yaml +++ b/kubernetes/pomba/charts/pomba-search-data/values.yaml @@ -65,4 +65,4 @@ resources: requests: cpu: 100m memory: 1800Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 index c53a7ae9b3..9f52189096 100644 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 differ diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 2123dd7a6d..4623738003 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-app:2.3.1 +image: onap/portal-app:2.5.0-STAGING-latest pullPolicy: Always # default number of instances diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index 24b92f3bc3..e6d7d11360 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -24,7 +24,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/portal-db:2.3.1 +image: onap/portal-db:2.5.0-STAGING-latest pullPolicy: Always readinessImage: readiness-check:2.0.0 diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 63f7a49363..b61c84a494 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-sdk:2.3.1 +image: onap/portal-sdk:2.5.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index f3567962db..7cf7b306ad 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-wms:2.3.1 +image: onap/portal-wms:2.5.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/readiness/docker/init/Dockerfile b/kubernetes/readiness/docker/init/Dockerfile index 7214e04174..b060915354 100644 --- a/kubernetes/readiness/docker/init/Dockerfile +++ b/kubernetes/readiness/docker/init/Dockerfile @@ -1,17 +1,12 @@ -from ubuntu:16.04 +FROM python:2-alpine ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST" # Setup Corporate proxy ENV https_proxy ${HTTPS_PROXY} ENV http_proxy ${HTTP_PROXY} -# Additional packages -RUN apt-get update -RUN apt-get install -y apt-utils git wget curl dnsutils python python-pip jq net-tools coreutils vim - RUN pip install requests pyyaml kubernetes - ENV CERT="/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" ENV TOKEN="/var/run/secrets/kubernetes.io/serviceaccount/token" @@ -21,4 +16,5 @@ RUN chmod a+x /root/ready.py COPY job_complete.py /root/job_complete.py RUN chmod a+x /root/job_complete.py -ENTRYPOINT /root/ready.py +ENTRYPOINT ["/root/ready.py"] +CMD [""] \ No newline at end of file diff --git a/kubernetes/readiness/docker/init/job_complete.py b/kubernetes/readiness/docker/init/job_complete.py index 97d22da6c1..b20cb5adec 100644 --- a/kubernetes/readiness/docker/init/job_complete.py +++ b/kubernetes/readiness/docker/init/job_complete.py @@ -1,9 +1,10 @@ -#!/usr/bin/python +#!/usr/bin/env python import getopt import logging import os import sys import time +import random from kubernetes import client @@ -91,7 +92,8 @@ def main(argv): log.warning("timed out waiting for '" + job_name + "' to be completed") exit(1) else: - time.sleep(5) + # spread in time potentially parallel execution in multiple containers + time.sleep(random.randint(5, 11)) if __name__ == "__main__": main(sys.argv[1:]) \ No newline at end of file diff --git a/kubernetes/readiness/docker/init/ready.py b/kubernetes/readiness/docker/init/ready.py index 87c09a444c..0e133eab01 100644 --- a/kubernetes/readiness/docker/init/ready.py +++ b/kubernetes/readiness/docker/init/ready.py @@ -1,9 +1,10 @@ -#!/usr/bin/python +#!/usr/bin/env python import getopt import logging import os import sys import time +import random from kubernetes import client @@ -154,7 +155,8 @@ def main(argv): log.warning("timed out waiting for '" + container_name + "' to be ready") exit(1) else: - time.sleep(5) + # spread in time potentially parallel execution in multiple containers + time.sleep(random.randint(5, 11)) if __name__ == "__main__": main(sys.argv[1:]) diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index d253ec7f4f..8b76f64a25 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -1,5 +1,6 @@ #!/bin/bash # Copyright (C) 2018 Amdocs, Bell Canada +# Modifications Copyright (C) 2019 Samsung # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,40 +14,44 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# Execute tags built to support the hands on demo, +# Execute tags built to support the hands-on demo # function usage { - echo "Usage: demo.sh namespace []" + echo "Usage: demo-k8s.sh []" echo " " - echo " demo.sh init" + echo " demo-k8s.sh init" echo " - Execute both init_customer + distribute" echo " " - echo " demo.sh init_customer" + echo " demo-k8s.sh init_customer" echo " - Create demo customer (Demonstration) and services, etc." echo " " - echo " demo.sh distribute []" + echo " demo-k8s.sh distribute []" echo " - Distribute demo models (demoVFW and demoVLB)" echo " " - echo " demo.sh preload " + echo " demo-k8s.sh preload " echo " - Preload data for VNF for the " echo " " - echo " demo.sh appc " - echo " - provide APPC with vFW module mount point for closed loop" + echo " demo-k8s.sh appc " + echo " - provide APPC with vFW module mount point for closed loop" echo " " - echo " demo.sh init_robot [ ]" - echo " - Initialize robot after all ONAP VMs have started" + echo " demo-k8s.sh init_robot [ ]" + echo " - Initialize robot after all ONAP VMs have started" echo " " - echo " demo.sh instantiateVFW" - echo " - Instantiate vFW module for the a demo customer (DemoCust)" + echo " demo-k8s.sh instantiateVFW" + echo " - Instantiate vFW module for the demo customer (DemoCust)" echo " " - echo " demo.sh deleteVNF " - echo " - Delete the module created by instantiateVFW" + echo " demo-k8s.sh instantiateVFWdirectso csar_filename" + echo " - Instantiate vFW module using direct SO interface using previously distributed model " + echo " that is in /tmp/csar in robot container" echo " " - echo " demo.sh heatbridge " - echo " - Run heatbridge against the stack for the given service instance and service" + echo " demo-k8s.sh deleteVNF " + echo " - Delete the module created by instantiateVFW" echo " " - echo " demo.sh vfwclosedloop " + echo " demo-k8s.sh heatbridge " + echo " - Run heatbridge against the stack for the given service instance and service" + echo " " + echo " demo-k8s.sh vfwclosedloop " echo " - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy " echo " kicks in to modulate the rates back to medium" echo " " @@ -110,7 +115,7 @@ do TAG="PreloadDemo" shift if [ $# -ne 2 ];then - echo "Usage: demo.sh preload " + echo "Usage: demo-k8s.sh preload " exit fi VARIABLES="$VARIABLES -v VNF_NAME:$1" @@ -122,7 +127,7 @@ do TAG="APPCMountPointDemo" shift if [ $# -ne 1 ];then - echo "Usage: demo.sh appc " + echo "Usage: demo-k8s.sh appc " exit fi VARIABLES="$VARIABLES -v MODULE_NAME:$1" @@ -133,11 +138,21 @@ do VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:$$" shift ;; + instantiateVFWdirectso) + TAG="instantiateVFWdirectso" + shift + if [ $# -ne 1 ];then + echo "Usage: demo-k8s.sh instantiateVFWdirectso " + exit + fi + VARIABLES="$VARIABLES -v CSAR_FILE:$1 -v GLOBAL_BUILD_NUMBER:$$" + shift + ;; deleteVNF) TAG="deleteVNF" shift if [ $# -ne 1 ];then - echo "Usage: demo.sh deleteVNF " + echo "Usage: demo-k8s.sh deleteVNF " exit fi VARFILE=$1.py @@ -153,7 +168,7 @@ do TAG="heatbridge" shift if [ $# -ne 4 ];then - echo "Usage: demo.sh heatbridge " + echo "Usage: demo-k8s.sh heatbridge " exit fi VARIABLES="$VARIABLES -v HB_STACK:$1" diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index aaa3bc83ac..5d42f048cd 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -15,12 +15,44 @@ #!/bin/bash # -# Run the testsuite for the passed tag. Valid tags are ete, health, closedloop, instantiate +# Run the testsuite for the passed tag. Valid tags are listed in usage help # Please clean up logs when you are done... -# Note: Do not run multiple concurrent ete.sh as the --display is not parameterized and tests will collide # if [ "$1" == "" ] || [ "$2" == "" ]; then - echo "Usage: ete-k8s.sh [namespace] [ health | healthdist | distribute | instantiate | instantiateVFWCL | instantiateDemoVFWCL | | portal ]" + echo "Usage: ete-k8s.sh [namespace] [tag]" + echo "" + echo " List of test case tags (filename for intent: tag)" + echo "" + echo " cds.robot: cds" + echo "" + echo " clamp.robot: clamp" + echo "" + echo " demo.robot: InitDemo, InitCustomer, APPCCDTPreloadDemo, APPCMountPointDemo, DistributeDemoVFWDT, DistributeVFWNG," + echo " InitDistribution, PreloadDemo, deleteVNF, heatbridge, instantiateDemoVFWCL, instantiateVFW, instantiateVFWCL, instantiateVFWDT" + echo "" + echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc," + echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb," + echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc," + echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr," + echo " healthportalapp, multicloud, oom" + echo "" + echo " hvves.robot: HVVES, ete" + echo "" + echo " model-distribution-vcpe.robot: distributevCPEResCust" + echo "" + echo " model-distribution.robot: distribute, distributeVFWDT, distributeVLB" + echo "" + echo " oof-*.robot: cmso, has, homing" + echo "" + echo " pnf-registration.robot: ete, pnf_registrate" + echo "" + echo " post-install-tests.robot dmaapacl, postinstall" + echo "" + echo " update_onap_page.robot: UpdateWebPage" + echo "" + echo " vnf-orchestration-direct-so.robot: instantiateVFWdirectso" + echo "" + echo " vnf-orchestration.robot: instantiate, instantiateNoDelete, stability72hr" exit fi @@ -30,7 +62,6 @@ export NAMESPACE="$1" POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) - TAGS="-i $2" ETEHOME=/var/opt/ONAP diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh old mode 100644 new mode 100755 index f63c98ee25..c58d8a8775 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -15,13 +15,12 @@ #!/bin/bash # -# Run the testsuite for the passed tag. Valid tags are ete, health, closedloop, instantiate +# Run the health-check testsuites for the tags discovered by helm list # Please clean up logs when you are done... -# Note: Do not run multiple concurrent ete.sh as the --display is not parameterized and tests will collide # if [ "$1" == "" ] ; then - echo "Usage: eteHelm-k8s.sh namespace " - echo " list projects via helm list and runs health-check with those tags except dev and dev-consul " + echo "Usage: eteHelm-k8s.sh [namespace]" + echo " list projects via helm list and runs health-check with those tags except dev and dev-consul" exit fi @@ -31,7 +30,7 @@ export NAMESPACE="$1" POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) -PROJECTS=$(helm list | cut -d ' ' -f 1 | grep "-" | grep -v consul ) +PROJECTS=$(helm list | tail +3 | grep '-' | cut -d' ' -f1 | sed -E 's/\w+-(\w+)/health-\1/g' | grep -v consul | grep -v nfs-provision) TAGS="" for project in $PROJECTS ; diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py b/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py index 0ae1047529..d58e1389cd 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py @@ -12,6 +12,12 @@ # See the License for the specific language governing permissions and # limitations under the License. +import json +import os.path +from itertools import chain +from collections import defaultdict + + GLOBAL_PRELOAD_PARAMETERS = { # heat template parameter values common to all heat template continaing these parameters "defaults" : { @@ -81,8 +87,9 @@ GLOBAL_PRELOAD_PARAMETERS = { "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", }, "vpkg_preload.template": { - "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}", - "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}", + # vFWSNK_ prepended to vpkg since the default behoir for vFWSNK tempalte is to concatenate vnf_name and network_name + "unprotected_private_net_id" : "vFWSNK_vofwlsnk_unprotected${hostid}", + "unprotected_private_subnet_id" : "vFWSNK_vofwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", "protected_private_net_cidr" : "192.168.20.0/24", "vfw_private_ip_0" : "192.168.10.100", @@ -503,3 +510,33 @@ GLOBAL_PRELOAD_PARAMETERS = { } } } + + +# Create dictionaries for new MAPPING data to join to original MAPPING data +GLOBAL_PRELOAD_PARAMETERS2 = {} + + +folder=os.path.join('/var/opt/ONAP/demo/preload_data') +subfolders = [d for d in os.listdir(folder) if os.path.isdir(os.path.join(folder, d))] + +for service in subfolders: + filepath=os.path.join('/var/opt/ONAP/demo/preload_data', service, 'preload_data.json') + with open(filepath, 'r') as f: + preload_data = json.load(f) + GLOBAL_PRELOAD_PARAMETERS2['Demo']=preload_data + + +# Merge dictionaries +# preload_data.json is for Demo key in GLOBAL_PRELOAD_PARAMETERS + + +GLOBAL_PRELOAD_PARAMETERS3 = {'Demo':{}} + +for k, v in chain(GLOBAL_PRELOAD_PARAMETERS['Demo'].items(), GLOBAL_PRELOAD_PARAMETERS2['Demo'].items()): + GLOBAL_PRELOAD_PARAMETERS3['Demo'][k] = v +# print(k, v) + +GLOBAL_PRELOAD_PARAMETERS = dict(GLOBAL_PRELOAD_PARAMETERS.items() + GLOBAL_PRELOAD_PARAMETERS3.items()) + +#print GLOBAL_PRELOAD_PARAMETERS + diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index 85a932e02d..0370bbc71d 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -13,19 +13,19 @@ # limitations under the License. # aaf info - everything is from the private oam network (also called onap private network) -GLOBAL_AAF_SERVER = "https://aaf-service.{{include "common.namespace" .}}:8100" -GLOBAL_AAF_USERNAME = "{{ .Values.aafUsername }}" -GLOBAL_AAF_PASSWORD = "{{ .Values.aafPassword }}" +GLOBAL_AAF_SERVER = 'https://aaf-service.{{include "common.namespace" .}}:8100' +GLOBAL_AAF_USERNAME = '{{ .Values.aafUsername }}' +GLOBAL_AAF_PASSWORD = '{{ .Values.aafPassword }}' # aai info - everything is from the private oam network (also called onap private network) GLOBAL_AAI_SERVER_PROTOCOL = "https" GLOBAL_AAI_SERVER_PORT = "8443" -GLOBAL_AAI_USERNAME = "{{ .Values.aaiUsername }}" -GLOBAL_AAI_PASSWORD = "{{ .Values.aaiPassword}}" +GLOBAL_AAI_USERNAME = '{{ .Values.aaiUsername }}' +GLOBAL_AAI_PASSWORD = '{{ .Values.aaiPassword}}' # appc info - everything is from the private oam network (also called onap private network) GLOBAL_APPC_SERVER_PROTOCOL = "http" GLOBAL_APPC_SERVER_PORT = "8282" -GLOBAL_APPC_USERNAME = "{{ .Values.appcUsername }}" -GLOBAL_APPC_PASSWORD = "{{ .Values.appcPassword }}" +GLOBAL_APPC_USERNAME = '{{ .Values.appcUsername }}' +GLOBAL_APPC_PASSWORD = '{{ .Values.appcPassword }}' GLOBAL_APPC_CDT_SERVER_PROTOCOL = "https" GLOBAL_APPC_CDT_SERVER_PORT = "18080" GLOBAL_APPC_CDT_USERNAME = "demo" @@ -48,17 +48,28 @@ GLOBAL_CLI_SERVER_PORT = "8080" # dcae info - everything is from the private oam network (also called onap private network) GLOBAL_DCAE_SERVER_PROTOCOL = "http" GLOBAL_DCAE_HEALTH_SERVER_PORT = "80" -GLOBAL_DCAE_USERNAME = "{{ .Values.dcaeUsername }}" -GLOBAL_DCAE_PASSWORD = "{{ .Values.dcaePassword}}" +GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}' +GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}' +# dcae hv-ves info +GLOBAL_DCAE_HVVES_SERVER_NAME = 'dcae-hv-ves-collector.{{include "common.namespace" .}}' +GLOBAL_DCAE_HVVES_SERVER_PORT = "6061" # data router info - everything is from the private oam network (also called onap private network) GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "http" GLOBAL_DMAAP_DR_PROV_SERVER_PORT = "8080" GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "http" GLOBAL_DMAAP_DR_NODE_SERVER_PORT = "8080" +# dmaap message router info +GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = 'message-router.{{include "common.namespace" .}}' +GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = "3904" +# dmaap kafka info +GLOBAL_DMAAP_KAFKA_SERVER_NAME = 'message-router-kafka.{{include "common.namespace" .}}' +GLOBAL_DMAAP_KAFKA_SERVER_PORT = "9092" +GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}' +GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}' # DROOL server port and credentials GLOBAL_DROOLS_SERVER_PORT = "9696" -GLOBAL_DROOLS_USERNAME = "{{ .Values.droolsUsername }}" -GLOBAL_DROOLS_PASSWORD = "{{ .Values.droolsPassword }}" +GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}' +GLOBAL_DROOLS_PASSWORD = '{{ .Values.droolsPassword }}' # log server config - NOTE: no log server is run in HEAT; only on OOM GLOBAL_LOG_SERVER_PROTOCOL = "http" GLOBAL_LOG_ELASTICSEARCH_PORT = "9200" @@ -85,10 +96,9 @@ GLOBAL_MSB_SERVER_PORT = "80" GLOBAL_MR_SERVER_PROTOCOL = "http" GLOBAL_MR_SERVER_PORT = "3904" # bus controller info -GLOBAL_BC_SERVER_PORT = "8080" GLOBAL_BC_HTTPS_SERVER_PORT = "8443" -GLOBAL_BC_USERNAME = "{{ .Values.bcUsername }}" -GLOBAL_BC_PASSWORD = "{{ .Values.bcPassword }}" +GLOBAL_BC_USERNAME = '{{ .Values.bcUsername }}' +GLOBAL_BC_PASSWORD = '{{ .Values.bcPassword }}' # mso info - everything is from the private oam network (also called onap private network) GLOBAL_MSO_SERVER_PROTOCOL = "http" GLOBAL_MSO_SERVER_PORT = "8080" @@ -102,24 +112,27 @@ GLOBAL_MSO_REQDB_SERVER_PORT = "8083" GLOBAL_MSO_SDNC_SERVER_PORT = "8086" GLOBAL_MSO_VFC_SERVER_PORT = "8084" GLOBAL_MSO_VNFM_SERVER_PORT = "9092" -GLOBAL_MSO_USERNAME = "{{ .Values.soUsername }}" -GLOBAL_MSO_CATDB_USERNAME = "{{ .Values.soCatdbUsername }}" -GLOBAL_MSO_PASSWORD = "{{ .Values.soPassword }}" +GLOBAL_MSO_USERNAME = '{{ .Values.soUsername }}' +GLOBAL_MSO_CATDB_USERNAME = '{{ .Values.soCatdbUsername }}' +GLOBAL_MSO_PASSWORD = '{{ .Values.soPassword }}' # robot uses MSO_PASSWORD for both SO and CATDB # music info - everything is from the private oam network (also called onap private network) GLOBAL_MUSIC_SERVER_PROTOCOL = "http" GLOBAL_MUSIC_SERVER_PORT = "8080" # oof global info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_SERVER_PROTOCOL = "http" +GLOBAL_OOF_SERVER_PROTOCOL = "https" # oof-homing info - everything is from the private oam network (also called onap private network) GLOBAL_OOF_HOMING_SERVER_PORT = "8091" # oof-sniro info - everything is from the private oam network (also called onap private network) GLOBAL_OOF_SNIRO_SERVER_PORT = "8698" +#oof user +GLOBAL_OOF_OSDF_USERNAME="{{ .Values.oofUsername }}" +GLOBAL_OOF_OSDF_PASSWORD="{{ .Values.oofPassword }}" # oof cmso global info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_CMSO_PROTOCOL = "http" +GLOBAL_OOF_CMSO_PROTOCOL = "https" GLOBAL_OOF_CMSO_SERVER_PORT = "8080" -GLOBAL_OOF_CMSO_USERNAME = "none" -GLOBAL_OOF_CMSO_PASSWORD = "none" +GLOBAL_OOF_CMSO_USERNAME = "{{ .Values.oofCmsoUsername }}" +GLOBAL_OOF_CMSO_PASSWORD = "{{ .Values.oofCmsoPassword }}" # openstack info - info to select right info in environment # packet generate vnf info - everything is from the private oam network (also called onap private network) GLOBAL_PACKET_GENERATOR_PORT = "8183" @@ -130,32 +143,34 @@ GLOBAL_PGN_PORT = "2831" GLOBAL_POLICY_SERVER_PROTOCOL = "https" GLOBAL_POLICY_SERVER_PORT = "8081" GLOBAL_POLICY_HEALTHCHECK_PORT = "6969" -GLOBAL_POLICY_AUTH = "{{ .Values.policyAuth}}" -GLOBAL_POLICY_CLIENTAUTH = "{{ .Values.policyClientAuth}}" -GLOBAL_POLICY_USERNAME = "{{ .Values.policyUsername }}" -GLOBAL_POLICY_PASSWORD = "{{ .Values.policyPassword }}" +GLOBAL_POLICY_AUTH = '{{ .Values.policyAuth}}' +GLOBAL_POLICY_CLIENTAUTH = '{{ .Values.policyClientAuth}}' +GLOBAL_POLICY_USERNAME = '{{ .Values.policyUsername }}' +GLOBAL_POLICY_PASSWORD = '{{ .Values.policyPassword }}' +GLOBAL_POLICY_HEALTHCHECK_USERNAME = '{{ .Values.policyComponentUsername }}' +GLOBAL_POLICY_HEALTHCHECK_PASSWORD = '{{ .Values.policyComponentPassword }}' # portal info - everything is from the private oam network (also called onap private network) GLOBAL_PORTAL_SERVER_PROTOCOL = "http" GLOBAL_PORTAL_SERVER_PORT = "8989" -GLOBAL_PORTAL_USERNAME = "{{ .Values.portalUsername }}" -GLOBAL_PORTAL_PASSWORD = "{{ .Values.portalPassword }}" +GLOBAL_PORTAL_USERNAME = '{{ .Values.portalUsername }}' +GLOBAL_PORTAL_PASSWORD = '{{ .Values.portalPassword }}' # sdngc info - everything is from the private oam network (also called onap private network) GLOBAL_SDNGC_SERVER_PROTOCOL = "http" GLOBAL_SDNGC_REST_PORT = "8282" GLOBAL_SDNGC_ADMIN_PORT = "8843" -GLOBAL_SDNGC_USERNAME = "{{ .Values.sdncUsername }}" -GLOBAL_SDNGC_PASSWORD = "{{ .Values.sdncPassword }}" +GLOBAL_SDNGC_USERNAME = '{{ .Values.sdncUsername }}' +GLOBAL_SDNGC_PASSWORD = '{{ .Values.sdncPassword }}' # sms (AAF) info GLOBAL_SMS_SERVER_PROTOCOL = "https" -GLOBAL_SMS_SERVER_NAME = "aaf-sms.{{include "common.namespace" .}}" +GLOBAL_SMS_SERVER_NAME = 'aaf-sms.{{include "common.namespace" .}}' GLOBAL_SMS_SERVER_PORT = "10443" # vid info - everything is from the private oam network (also called onap private network) -GLOBAL_VID_SERVER_PROTOCOL = "{{ .Values.vidServerProtocol }}" -GLOBAL_VID_SERVER_PORT = "{{ .Values.vidServerPort }}" -GLOBAL_VID_USERNAME = "{{ .Values.vidUsername }}" -GLOBAL_VID_PASSWORD = "{{ .Values.vidPassword}}" -GLOBAL_VID_HEALTH_USERNAME = "{{ .Values.vidHealthUsername }}" -GLOBAL_VID_HEALTH_PASSWORD = "{{ .Values.vidHealthPassword }}" +GLOBAL_VID_SERVER_PROTOCOL = '{{ .Values.vidServerProtocol }}' +GLOBAL_VID_SERVER_PORT = '{{ .Values.vidServerPort }}' +GLOBAL_VID_USERNAME = '{{ .Values.vidUsername }}' +GLOBAL_VID_PASSWORD = '{{ .Values.vidPassword}}' +GLOBAL_VID_HEALTH_USERNAME = '{{ .Values.vidHealthUsername }}' +GLOBAL_VID_HEALTH_PASSWORD = '{{ .Values.vidHealthPassword }}' # vnfsdk info - everything is from the private oam network (also called onap private network) GLOBAL_VNFSDK_SERVER_PROTOCOL = "http" GLOBAL_VNFSDK_SERVER_PORT = "8702" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 71d9ec0fe3..e46b5fc723 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -14,159 +14,189 @@ # File generated from /opt/config # -GLOBAL_INJECTED_AAF_IP_ADDR = "aaf-service.{{include "common.namespace" .}}" -GLOBAL_INJECTED_AAI1_IP_ADDR = "aai.{{include "common.namespace" .}}" -GLOBAL_INJECTED_AAI2_IP_ADDR = "N/A" -GLOBAL_INJECTED_APPC_IP_ADDR = "appc.{{include "common.namespace" .}}" -GLOBAL_INJECTED_APPC_CDT_IP_ADDR = "appc-cdt.{{include "common.namespace" .}}" -GLOBAL_INJECTED_ARTIFACTS_VERSION = "{{.Values.demoArtifactsVersion}}" -GLOBAL_INJECTED_CLAMP_IP_ADDR = "clamp.{{include "common.namespace" .}}" -GLOBAL_INJECTED_CLI_IP_ADDR = "cli.{{include "common.namespace" .}}" -GLOBAL_INJECTED_CLOUD_ENV = "openstack" -GLOBAL_INJECTED_DCAE_IP_ADDR = "dcae-healthcheck.{{include "common.namespace" .}}" -GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = "dmaap-dr-prov.{{include "common.namespace" .}}" -GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = "dmaap-dr-node.{{include "common.namespace" .}}" -GLOBAL_INJECTED_DNS_IP_ADDR = "N/A" -GLOBAL_INJECTED_DOCKER_VERSION = "1.2-STAGING-latest" -GLOBAL_INJECTED_EXTERNAL_DNS = "N/A" -GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = "log-es.{{include "common.namespace" .}}" -GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = "log-kibana.{{include "common.namespace" .}}" -GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = "pomba-servicedecomposition.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = "pomba-sdncctxbuilder.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = "pomba-networkdiscovery.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = "pomba-validation-service.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = "pomba-kibana.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = "pomba-es.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = "pomba-contextaggregator.{{include "common.namespace" .}}" -GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}" -GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}" -GLOBAL_INJECTED_BC_IP_ADDR = "dmaap-bc.{{include "common.namespace" .}}" -GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}" -GLOBAL_INJECTED_NBI_IP_ADDR = "nbi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_NETWORK = "{{ .Values.openStackPrivateNetId }}" -GLOBAL_INJECTED_NEXUS_DOCKER_REPO = "nexus3.onap.org:10001" -GLOBAL_INJECTED_NEXUS_PASSWORD = "docker" -GLOBAL_INJECTED_NEXUS_REPO = "https://nexus.onap.org/content/sites/raw" -GLOBAL_INJECTED_NEXUS_USERNAME = "docker" -GLOBAL_INJECTED_OOF_IP_ADDR = "N/A" -GLOBAL_INJECTED_OOF_HOMING_IP_ADDR = "oof-has-api.{{include "common.namespace" .}}" -GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR = "oof-osdf.{{include "common.namespace" .}}" -GLOBAL_INJECTED_OOF_CMSO_IP_ADDR = "oof-cmso.{{include "common.namespace" .}}" -GLOBAL_INJECTED_MSB_IP_ADDR = "msb-iag.{{include "common.namespace" .}}" -GLOBAL_INJECTED_OPENSTACK_API_KEY = "{{ .Values.config.openStackEncryptedPasswordHere}}" -GLOBAL_INJECTED_OPENSTACK_PASSWORD = "{{ .Values.openStackPassword }}" -GLOBAL_INJECTED_OPENSTACK_TENANT_ID = "{{ .Values.openStackTenantId }}" -GLOBAL_INJECTED_OPENSTACK_USERNAME = "{{ .Values.openStackUserName }}" -GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = "{{ .Values.openStackProjectName }}" -GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = "{{ .Values.openStackDomainId }}" -GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = "{{ .Values.openStackKeystoneAPIVersion }}" -GLOBAL_INJECTED_POLICY_IP_ADDR = "pdp.{{include "common.namespace" .}}" -GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = "drools.{{include "common.namespace" .}}" -GLOBAL_INJECTED_PORTAL_IP_ADDR = "portal-app.{{include "common.namespace" .}}" -GLOBAL_INJECTED_PUBLIC_NET_ID = "{{ .Values.openStackPublicNetId }}" -GLOBAL_INJECTED_REGION = "{{ .Values.openStackRegion }}" -GLOBAL_INJECTED_SCRIPT_VERSION = "{{ .Values.scriptVersion }}" -GLOBAL_INJECTED_SDC_BE_IP_ADDR = "sdc-be.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR = "sdc-onboarding-be.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SDC_FE_IP_ADDR = "sdc-fe.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SDC_IP_ADDR = "N/A" -GLOBAL_INJECTED_SDNC_IP_ADDR = "sdnc.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR = "sdnc-portal.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_APIHAND_IP_ADDR = "so.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR = "so-sdc-controller.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_BPMN_IP_ADDR = "so-bpmn-infra.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_CATDB_IP_ADDR = "so-catalog-db-adapter.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_IP_ADDR = "so.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = "so-openstack-adapter.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_REQDB_IP_ADDR = "so-request-db-adapter.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_SDNC_IP_ADDR = "so-sdnc-adapter.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_VFC_IP_ADDR = "so-vfc-adapter.{{include "common.namespace" .}}" -GLOBAL_INJECTED_SO_VNFM_IP_ADDR = "so-vnfm-adapter.{{include "common.namespace" .}}" -GLOBAL_INJECTED_UBUNTU_1404_IMAGE = "{{ .Values.ubuntu14Image }}" -GLOBAL_INJECTED_UBUNTU_1604_IMAGE = "{{ .Values.ubuntu16Image }}" -GLOBAL_INJECTED_VM_IMAGE_NAME = "{{ .Values.ubuntu14Image }}" -GLOBAL_INJECTED_VID_IP_ADDR = "vid.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VM_FLAVOR = "{{ .Values.openStackFlavourMedium }}" -GLOBAL_INJECTED_VNFSDK_IP_ADDR = "refrepo.{{include "common.namespace" .}}" +GLOBAL_INJECTED_AAF_IP_ADDR = 'aaf-service.{{include "common.namespace" .}}' +GLOBAL_INJECTED_AAI1_IP_ADDR = 'aai.{{include "common.namespace" .}}' +GLOBAL_INJECTED_AAI2_IP_ADDR = 'N/A' +GLOBAL_INJECTED_APPC_IP_ADDR = 'appc.{{include "common.namespace" .}}' +GLOBAL_INJECTED_APPC_CDT_IP_ADDR = 'appc-cdt.{{include "common.namespace" .}}' +GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}' +GLOBAL_INJECTED_CLAMP_IP_ADDR = 'clamp.{{include "common.namespace" .}}' +GLOBAL_INJECTED_CLI_IP_ADDR = 'cli.{{include "common.namespace" .}}' +GLOBAL_INJECTED_CLOUD_ENV = 'openstack' +GLOBAL_INJECTED_DCAE_IP_ADDR = 'dcae-healthcheck.{{include "common.namespace" .}}' +GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = 'dmaap-dr-prov.{{include "common.namespace" .}}' +GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = 'dmaap-dr-node.{{include "common.namespace" .}}' +GLOBAL_INJECTED_DNS_IP_ADDR = 'N/A' +GLOBAL_INJECTED_DOCKER_VERSION = '1.2-STAGING-latest' +GLOBAL_INJECTED_EXTERNAL_DNS = 'N/A' +GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = 'log-es.{{include "common.namespace" .}}' +GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = 'log-kibana.{{include "common.namespace" .}}' +GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = 'log-ls-http.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = 'pomba-aaictxbuilder.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = 'pomba-sdcctxbuilder.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = 'pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = 'pomba-servicedecomposition.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = 'pomba-sdncctxbuilder.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = 'pomba-networkdiscovery.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = 'pomba-validation-service.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = 'pomba-kibana.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = 'pomba-es.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = 'pomba-contextaggregator.{{include "common.namespace" .}}' +GLOBAL_INJECTED_KEYSTONE = '{{ .Values.openStackKeyStoneUrl }}' +GLOBAL_INJECTED_MR_IP_ADDR = 'message-router.{{include "common.namespace" .}}' +GLOBAL_INJECTED_BC_IP_ADDR = 'dmaap-bc.{{include "common.namespace" .}}' +GLOBAL_INJECTED_MUSIC_IP_ADDR = 'music.{{include "common.namespace" .}}' +GLOBAL_INJECTED_NBI_IP_ADDR = 'nbi.{{include "common.namespace" .}}' +GLOBAL_INJECTED_NETWORK = '{{ .Values.openStackPrivateNetId }}' +GLOBAL_INJECTED_NEXUS_DOCKER_REPO = 'nexus3.onap.org:10001' +GLOBAL_INJECTED_NEXUS_PASSWORD = 'docker' +GLOBAL_INJECTED_NEXUS_REPO ='https://nexus.onap.org/content/sites/raw' +GLOBAL_INJECTED_NEXUS_USERNAME = 'docker' +GLOBAL_INJECTED_OOF_IP_ADDR = 'N/A' +GLOBAL_INJECTED_OOF_HOMING_IP_ADDR = 'oof-has-api.{{include "common.namespace" .}}' +GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR = 'oof-osdf.{{include "common.namespace" .}}' +GLOBAL_INJECTED_OOF_CMSO_IP_ADDR = 'oof-cmso.{{include "common.namespace" .}}' +GLOBAL_INJECTED_MSB_IP_ADDR = 'msb-iag.{{include "common.namespace" .}}' +GLOBAL_INJECTED_OPENSTACK_API_KEY = '{{ .Values.config.openStackEncryptedPasswordHere}}' +GLOBAL_INJECTED_OPENSTACK_PASSWORD = '{{ .Values.openStackPassword }}' +GLOBAL_INJECTED_OPENSTACK_TENANT_ID = '{{ .Values.openStackTenantId }}' +GLOBAL_INJECTED_OPENSTACK_USERNAME = '{{ .Values.openStackUserName }}' +GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = '{{ .Values.openStackProjectName }}' +GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = '{{ .Values.openStackDomainId }}' +GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = '{{ .Values.openStackKeystoneAPIVersion }}' +GLOBAL_INJECTED_REGION_THREE = '{{ .Values.openStackRegionRegionThree }}' +GLOBAL_INJECTED_KEYSTONE_REGION_THREE = '{{ .Values.openStackKeyStoneUrlRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = '{{ .Values.openStackKeystoneAPIVersionRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = '{{ .Values.openStackUserNameRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE = '{{ .Values.openStackPasswordRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE = '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = '{{ .Values.openStackTenantIdRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = '{{ .Values.openStackProjectNameRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = '{{ .Values.openStackDomainIdRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX = '{{ .Values.openStackOamNetworkCidrPrefix }}' +GLOBAL_INJECTED_POLICY_IP_ADDR = 'pdp.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = 'drools.{{include "common.namespace" .}}' +GLOBAL_INJECTED_PORTAL_IP_ADDR = 'portal-app.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POLICY_API_IP_ADDR = 'policy-api.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POLICY_PAP_IP_ADDR = 'policy-pap.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR = 'policy-distribution.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR = 'policy-xacml-pdp.{{include "common.namespace" .}}' +GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR = 'policy-apex-pdp.{{include "common.namespace" .}}' +GLOBAL_INJECTED_PUBLIC_NET_ID = '{{ .Values.openStackPublicNetId }}' +GLOBAL_INJECTED_REGION = '{{ .Values.openStackRegion }}' +GLOBAL_INJECTED_SCRIPT_VERSION = '{{ .Values.scriptVersion }}' +GLOBAL_INJECTED_SDC_BE_IP_ADDR = 'sdc-be.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR = 'sdc-onboarding-be.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SDC_FE_IP_ADDR = 'sdc-fe.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SDC_IP_ADDR = 'N/A' +GLOBAL_INJECTED_SDNC_IP_ADDR = 'sdnc.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR = 'sdnc-portal.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_APIHAND_IP_ADDR = 'so.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR = 'so-sdc-controller.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_BPMN_IP_ADDR = 'so-bpmn-infra.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_CATDB_IP_ADDR = 'so-catalog-db-adapter.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_IP_ADDR = 'so.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = 'so-openstack-adapter.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_REQDB_IP_ADDR = 'so-request-db-adapter.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_SDNC_IP_ADDR = 'so-sdnc-adapter.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_VFC_IP_ADDR = 'so-vfc-adapter.{{include "common.namespace" .}}' +GLOBAL_INJECTED_SO_VNFM_IP_ADDR = 'so-vnfm-adapter.{{include "common.namespace" .}}' +GLOBAL_INJECTED_UBUNTU_1404_IMAGE = '{{ .Values.ubuntu14Image }}' +GLOBAL_INJECTED_UBUNTU_1604_IMAGE = '{{ .Values.ubuntu16Image }}' +GLOBAL_INJECTED_VM_IMAGE_NAME = '{{ .Values.ubuntu14Image }}' +GLOBAL_INJECTED_VID_IP_ADDR = 'vid.{{include "common.namespace" .}}' +GLOBAL_INJECTED_VM_FLAVOR = '{{ .Values.openStackFlavourMedium }}' +GLOBAL_INJECTED_VNFSDK_IP_ADDR = 'refrepo.{{include "common.namespace" .}}' GLOBAL_INJECTED_PROPERTIES = { - "GLOBAL_INJECTED_AAF_IP_ADDR" : "aaf-service.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_AAI1_IP_ADDR" : "aai.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_AAI2_IP_ADDR" : "N/A", - "GLOBAL_INJECTED_APPC_IP_ADDR" : "appc.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_APPC_CDT_IP_ADDR" : "appc-cdt.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_ARTIFACTS_VERSION" : "{{.Values.demoArtifactsVersion}}", - "GLOBAL_INJECTED_CLAMP_IP_ADDR" : "clamp.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_CLI_IP_ADDR" : "cli.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_CLOUD_ENV" : "openstack", - "GLOBAL_INJECTED_DCAE_IP_ADDR" : "dcae-healthcheck.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR" : "dmaap-dr-prov.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR" : "dmaap-dr-node.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_DNS_IP_ADDR" : "N/A", - "GLOBAL_INJECTED_DOCKER_VERSION" : "1.2-STAGING-latest", - "GLOBAL_INJECTED_EXTERNAL_DNS" : "N/A", - "GLOBAL_INJECTED_KEYSTONE" : "{{ .Values.openStackKeyStoneUrl }}", - "GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR" : "log-es.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR" : "log-kibana.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR" : "log-ls.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_MR_IP_ADDR" : "message-router.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_BC_IP_ADDR" : "dmaap-bc.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : "pomba-servicedecomposition.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : "pomba-sdncctxbuilder.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : "pomba-contextaggregator.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}", - "GLOBAL_INJECTED_NEXUS_DOCKER_REPO" : "nexus3.onap.org:10001", - "GLOBAL_INJECTED_NEXUS_PASSWORD" : "docker", - "GLOBAL_INJECTED_NEXUS_REPO" : "https://nexus.onap.org/content/sites/raw", - "GLOBAL_INJECTED_NEXUS_USERNAME" : "docker", - "GLOBAL_INJECTED_OOF_IP_ADDR" : "N/A", - "GLOBAL_INJECTED_OOF_HOMING_IP_ADDR" : "oof-has-api.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR" : "oof-osdf.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_OOF_CMSO_IP_ADDR" : "oof-cmso.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_MSB_IP_ADDR" : "msb-iag.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_OPENSTACK_API_KEY" : "{{ .Values.config.openStackEncryptedPasswordHere}}", - "GLOBAL_INJECTED_OPENSTACK_PASSWORD" : "{{ .Values.openStackPassword }}", - "GLOBAL_INJECTED_OPENSTACK_TENANT_ID" : "{{ .Values.openStackTenantId }}", - "GLOBAL_INJECTED_OPENSTACK_USERNAME" : "{{ .Values.openStackUserName }}", - "GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : "{{ .Values.openStackProjectName }}", - "GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : "{{ .Values.openStackDomainId }}", - "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : "{{ .Values.openStackKeystoneAPIVersion }}", - "GLOBAL_INJECTED_POLICY_IP_ADDR" : "pdp.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : "drools.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_PORTAL_IP_ADDR" : "portal-app.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_PUBLIC_NET_ID" : "{{ .Values.openStackPublicNetId }}", - "GLOBAL_INJECTED_REGION" : "{{ .Values.openStackRegion }}", - "GLOBAL_INJECTED_SDC_BE_IP_ADDR" : "sdc-be.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR" : "sdc-onboarding-be.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SDC_FE_IP_ADDR" : "sdc-fe.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SDC_IP_ADDR" : "N/A", - "GLOBAL_INJECTED_SCRIPT_VERSION" : "{{ .Values.scriptVersion }}", - "GLOBAL_INJECTED_SDNC_IP_ADDR" : "sdnc.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR" : "sdnc-portal.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_APIHAND_IP_ADDR" : "so.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR" : "so-sdc-controller.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_BPMN_IP_ADDR" : "so-bpmn-infra.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_CATDB_IP_ADDR" : "so-catalog-db-adapter.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_IP_ADDR" : "so.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR" : "so-openstack-adapter.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : "so-request-db-adapter.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : "so-sdnc-adapter.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_VFC_IP_ADDR" : "so-vfc-adapter.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : "so-vnfm-adapter.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : "{{.Values.ubuntu14Image}}", - "GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : "{{.Values.ubuntu16Image}}", - "GLOBAL_INJECTED_VM_IMAGE_NAME" : "{{ .Values.ubuntu14Image }}", - "GLOBAL_INJECTED_VID_IP_ADDR" : "vid.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VM_FLAVOR" : "{{ .Values.openStackFlavourMedium }}", - "GLOBAL_INJECTED_VNFSDK_IP_ADDR" : "refrepo.{{include "common.namespace" .}}" + "GLOBAL_INJECTED_AAF_IP_ADDR" : 'aaf-service.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_AAI1_IP_ADDR" : 'aai.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_AAI2_IP_ADDR" : 'N/A', + "GLOBAL_INJECTED_APPC_IP_ADDR" : 'appc.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_APPC_CDT_IP_ADDR" : 'appc-cdt.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_ARTIFACTS_VERSION" : '{{.Values.demoArtifactsVersion}}', + "GLOBAL_INJECTED_CLAMP_IP_ADDR" : 'clamp.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_CLI_IP_ADDR" : 'cli.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_CLOUD_ENV" : 'openstack', + "GLOBAL_INJECTED_DCAE_IP_ADDR" : 'dcae-healthcheck.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR" : 'dmaap-dr-prov.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR" : 'dmaap-dr-node.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_DNS_IP_ADDR" : 'N/A', + "GLOBAL_INJECTED_DOCKER_VERSION" : '1.2-STAGING-latest', + "GLOBAL_INJECTED_EXTERNAL_DNS" : 'N/A', + "GLOBAL_INJECTED_KEYSTONE" : '{{ .Values.openStackKeyStoneUrl }}', + "GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR" : 'log-es.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR" : 'log-kibana.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR" : 'log-ls.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_MR_IP_ADDR" : 'message-router.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_BC_IP_ADDR" : 'dmaap-bc.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : 'pomba-aaictxbuilder.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : 'pomba-sdcctxbuilder.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : 'pomba-networkdiscovery.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : 'pomba-servicedecomposition.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : 'pomba-sdncctxbuilder.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : 'pomba-contextaggregator.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_MUSIC_IP_ADDR" : 'music.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_NBI_IP_ADDR" : 'nbi.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_NETWORK" : '{{ .Values.openStackPrivateNetId }}', + "GLOBAL_INJECTED_NEXUS_DOCKER_REPO" : 'nexus3.onap.org:10001', + "GLOBAL_INJECTED_NEXUS_PASSWORD" : 'docker', + "GLOBAL_INJECTED_NEXUS_REPO" : 'https://nexus.onap.org/content/sites/raw', + "GLOBAL_INJECTED_NEXUS_USERNAME" : 'docker', + "GLOBAL_INJECTED_OOF_IP_ADDR" : 'N/A', + "GLOBAL_INJECTED_OOF_HOMING_IP_ADDR" : 'oof-has-api.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR" : 'oof-osdf.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_OOF_CMSO_IP_ADDR" : 'oof-cmso.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_MSB_IP_ADDR" : 'msb-iag.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_OPENSTACK_API_KEY" : '{{ .Values.config.openStackEncryptedPasswordHere}}', + "GLOBAL_INJECTED_OPENSTACK_PASSWORD" : '{{ .Values.openStackPassword }}', + "GLOBAL_INJECTED_OPENSTACK_TENANT_ID" : '{{ .Values.openStackTenantId }}', + "GLOBAL_INJECTED_OPENSTACK_USERNAME" : '{{ .Values.openStackUserName }}', + "GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : '{{ .Values.openStackProjectName }}', + "GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : '{{ .Values.openStackDomainId }}', + "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : '{{ .Values.openStackKeystoneAPIVersion }}', + "GLOBAL_INJECTED_REGION_THREE" : '{{ .Values.openStackRegionRegionThree }}', + "GLOBAL_INJECTED_KEYSTONE_REGION_THREE" : '{{ .Values.openStackKeyStoneUrlRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE" : '{{ .Values.openStackKeystoneAPIVersionRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE" : '{{ .Values.openStackUserNameRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE" : '{{ .Values.openStackPasswordRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE" : '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE" : '{{ .Values.openStackTenantIdRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE" : '{{ .Values.openStackProjectNameRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE" : '{{ .Values.openStackDomainIdRegionThree }}', + "GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX" : '{{ .Values.openStackOamNetworkCidrPrefix }}', + "GLOBAL_INJECTED_POLICY_IP_ADDR" : 'pdp.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : 'drools.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POLICY_API_IP_ADDR" : 'policy-api.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POLICY_PAP_IP_ADDR" : 'policy-pap.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR" : 'policy-distribution.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR" : 'policy-xacml-pdp.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR" : 'policy-apex-pdp.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_PORTAL_IP_ADDR" : 'portal-app.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_PUBLIC_NET_ID" : '{{ .Values.openStackPublicNetId }}', + "GLOBAL_INJECTED_REGION" : '{{ .Values.openStackRegion }}', + "GLOBAL_INJECTED_SDC_BE_IP_ADDR" : 'sdc-be.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR" : 'sdc-onboarding-be.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SDC_FE_IP_ADDR" : 'sdc-fe.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SDC_IP_ADDR" : 'N/A', + "GLOBAL_INJECTED_SCRIPT_VERSION" : '{{ .Values.scriptVersion }}', + "GLOBAL_INJECTED_SDNC_IP_ADDR" : 'sdnc.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR" : 'sdnc-portal.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_APIHAND_IP_ADDR" : 'so.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR" : 'so-sdc-controller.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_BPMN_IP_ADDR" : 'so-bpmn-infra.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_CATDB_IP_ADDR" : 'so-catalog-db-adapter.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_IP_ADDR" : 'so.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR" : 'so-openstack-adapter.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : 'so-request-db-adapter.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : 'so-sdnc-adapter.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_VFC_IP_ADDR" : 'so-vfc-adapter.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : 'so-vnfm-adapter.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : '{{.Values.ubuntu14Image}}', + "GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : '{{.Values.ubuntu16Image}}', + "GLOBAL_INJECTED_VM_IMAGE_NAME" : '{{ .Values.ubuntu14Image }}', + "GLOBAL_INJECTED_VID_IP_ADDR" : 'vid.{{include "common.namespace" .}}', + "GLOBAL_INJECTED_VM_FLAVOR" : '{{ .Values.openStackFlavourMedium }}', + "GLOBAL_INJECTED_VNFSDK_IP_ADDR" : 'refrepo.{{include "common.namespace" .}}' } diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 53e6cfe4cc..4c65c5b88b 100755 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -40,7 +40,7 @@ config: # Demo configuration # Nexus demo artifact version. Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION -demoArtifactsVersion: "1.3.0" +demoArtifactsVersion: "1.4.0-SNAPSHOT" # Nexus demo artifact URL. demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" # Openstack medium sized flavour name. Maps GLOBAL_INJECTED_VM_FLAVOR @@ -60,15 +60,27 @@ openStackUserName: "tenantUsername" # Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME openStackProjectName: "onap" # Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID -openStackDomainId: "default" +openStackDomainId: "Default" # Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION openStackKeystoneAPIVersion: "v2.0" +# Values for second cloud instante for VNF instantiatioen testing and keystone v3 +openStackRegionRegionThree: "RegionThree" +openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000" +openStackKeystoneAPIVersionRegionThree: "v3" +openStackUserNameRegionThree: "demo" +openStackPasswordRegionThree: "tenantPassword" +# this is the java encrypted password that is needed for SO +openSackMsoEncryptdPasswordRegionThree: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" +openStackTenantIdRegionThree: "3583253e932845a09cd4c8ca2f31d095" +openStackProjectNameRegionThree: "Integration-HEAT-Staging-Daily" +openStackDomainIdRegionThree: "Default" +# # Openstack glance image name for Ubuntu 14. Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE ubuntu14Image: "Ubuntu_14_trusty" # Openstack glance image name for Ubuntu 16. Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE ubuntu16Image: "Ubuntu_16_xenial" # GLOBAL_INJECTED_SCRIPT_VERSION. Maps to GLOBAL_INJECTED_SCRIPT_VERSION -scriptVersion: "1.3.0" +scriptVersion: "1.4.0-SNAPSHOT" # Openstack network to which VNFs will bind their primary (first) interface. Maps to GLOBAL_INJECTED_NETWORK openStackPrivateNetId: "e8f51956-00dd-4425-af36-045716781ffc" # Openstack security group for instantiating VNFs @@ -106,11 +118,16 @@ dcaePassword: "ZjJkYjllMjljMTI2M2Iz" # DROOLS droolsUsername: "demo@people.osaaf.org" droolsPassword: "demo123456!" +# OOF +oofCmsoUsername: "oof@oof.onap.org" +oofCmsoPassword: "demo123456!" # POLICY policyAuth: "dGVzdHBkcDphbHBoYTEyMw==" policyClientAuth: "cHl0aG9uOnRlc3Q=" policyUsername: "demo@people.osaaf.org" policyPassword: "demo123456!" +policyComponentUsername: "healthcheck" +policyComponentPassword: "zb!XztG34" # PORTAL portalUsername: "demo" portalPassword: "Kp8bJ4SXszM0WXlhak3eHlcse" @@ -130,6 +147,15 @@ vidHealthPassword: "AppPassword!1" # DMAAP BC bcUsername: "dmaap-bc@dmaap-bc.onap.org" bcPassword: "demo123456!" +# DMAAP KAFKA JAAS +kafkaJaasUsername: "admin" +kafkaJaasPassword: "admin_secret" + +#OOF +oofUsername: "oof@oof.onap.org" +oofPassword: "demo123456!" +cmsoUsername: "oof@oof.onap.org" +cmsoPassword: "demo123456!" # default number of instances replicaCount: 1 diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index c65aa73913..fcf5283c07 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-backend:1.4-STAGING-latest -backendInitImage: onap/sdc-backend-init:1.4-STAGING-latest +image: onap/sdc-backend:1.4.0 +backendInitImage: onap/sdc-backend-init:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-cs/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-cs/templates/deployment.yaml deleted file mode 100644 index 4731edfebb..0000000000 --- a/kubernetes/sdc/charts/sdc-cs/templates/deployment.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - exec: - command: - - "/var/lib/ready-probe.sh" - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - env: - - name: ENVNAME - value: {{ .Values.global.env.name }} - - name: RELEASE - value: {{ .Values.config.release }} - - name: MAX_HEAP_SIZE - value: {{ .Values.config.maxHeapSize }} - - name: HEAP_NEWSIZE - value: {{ .Values.config.heapNewSize }} - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: CS_PASSWORD - valueFrom: - secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_password} - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/ - - name: {{ include "common.fullname" . }}-environments - mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-localtime - mountPath: /etc/localtime - readOnly: true - volumes: - - name: {{ include "common.fullname" . }}-localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - - name: {{ include "common.fullname" . }}-environments - configMap: - name: {{ .Release.Name }}-sdc-environments-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml b/kubernetes/sdc/charts/sdc-cs/templates/job.yaml index 75e9a11a03..856aecc63b 100644 --- a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-cs/templates/job.yaml @@ -40,7 +40,11 @@ spec: - /root/ready.py args: - --container-name + {{- if .Values.global.cassandra.localCluster }} - sdc-cs + {{- else }} + - cassandra + {{- end }} env: - name: NAMESPACE valueFrom: @@ -54,8 +58,6 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/ - name: {{ include "common.fullname" . }}-chef-cache mountPath: /root/chef-solo/cache env: @@ -81,13 +83,6 @@ spec: configMap: name: {{ .Release.Name }}-sdc-environments-configmap defaultMode: 0755 - - name: {{ include "common.fullname" . }}-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - name: {{ include "common.fullname" . }}-chef-cache emptyDir: {} imagePullSecrets: diff --git a/kubernetes/sdc/charts/sdc-cs/templates/service.yaml b/kubernetes/sdc/charts/sdc-cs/templates/service.yaml deleted file mode 100644 index 3f66d34f83..0000000000 --- a/kubernetes/sdc/charts/sdc-cs/templates/service.yaml +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml index 8df00783af..64f964681d 100644 --- a/kubernetes/sdc/charts/sdc-cs/values.yaml +++ b/kubernetes/sdc/charts/sdc-cs/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.4-STAGING-latest -cassandraInitImage: onap/sdc-cassandra-init:1.4-STAGING-latest +image: onap/sdc-cassandra:1.4.0 +cassandraInitImage: onap/sdc-cassandra-init:1.4.0 pullPolicy: Always diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml index 666c22254d..bf1d9b4584 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -88,4 +88,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index cf0640565c..2b8fd9027f 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -80,4 +80,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index ab6eaf3fbf..4b40bcea8f 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -85,4 +85,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml index f968c59dae..e787948ce2 100644 --- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -87,4 +87,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml index 9ceef30007..618b23a584 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml @@ -35,4 +35,4 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml index 2f343c83dc..e1f01b67fe 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml @@ -46,4 +46,4 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/values.yaml b/kubernetes/sdc/charts/sdc-es/values.yaml index 33ebbe3799..a84f738583 100644 --- a/kubernetes/sdc/charts/sdc-es/values.yaml +++ b/kubernetes/sdc/charts/sdc-es/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuInitRepository: oomk8s @@ -31,8 +31,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-elasticsearch:1.4-STAGING-latest -elasticInitImage: onap/sdc-init-elasticsearch:1.4-STAGING-latest +image: onap/sdc-elasticsearch:1.4.0 +elasticInitImage: onap/sdc-init-elasticsearch:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index e9b329c9e7..e95223bf43 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-frontend:1.4-STAGING-latest +image: onap/sdc-frontend:1.4.0 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-kb/values.yaml b/kubernetes/sdc/charts/sdc-kb/values.yaml index 02e1728f9a..21b0b05ff6 100644 --- a/kubernetes/sdc/charts/sdc-kb/values.yaml +++ b/kubernetes/sdc/charts/sdc-kb/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-kibana:1.4-STAGING-latest +image: onap/sdc-kibana:1.4.0 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml index 87556b0b55..70895d308d 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml @@ -88,6 +88,8 @@ spec: - name: SDC_PASSWORD valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} + - name: SDC_CERT_DIR + value: {{ .Values.cert.certDir }} volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /root/chef-solo/environments/ @@ -99,6 +101,8 @@ spec: - name: {{ include "common.fullname" . }}-logback mountPath: /tmp/logback.xml subPath: logback.xml + - name: {{ include "common.fullname" . }}-cert-storage + mountPath: "{{ .Values.cert.certDir }}" lifecycle: postStart: exec: @@ -133,5 +137,8 @@ spec: defaultMode: 0755 - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: {{ include "common.fullname" . }}-cert-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-cert imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml index 320918507f..8d56f0ab2c 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml @@ -54,8 +54,6 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/ env: - name: ENVNAME value: {{ .Values.global.env.name }} @@ -73,19 +71,12 @@ spec: valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_password} - name: CS_HOST_IP - value: "sdc-cs" + value: "{{ .Values.global.cassandra.serviceName }}" volumes: - name: {{ include "common.fullname" . }}-environments configMap: name: {{ .Release.Name }}-sdc-environments-configmap defaultMode: 0755 - - name: {{ include "common.fullname" . }}-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Never diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml index 9ceef30007..b292ff9448 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# ================================================================================ +# Copyright (C) 2019, Nordix Foundation. All rights reserved. +# ================================================================================ # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,12 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-cert namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -29,10 +29,10 @@ metadata: name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ .Values.cert.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ .Values.cert.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml index 2f343c83dc..eb2c372a33 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# ================================================================================ +# Copyright (C) 2019, Nordix Foundation. All rights reserved. +# ================================================================================ # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,36 +15,35 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-cert namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} +{{- if .Values.cert.persistence.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ toYaml .Values.cert.persistence.annotations | indent 4 }} {{- end }} spec: selector: matchLabels: name: {{ include "common.fullname" . }} accessModes: - - {{ .Values.persistence.accessMode }} + - {{ .Values.cert.persistence.accessMode }} resources: requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} + storage: {{ .Values.cert.persistence.size }} +{{- if .Values.cert.persistence.storageClass }} +{{- if (eq "-" .Values.cert.persistence.storageClass) }} storageClassName: "" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: "{{ .Values.cert.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index c2a52b43b0..2b7edd97ed 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-onboard-backend:1.4-STAGING-latest -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4-STAGING-latest +image: onap/sdc-onboard-backend:1.4.0 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4.0 pullPolicy: Always # flag to enable debugging - application support required @@ -90,6 +90,18 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: /sdc/sdc-cs/CS +##Certificate storage persistence +##This is temporary solution for SDC-1980 +cert: + certDir: /var/lib/jetty/cert + persistence: + enabled: true + size: 10Mi + accessMode: ReadOnlyMany + volumeReclaimPolicy: Retain + mountSubPath: /sdc/onbaording/cert + + ingress: enabled: false @@ -111,4 +123,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index bb96d342f7..0bf1bf5d31 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -73,7 +73,7 @@ spec: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: CS_HOSTS - value: "{{ .Values.config.cassandraHosts }}" + value: "{{ .Values.global.cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" - name: CS_AUTHENTICATE diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml index 38f526d215..90ff1b46ba 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml @@ -54,7 +54,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: CS_HOST - value: "sdc-cs" + value: "{{ .Values.global.cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraThriftClientPort }}" - name: CS_AUTHENTICATE @@ -67,4 +67,4 @@ spec: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" -{{ end }} \ No newline at end of file +{{ end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 63554369ed..8859b89018 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.4.0-SNAPSHOT -configInitImage: onap/workflow-init:1.4.0-SNAPSHOT +image: onap/workflow-backend:1.4.0 +configInitImage: onap/workflow-init:1.4.0 pullPolicy: Always # flag to enable debugging - application support required @@ -41,7 +41,6 @@ initJob: config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m" cassandraAuthenticationEnabled: true - cassandraHosts: sdc-cs cassandraThriftClientPort: 9160 cassandraClientPort: 9042 sdcProtocol: HTTP diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index c284f2dfd0..0be06f3985 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -51,6 +51,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: @@ -70,7 +71,45 @@ spec: value: {{ .Values.config.javaOptions }} - name: BACKEND value: {{ .Values.config.backendServerURL }} + - name: IS_HTTPS + value: "{{ .Values.config.isHttpsEnabled}}" + {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} + - name: KEYSTORE_PASS + {{- if .Values.global.security.keysFromCa }} + valueFrom: + secretKeyRef: + name: mft-sdc + key: keystore-password.txt + {{ else }} + value: {{ .Values.global.security.keyStorePass}} + {{- end }} + - name: TRUSTSTORE_PASS + {{- if .Values.global.security.keysFromCa }} + valueFrom: + secretKeyRef: + name: mft-catruststore + key: keystore-password.txt + {{ else }} + value: {{ .Values.global.security.trustStorePass}} + {{- end }} + - name: TRUSTSTORE_PATH + value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" + - name: KEYSTORE_PATH + value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" + - name: TRUSTSTORE_TYPE + value: {{ .Values.security.truststore.type }} + - name: KEYSTORE_TYPE + value: {{ .Values.security.keystore.type }} + {{ end }} volumeMounts: + {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} + - name: {{ include "common.fullname" . }}-jetty-https-truststore + mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} + subPath: {{ .Values.security.truststoreFilename }} + - name: {{ include "common.fullname" . }}-jetty-https-keystore + mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} + subPath: {{ .Values.security.keystoreFilename }} + {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml index 2990de3f1a..87ca3607d7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml @@ -40,10 +40,16 @@ spec: - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName | default "http" }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 | default "https" }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName | default "http" }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 | default "https" }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index d9b4dee17e..a217de5e4b 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -17,8 +17,9 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.4.0-SNAPSHOT +image: onap/workflow-frontend:1.4.0 pullPolicy: Always # flag to enable debugging - application support required @@ -36,6 +37,16 @@ debugEnabled: false config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7000,server=y,suspend=n -Xmx256m -Xms256m" backendServerURL: "http://sdc-wfd-be:8080" + isHttpsEnabled: false + +# https relevant settings. Change in case you have other trust files then default ones. +security: + isDefaultStore: true + truststoreType: "JKS" + keystoreType: "JKS" + truststoreFilename: "truststore" + keystoreFilename: "keystore" + storePath: "etc" # default number of instances replicaCount: 1 @@ -62,6 +73,10 @@ service: externalPort: 8080 portName: sdc-wfd-fe nodePort: "56" + portName2: sdc-wfd-fe2 + internalPort2: 8443 + externalPort2: 8443 + nodePort2: "31" ingress: enabled: false diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml index 6f49b16ca9..e9661315f3 100644 --- a/kubernetes/sdc/requirements.yaml +++ b/kubernetes/sdc/requirements.yaml @@ -17,3 +17,12 @@ dependencies: - name: common version: ~4.x-0 repository: '@local' + + - name: cassandra + version: ~4.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + condition: global.cassandra.localCluster + diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index be9db4cd52..0c42d860ca 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -9,7 +9,7 @@ "default_attributes": { "disableHttp": false, - "CS_VIP": "sdc-cs.{{include "common.namespace" .}}", + "CS_VIP": "{{.Values.global.cassandra.serviceName}}.{{include "common.namespace" .}}", "BE_VIP": "sdc-be.{{include "common.namespace" .}}", "ONBOARDING_BE_VIP": "sdc-onboarding-be.{{include "common.namespace" .}}", "DCAE_BE_VIP": "sdc-dcae-be.{{include "common.namespace" .}}", @@ -42,7 +42,7 @@ }, "Nodes": { "CS": [ - "sdc-cs.{{include "common.namespace" .}}" + "{{.Values.global.cassandra.serviceName}}.{{include "common.namespace" .}}" ], "BE": "sdc-be.{{include "common.namespace" .}}", "ONBOARDING_BE": "sdc-onboarding-be.{{include "common.namespace" .}}", @@ -88,8 +88,8 @@ "cassandra_user": "asdc_user", "cassandra_password": "Aa1234%^!", "concurrent_writes": "32", - "cluster_name": "SDC-CS-", - "datacenter_name": "SDC-CS-", + "cluster_name": "{{.Values.global.cassandra.clusterName}}", + "datacenter_name": "{{.Values.global.cassandra.dataCenter}}", "multithreaded_compaction": "false", "cache_dir": "/var/lib/cassandra/saved_caches", "log_file": "/var/lib/cassandra/log/system.log", @@ -97,7 +97,8 @@ "commitlog_dir": "/var/lib/cassandra/commitlog", "socket_read_timeout": "20000", "socket_connect_timeout": "20000", - "titan_connection_timeout": "10000" + "titan_connection_timeout": "10000", + "replication_factor": "{{.Values.global.cassandra.replicaCount}}" } } } diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index ea95bd7f53..cafa59ad77 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -20,10 +20,21 @@ global: secrets: sdc_user: YXNkY191c2Vy sdc_password: QWExMjM0JV4h - cs_password: b25hcDEyMyNAIQ== + #Should be the password of shared cassandra instance/chart + cs_password: Y2Fzc2FuZHJh ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 - + cassandra: + #This flag allows SDC to instantiate its own cluster, serviceName + #should be sdc-cs if this flag is enabled + localCluster: false + #The cassandra service name to connect to (default: shared cassandra service) + serviceName: cassandra + #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled + #to match with its own cluster replica + replicaCount: 3 + clusterName: cassandra + dataCenter: Pod config: logstashServiceName: log-ls @@ -32,7 +43,16 @@ config: workflowUrl: 10.0.2.15 vnfRepoPort: 8702 - sdc-es: service: name: sdc-es + +#Used only if localCluster is enabled. Instantiates SDC's own cassandra cluster +cassandra: + nameOverride: sdc-cs + replicaCount: 1 + service: + name: sdc-cs + persistence: + mountSubPath: sdc/sdc-cs/CS + enabled: true diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties index 9e4c88a879..8a0a102396 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dblib.properties @@ -18,7 +18,7 @@ ### org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01 -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl diff --git a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml index 7a5b1f217c..03169427f0 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.config.mysqlChartName }} + - {{ .Values.config.mariadbGalera.chartName }} - --container-name - {{ .Values.config.sdncChartName }} - --container-name diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index f88b6adfc5..8552fd552a 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-dmaap-listener-image:1.5-STAGING-latest +image: onap/sdnc-dmaap-listener-image:1.5.1 pullPolicy: Always # flag to enable debugging - application support required @@ -36,12 +36,15 @@ debugEnabled: false # application configuration config: dmaapPort: 3904 - mysqlChartName: sdnc-db sdncChartName: sdnc sdncPort: 8282 msgRouterContainerName: message-router configDir: /opt/onap/sdnc/data/properties odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + mariadbGalera: + chartName: mariadb-galera + serviceName: mariadb-galera + internalPort: 3306 # default number of instances replicaCount: 1 @@ -68,10 +71,6 @@ ingress: service: name: sdnc-dmaap-listener -mysql: - service: - name: sdnc-dbhost - internalPort: 3306 #Resource limit flavor -By default using small flavor: small #Segregation for different environment (small and large) diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config index f63fe211f6..eb88d7236b 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config @@ -29,7 +29,7 @@ id: sdnc psswd: sdnc # Mysql -host: {{.Values.config.mysqlServiceName}} +host: {{.Values.config.mariadbGalera.serviceName}} user: sdnc passwd: sdnc db: ansible diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index 44a3f96355..ed1968374c 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ansible-server-image:1.5-STAGING-latest +image: onap/sdnc-ansible-server-image:1.5.1 pullPolicy: Always # flag to enable debugging - application support required @@ -37,7 +37,8 @@ debugEnabled: false config: sdncChartName: sdnc configDir: /opt/onap/sdnc - mysqlServiceName: sdnc-dbhost + mariadbGalera: + serviceName: mariadb-galera # default number of instances diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json index a6950fdd70..28da59ea29 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json @@ -27,7 +27,7 @@ }, "svclogicPropertiesDb01": "{{.Values.config.configDir}}/svclogic.properties.sdnctldb01", "databases": [ - "sdnc-dbhost.{{.Release.Namespace}}|sdnc-sdnctldb01.{{.Release.Namespace}}" + "{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}|sdnc-sdnctldb01.{{.Release.Namespace}}" ], "dbFabricServer": "localhost", "dbFabricPort": "32275", diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties index 68357baae6..7a5475ed20 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties @@ -18,7 +18,7 @@ ### org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01 -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl diff --git a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml index 35dffee552..0a59eb079a 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.config.mysqlChartName }} + - {{ .Values.config.mariadbGalera.chartName }} - --container-name - {{ .Values.config.sdncChartName }} env: diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index 88acef1e58..4a51a969b9 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.5-STAGING-latest +image: onap/admportal-sdnc-image:1.5.1 pullPolicy: Always # flag to enable debugging - application support required @@ -35,12 +35,17 @@ debugEnabled: false # application configuration config: - mysqlChartName: sdnc-db - dbRootPassword: openECOMP1.0 + dbRootPassword: secretpassword dbSdnctlPassword: gamma sdncChartName: sdnc configDir: /opt/onap/sdnc/data/properties + storesDir: /opt/onap/sdnc/data/stores odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + keystorePwd: ?w5&!M;8v1XF;:Xd;g*%S$IY + mariadbGalera: + chartName: mariadb-galera + serviceName: mariadb-galera + internalPort: 3306 # default number of instances replicaCount: 0 @@ -72,11 +77,6 @@ service: ingress: enabled: false -mysql: - service: - name: sdnc-dbhost - internalPort: 3306 - #Resource limit flavor -By default using small flavor: small #segregation for different environment (small and large) diff --git a/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties b/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties index 15cb2182a2..fdc2218532 100644 --- a/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties +++ b/kubernetes/sdnc/charts/ueb-listener/resources/config/dblib.properties @@ -23,7 +23,7 @@ org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01 -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl diff --git a/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml index 1c5f9179c0..0f8931b7b3 100644 --- a/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.config.mysqlChartName }} + - {{ .Values.config.mariadbGalera.chartName }} - --container-name - {{ .Values.config.sdncChartName }} - --container-name diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index c1892efadf..763af62def 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ueb-listener-image:1.5-STAGING-latest +image: onap/sdnc-ueb-listener-image:1.5.1 pullPolicy: Always # flag to enable debugging - application support required @@ -36,13 +36,15 @@ debugEnabled: false # application configuration config: sdncPort: 8282 - mysqlChartName: sdnc-db sdncChartName: sdnc sdcbeChartName: sdc-be msgRouterContainerName: message-router configDir: /opt/onap/sdnc/data/properties odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - + mariadbGalera: + chartName: mariadb-galera + serviceName: mariadb-galera + internalPort: 3306 # default number of instances replicaCount: 1 @@ -66,11 +68,6 @@ readiness: service: name: sdnc-ueb-listener -mysql: - service: - name: sdnc-dbhost - internalPort: 3306 - ingress: enabled: false diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml index 56e20672f7..a4bffc077f 100644 --- a/kubernetes/sdnc/requirements.yaml +++ b/kubernetes/sdnc/requirements.yaml @@ -20,9 +20,6 @@ dependencies: version: ~4.x-0 repository: '@local' condition: cds.enabled - - name: mysql - version: ~4.x-0 - repository: '@local' - name: network-name-gen version: ~4.x-0 repository: '@local' @@ -33,3 +30,8 @@ dependencies: version: ~4.x-0 repository: '@local' condition: config.geoEnabled + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' + condition: config.localDBCluster + diff --git a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh index ab0bc35880..2a733de7d5 100644 --- a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh +++ b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh @@ -22,7 +22,7 @@ ### SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc} -MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}} +MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}} SDNC_DB_USER=${SDNC_DB_USER:-sdnctl} @@ -55,4 +55,4 @@ done ${SDNC_HOME}/bin/addVnis.sh 100 199 # Drop FK_NETWORK_MODEL foreign key as workaround for SDNC-291. -${SDNC_HOME}/bin/rmForeignKey.sh NETWORK_MODEL FK_NETWORK_MODEL \ No newline at end of file +${SDNC_HOME}/bin/rmForeignKey.sh NETWORK_MODEL FK_NETWORK_MODEL diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index 2513fc9dd4..9b96a325b7 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -119,7 +119,7 @@ SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}} -MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}} +MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.dbServiceName}}.{{.Release.Namespace}}} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} diff --git a/kubernetes/sdnc/resources/config/conf/dblib.properties b/kubernetes/sdnc/resources/config/conf/dblib.properties index dd2bcabcc5..1849053411 100644 --- a/kubernetes/sdnc/resources/config/conf/dblib.properties +++ b/kubernetes/sdnc/resources/config/conf/dblib.properties @@ -18,7 +18,7 @@ ### org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01 -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver org.onap.ccsdk.sli.jdbc.database=sdnctl org.onap.ccsdk.sli.jdbc.user=sdnctl diff --git a/kubernetes/sdnc/resources/config/conf/svclogic.properties b/kubernetes/sdnc/resources/config/conf/svclogic.properties index e564012c8f..55ef8e7e85 100644 --- a/kubernetes/sdnc/resources/config/conf/svclogic.properties +++ b/kubernetes/sdnc/resources/config/conf/svclogic.properties @@ -20,7 +20,7 @@ ### org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl org.onap.ccsdk.sli.jdbc.database = sdnctl org.onap.ccsdk.sli.jdbc.user = sdnctl org.onap.ccsdk.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} diff --git a/kubernetes/sdnc/sdnc-prom/values.yaml b/kubernetes/sdnc/sdnc-prom/values.yaml index d481f4aaf5..7216e81abf 100644 --- a/kubernetes/sdnc/sdnc-prom/values.yaml +++ b/kubernetes/sdnc/sdnc-prom/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 persistence: diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 24ca832d24..d60319fa1c 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.mysql.nameOverride }} + - {{ .Values.config.mariadbGalera.chartName }} env: - name: NAMESPACE valueFrom: @@ -46,7 +46,15 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-chown + image: "busybox" + command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"] + volumeMounts: + - mountPath: {{ .Values.persistence.mdsalPath }} + name: {{ include "common.fullname" . }}-mdsal + - mountPath: {{ .Values.certpersistence.certPath }} + name: {{ include "common.fullname" . }}-certs containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -94,7 +102,7 @@ spec: - name: SDNC_REPLICAS value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST - value: "{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}" + value: "{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}" - name: JAVA_HOME value: "{{ .Values.config.javaHome}}" volumeMounts: @@ -209,4 +217,4 @@ spec: selector: matchLabels: name: {{ include "common.fullname" . }} - {{ end }} \ No newline at end of file + {{ end }} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 95bc31a96b..0cd5b60848 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -20,7 +20,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 persistence: @@ -32,15 +32,17 @@ global: # application images repository: nexus3.onap.org:10001 pullPolicy: Always -image: onap/sdnc-image:1.5-STAGING-latest +image: onap/sdnc-image:1.5.1 # flag to enable debugging - application support required debugEnabled: false # application configuration config: + odlUid: 100 + odlGid: 101 odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - dbRootPassword: openECOMP1.0 + dbRootPassword: secretpassword dbSdnctlPassword: gamma enableClustering: true binDir: /opt/onap/sdnc/bin @@ -59,6 +61,15 @@ config: ansiblePort: 8000 javaHome: /usr/lib/jvm/java-1.8-openjdk + #local Mariadb-galera cluster + localDBCluster: false + + #Shared mariadb-galera details + mariadbGalera: + chartName: mariadb-galera + serviceName: mariadb-galera + internalPort: 3306 + # dependency / sub-chart configuration cds: enabled: true @@ -67,7 +78,7 @@ dmaap-listener: nameOverride: sdnc-dmaap-listener config: sdncChartName: sdnc - mysqlChartName: sdnc-db + mysqlChartName: mariadb-galera dmaapPort: 3904 sdncPort: 8282 configDir: /opt/onap/sdnc/data/properties @@ -78,16 +89,16 @@ ueb-listener: config: sdncPort: 8282 sdncChartName: sdnc - mysqlChartName: sdnc-db + mysqlChartName: mariadb-galera configDir: /opt/onap/sdnc/data/properties odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U sdnc-portal: config: sdncChartName: sdnc - mysqlChartName: sdnc-db + mysqlChartName: mariadb-galera configDir: /opt/onap/sdnc/data/properties - dbRootPassword: openECOMP1.0 + dbRootPassword: secretpassword dbSdnctlPassword: gamma odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U @@ -96,28 +107,25 @@ sdnc-ansible-server: name: sdnc-ansible-server internalPort: 8000 config: - mysqlServiceName: sdnc-dbhost + mysqlServiceName: mariadb-galera -mysql: +mariadb-galera: nameOverride: sdnc-db service: name: sdnc-dbhost internalPort: 3306 - nfsprovisionerPrefix: sdnc sdnctlPrefix: sdnc persistence: - mountSubPath: sdnc/mysql + mountSubPath: sdnc/mariadb-galera enabled: true - disableNfsProvisioner: true replicaCount: 1 - geoEnabled: false dgbuilder: nameOverride: sdnc-dgbuilder config: - dbPodName: sdnc-db - dbServiceName: sdnc-dbhost - dbRootPassword: openECOMP1.0 + dbPodName: mariadb-galera + dbServiceName: mariadb-galera + dbRootPassword: secretpassword dbSdnctlPassword: gamma dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5 service: diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index 92c5c78b5f..f8cfc4cffc 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -19,9 +19,10 @@ aai: workflowAaiDistributionDelay: PT30S pnfEntryNotificationTimeout: P14D cds: - endpoint: blueprints-processor + endpoint: cds-blueprints-processor-grpc port: 9111 auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + timeout: 600 camunda: bpm: admin-user: diff --git a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index 2deb907ba5..d6aa29c6fb 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.3.3 +image: onap/so/bpmn-infra:1.4.1 pullPolicy: Always replicaCount: 1 @@ -71,8 +71,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index beeaf72d57..8a5f418a4e 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.3.3 +image: onap/so/catalog-db-adapter:1.4.1 pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false config: diff --git a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml index f53c67f067..d19803c32e 100755 --- a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml +++ b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml @@ -22,8 +22,8 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: - mariadb.readwrite.host : {{ .Values.db_host | b64enc | quote }} - mariadb.readwrite.port : {{ .Values.db_port | b64enc | quote }} + mariadb.readwrite.host : {{ .Values.global.mariadbGalera.serviceName | b64enc | quote }} + mariadb.readwrite.port : {{ .Values.global.mariadbGalera.servicePort | b64enc | quote }} mariadb.readwrite.rolename: {{ .Values.db_username | b64enc | quote }} mariadb.readwrite.password: {{ .Values.db_password | b64enc | quote }} mariadb.admin.rolename: {{ .Values.db_admin_username| b64enc | quote }} diff --git a/kubernetes/so/charts/so-db-secrets/values.yaml b/kubernetes/so/charts/so-db-secrets/values.yaml index 8836802069..63b6852d50 100644 --- a/kubernetes/so/charts/so-db-secrets/values.yaml +++ b/kubernetes/so/charts/so-db-secrets/values.yaml @@ -11,8 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -db_host: so-mariadb -db_port: "3306" db_admin_username: so_admin db_admin_password: so_Admin123 db_username: so_user diff --git a/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf b/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf deleted file mode 100755 index 39ed022489..0000000000 --- a/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf +++ /dev/null @@ -1,193 +0,0 @@ -# Example MySQL config file for medium systems. -# -# This is for a system with memory 8G where MySQL plays -# an important part, or systems up to 128M where MySQL is used together with -# other programs (such as a web server) -# -# In this file, you can use all long options that a program supports. -# If you want to know which options a program supports, run the program -# with the "--help" option. - -# The following options will be passed to all MySQL clients -##[client] -##user = root -##port = 3306 -##socket = //opt/app/mysql/mysql.sock - -# Here follows entries for some specific programs - -# The MySQL server -[mysqld] -##performance_schema - -slow_query_log =ON -long_query_time =2 -slow_query_log_file =//var/lib/mysql/slow_query.log - -skip-external-locking -explicit_defaults_for_timestamp = true -skip-symbolic-links -local-infile = 0 -key_buffer_size = 16M -max_allowed_packet = 4M -table_open_cache = 100 -sort_buffer_size = 512K -net_buffer_length = 8K -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -max_connections = 500 -lower_case_table_names = 1 -thread_stack = 256K -thread_cache_size = 25 -query_cache_size = 8M -query_cache_type = 0 -query_prealloc_size = 512K -query_cache_limit = 1M - -# Password validation -##plugin-load-add=simple_password_check.so -##simple_password_check_other_characters=0 - -# Audit Log settings -plugin-load-add=server_audit.so -server_audit=FORCE_PLUS_PERMANENT -server_audit_file_path=//var/lib/mysql/audit.log -server_audit_file_rotate_size=50M -server_audit_events=CONNECT,QUERY,TABLE -server_audit_logging=on - -# Don't listen on a TCP/IP port at all. This can be a security enhancement, -# if all processes that need to connect to mysqld run on the same host. -# All interaction with mysqld must be made via Unix sockets or named pipes. -# Note that using this option without enabling named pipes on Windows -# (via the "enable-named-pipe" option) will render mysqld useless! -# -#skip-networking - -# Replication Master Server (default) -# binary logging is required for replication -##log-bin=//var/lib/mysql/mysql-bin - -# binary logging format - mixed recommended -binlog_format=row - -# required unique id between 1 and 2^32 - 1 -# defaults to 1 if master-host is not set -# but will not function as a master if omitted - -# Replication Slave (comment out master section to use this) -# -# To configure this host as a replication slave, you can choose between -# two methods : -# -# 1) Use the CHANGE MASTER TO command (fully described in our manual) - -# the syntax is: -# -# CHANGE MASTER TO MASTER_HOST=, MASTER_PORT=, -# MASTER_USER=, MASTER_PASSWORD= ; -# -# where you replace , , by quoted strings and -# by the master's port number (3306 by default). -# -# Example: -# -# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306, -# MASTER_USER='joe', MASTER_PASSWORD='secret'; -# -# OR -# -# 2) Set the variables below. However, in case you choose this method, then -# start replication for the first time (even unsuccessfully, for example -# if you mistyped the password in master-password and the slave fails to -# connect), the slave will create a master.info file, and any later -# change in this file to the variables' values below will be ignored and -# overridden by the content of the master.info file, unless you shutdown -# the slave server, delete master.info and restart the slaver server. -# For that reason, you may want to leave the lines below untouched -# (commented) and instead use CHANGE MASTER TO (see above) -# -# required unique id between 2 and 2^32 - 1 -# (and different from the master) -# defaults to 2 if master-host is set -# but will not function as a slave if omitted -#server-id = 2 -# -# The replication master for this slave - required -#master-host = -# -# The username the slave will use for authentication when connecting -# to the master - required -#master-user = -# -# The password the slave will authenticate with when connecting to -# the master - required -#master-password = -# -# The port the master is listening on. -# optional - defaults to 3306 -#master-port = -# -# binary logging - not required for slaves, but recommended -#log-bin=mysql-bin - -# Uncomment the following if you are using InnoDB tables -##innodb_data_home_dir = //opt/app/mysql/data -##innodb_data_file_path = ibdata1:20M:autoextend:max:32G -##innodb_log_group_home_dir = //opt/app/mysql/iblogs -# You can set .._buffer_pool_size up to 50 - 80 % -# of RAM but beware of setting memory usage too high -#innodb_buffer_pool_size = 6380M -#innodb_additional_mem_pool_size = 2M -# Set .._log_file_size to 25 % of buffer pool size -innodb_log_file_size = 150M -innodb_log_files_in_group = 3 -innodb_log_buffer_size = 8M -#innodb_flush_log_at_trx_commit = 1 -innodb_lock_wait_timeout = 50 -innodb_autoextend_increment = 100 -expire_logs_days = 8 -open_files_limit = 2000 -transaction-isolation=READ-COMMITTED -####### Galera parameters ####### -## Galera Provider configuration -wsrep_provider=/usr/lib/galera/libgalera_smm.so -wsrep_provider_options="gcache.size=2G; gcache.page_size=1G" -## Galera Cluster configuration -wsrep_cluster_name="MSO-automated-tests-cluster" -wsrep_cluster_address="gcomm://" -#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3" -##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186" -## Galera Synchronization configuration -wsrep_sst_method=rsync -#wsrep_sst_method=xtrabackup-v2 -#wsrep_sst_auth="sstuser:Mon#2o!6" -## Galera Node configuration -wsrep_node_name="mariadb1" -##wsrep_node_address="192.169.3.184" -wsrep_on=ON -## Status notification -#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify -####### - - -[mysqldump] -quick -max_allowed_packet = 16M - -[mysql] -no-auto-rehash -# Remove the next comment character if you are not familiar with SQL -#safe-updates - -[myisamchk] -key_buffer_size = 20971520 - -##[mysqlhotcopy] -##interactive-timeout -##[mysqld_safe] -##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1 -##log-error=//opt/app/mysql/log/mysqld.log - -general_log_file = /var/log/mysql/mysql.log -general_log = 1 diff --git a/kubernetes/so/charts/so-mariadb/templates/NOTES.txt b/kubernetes/so/charts/so-mariadb/templates/NOTES.txt deleted file mode 100755 index c60c745ca3..0000000000 --- a/kubernetes/so/charts/so-mariadb/templates/NOTES.txt +++ /dev/null @@ -1,19 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/deployment.yaml b/kubernetes/so/charts/so-mariadb/templates/deployment.yaml deleted file mode 100755 index 6c7b85fbc8..0000000000 --- a/kubernetes/so/charts/so-mariadb/templates/deployment.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - hostname: mariadb - initContainers: - - name: {{ include "common.name" . }}-inject-testlab-project - command: - - /bin/bash - - -c - - > - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; - cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; - chmod -R 755 /docker-entrypoint-initdb.d; - echo "Done."; - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: docker-entrypoint-initdb-d - mountPath: "/docker-entrypoint-initdb.d" - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - volumeMounts: - - mountPath: /var/lib/mysql - name: mariadb-data - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /etc/mysql/conf.d - name: mariadb-conf - - name: docker-entrypoint-initdb-d - mountPath: "/docker-entrypoint-initdb.d" - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - - name: mariadb-conf - configMap: - name: confd-configmap - - name: localtime - hostPath: - path: /etc/localtime - - name: docker-entrypoint-initdb-d - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-mariadb/templates/job.yaml b/kubernetes/so/charts/so-mariadb/templates/job.yaml new file mode 100755 index 0000000000..a20564e513 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/templates/job.yaml @@ -0,0 +1,193 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if .Values.global.migration.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-backup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + containers: + - name: {{ include "common.fullname" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.global.migration.dbHost }} + - name: DB_USER + value: {{ .Values.global.migration.dbUser }} + - name: DB_PORT + value: "{{ .Values.global.migration.dbPort }}" + - name: DB_PASS + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-migration + key: db-root-password-backup + command: + - /bin/bash + - -c + - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb > /var/data/mariadb/backup-`date +%s`.sql + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: backup-storage + mountPath: /var/data/mariadb + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: backup-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-migration + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Never +--- +{{- end }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-config-job + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": post-upgrade,post-rollback,post-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadbGalera.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: {{ include "common.name" . }}-inject-testlab-project + command: + - /bin/bash + - -c + - > + git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; + echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; + cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; + chmod -R 755 /docker-entrypoint-initdb.d; + echo "Done."; + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: docker-entrypoint-initdb-d + mountPath: "/docker-entrypoint-initdb.d" + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/bash + - -c + - > + mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; }; + export -f mysql; + mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }}; + for f in /docker-entrypoint-initdb.d/*; do case "$f" in *.sh) echo "$0: running $f"; . "$f" ;; *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;; *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;; *) echo "$0: ignoring $f" ;; esac; echo; done; + {{- if .Values.global.migration.enabled }} + mysql -vv --user=root --password=${MYSQL_ROOT_PASSWORD} < `ls -tr /var/data/mariadb/* | tail -1`; + {{- end }} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-root-password + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: docker-entrypoint-initdb-d + mountPath: "/docker-entrypoint-initdb.d" + {{- if .Values.global.migration.enabled }} + - name: backup-storage + mountPath: /var/data/mariadb + {{- end }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-entrypoint-initdb-d + emptyDir: {} + {{- if .Values.global.migration.enabled }} + - name: backup-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-migration + {{- end }} + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-mariadb/templates/pv.yaml b/kubernetes/so/charts/so-mariadb/templates/pv.yaml index d1e1b04121..5f5d09e2eb 100755 --- a/kubernetes/so/charts/so-mariadb/templates/pv.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright ▒ 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,23 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} + +{{- if .Values.global.migration.enabled }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation spec: capacity: storage: {{ .Values.persistence.size}} @@ -33,4 +38,4 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file +{{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml index 74ba690fa6..92d5eed0c4 100755 --- a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright ▒ 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,25 +13,29 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} + +{{- if .Values.global.migration.enabled }} kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "-1" + "helm.sh/hook-delete-policy": before-hook-creation +{{- if .Values.persistence.annotations }} {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: selector: matchLabels: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration accessModes: - {{ .Values.persistence.accessMode }} resources: @@ -44,4 +48,5 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} \ No newline at end of file +{{- end }} + diff --git a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml index 24f7139ee0..99ccb55445 100755 --- a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml @@ -23,4 +23,24 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} \ No newline at end of file + db-root-password: {{ .Values.global.mariadbGalera.mariadbRootPassword | b64enc | quote }} +{{- if .Values.global.migration.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-migration + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation +type: Opaque +data: + db-root-password-backup: {{ .Values.global.migration.dbPassword | b64enc | quote }} +{{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/service.yaml b/kubernetes/so/charts/so-mariadb/templates/service.yaml deleted file mode 100755 index 010dc71474..0000000000 --- a/kubernetes/so/charts/so-mariadb/templates/service.yaml +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - name: {{ .Values.service.portName }} - {{ if eq .Values.service.type "NodePort" }} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{ else }} - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - {{ end }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/so/charts/so-mariadb/values.yaml b/kubernetes/so/charts/so-mariadb/values.yaml index 950b43a360..acf9cb4f33 100755 --- a/kubernetes/so/charts/so-mariadb/values.yaml +++ b/kubernetes/so/charts/so-mariadb/values.yaml @@ -22,10 +22,8 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ubuntuInitRepository: registry.hub.docker.com - persistence: - mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. @@ -38,55 +36,20 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 # application configuration config: - mariadbRootPassword: password # gerrit branch where the latest heat code is checked in gerritBranch: master # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git # default number of instances -replicaCount: 1 nodeSelector: {} affinity: {} -# probe configuration parameters -liveness: - initialDelaySeconds: 450 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true -readiness: - initialDelaySeconds: 450 - periodSeconds: 10 -## Persist data to a persitent volume -persistence: - enabled: true - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mso/mariadb/data -service: - type: NodePort - portName: mariadb - internalPort: 3306 - externalPort: 3306 - nodePort: 52 + ingress: enabled: false + # Resource Limit flavor flavor: small + resources: small: limits: @@ -103,3 +66,24 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + + mountPath: /dockerdata-nfs + mountSubPath: so/migration diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index 29cfab1ea4..ff125ec106 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -24,7 +24,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.3.3 +image: onap/so/so-monitoring:1.4.1 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index f97ad13b3f..215a4492d0 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -19,14 +19,14 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.3.3 +image: onap/so/openstack-adapter:1.4.1 pullPolicy: Always repository: nexus3.onap.org:10001 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false config: diff --git a/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index 16d4a153ac..97b5ab5feb 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.3.3 +image: onap/so/request-db-adapter:1.4.1 pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 06d8c8147f..1d7ee6f4c1 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.3.3 +image: onap/so/sdc-controller:1.4.1 pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index a24eddc3fa..2671f1c1ae 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.3.3 +image: onap/so/sdnc-adapter:1.4.1 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 08a78397d4..d0b887b53a 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.3.3 +image: onap/so/vfc-adapter:1.4.1 pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml index 0b52949103..8650f05897 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -32,3 +32,10 @@ mso: logPath: ./logs/vnfm-adapter msb-ip: msb-iag.{{ include "common.namespace" . }} msb-port: 80 +sdc: + username: mso + password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F + key: 566B754875657232314F5548556D3665 + endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 +vnfmadapter: + endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index cc0450186c..50b9de06c3 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -26,7 +26,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vnfm-adapter:1.4.0 +image: onap/so/vnfm-adapter:1.4.1 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 12e77c38a0..237486d90b 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -17,4 +17,8 @@ dependencies: # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) - repository: '@local' \ No newline at end of file + repository: '@local' + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' + condition: global.mariadbGalera.localCluster diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 1a59cea4c6..91fc9db198 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -19,15 +19,31 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 + mariadbGalera: + nameOverride: mariadb-galera + serviceName: mariadb-galera + servicePort: "3306" + mariadbRootPassword: secretpassword + #This flag allows SO to instantiate its own mariadb-galera cluster, + #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled + localCluster: false persistence: mountPath: /dockerdata-nfs - + #This configuration will run the migration. The configurations are for backing up the data + #from DB and then restoring it to the present versions preferred DB. + migration: + enabled: false + dbHost: mariadb-galera + dbPort: 3306 + dbUser: root + dbPassword: secretpassword + ################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.3.3 +image: onap/so/api-handler-infra:1.4.1 pullPolicy: Always replicaCount: 1 @@ -72,25 +88,20 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb -so-bpmn-infra: - mariadb: - nameOverride: so-mariadb -so-catalog-db-adapter: - mariadb: - nameOverride: so-mariadb -so-openstack-adapter: - mariadb: - nameOverride: so-mariadb -so-request-db-adapter: - mariadb: - nameOverride: so-mariadb -so-sdc-controller: - mariadb: - nameOverride: so-mariadb -so-vfc-adapter: - mariadb: - nameOverride: so-mariadb + nodeSelector: {} affinity: {} + +#Used only if localCluster is enabled. Instantiates SO's own cassandra cluster +#helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \ +# --set so.global.mariadbGalera.localCluster=true \ +# --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \ +# --set so.global.mariadbGalera.serviceName=so-mariadb-galera +mariadb-galera: + nameOverride: so-mariadb-galera + replicaCount: 1 + service: + name: so-mariadb-galera + persistence: + mountSubPath: so/mariadb-galera/data + enabled: true diff --git a/kubernetes/uui/charts/uui-server/templates/service.yaml b/kubernetes/uui/charts/uui-server/templates/service.yaml index 2abe7fd9f8..346c0370f9 100644 --- a/kubernetes/uui/charts/uui-server/templates/service.yaml +++ b/kubernetes/uui/charts/uui-server/templates/service.yaml @@ -27,7 +27,7 @@ metadata: { "serviceName": "usecaseui-server", "version": "v1", - "url": "/api/usecaseui/server/v1", + "url": "/api/usecaseui-server/v1", "protocol": "REST", "port": "{{.Values.service.internalPort}}", "visualRange":"1" diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml index fe2b1aa1df..c3c6151f55 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-db + - vfc-mariadb env: - name: NAMESPACE valueFrom: @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-catalog mountPath: /service/vfc/nfvo/catalog/static diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml index fc6cf4e853..2eb74e20b2 100644 --- a/kubernetes/vfc/charts/vfc-catalog/values.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/catalog:1.2.1 +image: onap/vfc/catalog:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-ems-driver/values.yaml b/kubernetes/vfc/charts/vfc-ems-driver/values.yaml index ebdc2f3e45..d4c71b642c 100644 --- a/kubernetes/vfc/charts/vfc-ems-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-ems-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/emsdriver:1.2.1 +image: onap/vfc/emsdriver:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml index a25a497df5..e529f47bd1 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml @@ -32,22 +32,6 @@ spec: annotations: sidecar.istio.io/inject: "{{.Values.istioSidecar}}" spec: - initContainers: -#Example init container for dependency checking -# - command: -# - /root/ready.py -# args: -# - --container-name -# - mariadb -# env: -# - name: NAMESPACE -# valueFrom: -# fieldRef: -# apiVersion: v1 -# fieldPath: metadata.namespace -# image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" -# imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} -# name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml index d743acdd79..2134309f46 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/gvnfmdriver:1.2.1 +image: onap/vfc/gvnfmdriver:1.3.1 pullPolicy: Always #Istio sidecar injection policy @@ -87,4 +87,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml index d3f393bc2d..70125e9441 100644 --- a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/nfvo/svnfm/huawei:1.2.1 +image: onap/vfc/nfvo/svnfm/huawei:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml index fab65fa0cc..f68f0fc790 100644 --- a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/jujudriver:1.2.1 +image: onap/vfc/jujudriver:1.3.1 pullPolicy: Always #Istio sidecar injection policy @@ -88,4 +88,4 @@ resources: requests: cpu: 200m memory: 2000Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml b/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml index 0a4601fea0..211ff720ca 100644 --- a/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml +++ b/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/multivimproxy:1.2.1 +image: onap/vfc/multivimproxy:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/.helmignore b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/resources/config/logging/logback.xml b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/resources/config/logging/logback.xml deleted file mode 100644 index 747c6b6551..0000000000 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/resources/config/logging/logback.xml +++ /dev/null @@ -1,30 +0,0 @@ - - - - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{35} - %msg %n - UTF-8 - - - - /var/log/onap/vfc/svnfm/nokiavnfmdriver.log - - /var/log/onap/vfc/svnfm/nokiavnfmdriver.%i.log.zip - - 1 - 9 - - - 10MB - - - %d{yyyy-MM-dd HH:mm:ss.SSS} %X{req.method} %X{req.remoteHost} %X{req.requestURI} [%t] %-5level %logger{50} %line - %m%n - UTF-8 - - - - - - - \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/deployment.yaml deleted file mode 100644 index eb0885a0e4..0000000000 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/templates/deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - annotations: - sidecar.istio.io/inject: "{{.Values.istioSidecar}}" - spec: - initContainers: -#Example init container for dependency checking -# - command: -# - /root/ready.py -# args: -# - --container-name -# - mariadb -# env: -# - name: NAMESPACE -# valueFrom: -# fieldRef: -# apiVersion: v1 -# fieldPath: metadata.namespace -# image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" -# imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} -# name: {{ include "common.name" . }}-readiness - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MSB_ADDR - value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - volumeMounts: - - name: {{ include "common.fullname" . }}-localtime - mountPath: /etc/localtime - readOnly: true - - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap - - name: {{ include "common.fullname" . }}-logback - mountPath: /opt/vfc/nokiavnfmdriver/config/logback.xml - subPath: logback.xml - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - # side car containers - - name: {{ include "common.name" . }}-filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-filebeat-conf - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap - - name: {{ include "common.fullname" . }}-data-filebeat - mountPath: /usr/share/filebeat/data - - volumes: - - name: {{ include "common.fullname" . }}-localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-logback - configMap: - name : {{ include "common.fullname" . }}-logging-configmap - - - name: {{ include "common.fullname" . }}-filebeat-conf - configMap: - name: {{ .Release.Name }}-vfc-filebeat-configmap - - name: {{ include "common.fullname" . }}-data-filebeat - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml index 184ceb5dfa..217759e6ab 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-db + - vfc-mariadb env: - name: NAMESPACE valueFrom: @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml index d96aa6992a..f42cec04f8 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/nslcm:1.2.1 +image: onap/vfc/nslcm:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-db/.helmignore b/kubernetes/vfc/charts/vfc-redis/.helmignore similarity index 100% rename from kubernetes/vfc/charts/vfc-db/.helmignore rename to kubernetes/vfc/charts/vfc-redis/.helmignore diff --git a/kubernetes/vfc/charts/vfc-db/Chart.yaml b/kubernetes/vfc/charts/vfc-redis/Chart.yaml similarity index 97% rename from kubernetes/vfc/charts/vfc-db/Chart.yaml rename to kubernetes/vfc/charts/vfc-redis/Chart.yaml index 64e6c29f5e..90ffba90b0 100644 --- a/kubernetes/vfc/charts/vfc-db/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-redis/Chart.yaml @@ -14,5 +14,5 @@ apiVersion: v1 description: ONAP VFC - DB -name: vfc-db +name: vfc-redis version: 4.0.0 diff --git a/kubernetes/vfc/charts/vfc-db/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml similarity index 100% rename from kubernetes/vfc/charts/vfc-db/templates/deployment.yaml rename to kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml diff --git a/kubernetes/vfc/charts/vfc-db/templates/service.yaml b/kubernetes/vfc/charts/vfc-redis/templates/service.yaml similarity index 100% rename from kubernetes/vfc/charts/vfc-db/templates/service.yaml rename to kubernetes/vfc/charts/vfc-redis/templates/service.yaml diff --git a/kubernetes/vfc/charts/vfc-db/values.yaml b/kubernetes/vfc/charts/vfc-redis/values.yaml similarity index 95% rename from kubernetes/vfc/charts/vfc-db/values.yaml rename to kubernetes/vfc/charts/vfc-redis/values.yaml index 957af13576..a134190412 100644 --- a/kubernetes/vfc/charts/vfc-db/values.yaml +++ b/kubernetes/vfc/charts/vfc-redis/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/db:1.2.1 +image: onap/vfc/db:1.3.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -59,8 +59,8 @@ readiness: service: type: ClusterIP - name: vfc-db - portName: vfc-db + name: vfc-redis + portName: vfc-redis externalPort: 3306 internalPort: 3306 externalPort2: 6379 diff --git a/kubernetes/vfc/charts/vfc-resmgr/values.yaml b/kubernetes/vfc/charts/vfc-resmgr/values.yaml index bdd6c14836..71cf4cceef 100644 --- a/kubernetes/vfc/charts/vfc-resmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-resmgr/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/resmanagement:1.2.1 +image: onap/vfc/resmanagement:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml index 95e90a1e4e..67f57e88ed 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-db + - vfc-mariadb env: - name: NAMESPACE valueFrom: @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml index e733812dac..abefe06be2 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnflcm:1.2.1 +image: onap/vfc/vnflcm:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml index 219f2f2961..5169f79585 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-db + - vfc-mariadb env: - name: NAMESPACE valueFrom: @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml index 3febc9b9be..d318daca2e 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnfmgr:1.2.1 +image: onap/vfc/vnfmgr:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml index 9f9f1b3377..7982fecf53 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-db + - vfc-mariadb env: - name: NAMESPACE valueFrom: @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-vnfres/values.yaml b/kubernetes/vfc/charts/vfc-vnfres/values.yaml index bb51c63b6e..7522685d61 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnfres:1.2.1 +image: onap/vfc/vnfres:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml b/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml index dd098d65d1..daf1429350 100644 --- a/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml +++ b/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/wfengine-activiti:1.2.0 +image: onap/vfc/wfengine-activiti:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-workflow/values.yaml b/kubernetes/vfc/charts/vfc-workflow/values.yaml index 6d06d9b765..1c7444f2bf 100644 --- a/kubernetes/vfc/charts/vfc-workflow/values.yaml +++ b/kubernetes/vfc/charts/vfc-workflow/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/wfengine-mgrservice:1.2.0 +image: onap/vfc/wfengine-mgrservice:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml index 8bb0574ec6..4c2a54620a 100644 --- a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/ztesdncdriver:1.2.0 +image: onap/vfc/ztesdncdriver:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml index cf0a162a5f..0b9252b36b 100644 --- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/ztevnfmdriver:1.2.1 +image: onap/vfc/ztevnfmdriver:1.3.0 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/requirements.yaml b/kubernetes/vfc/requirements.yaml index 1d30dfd918..71bfc00487 100644 --- a/kubernetes/vfc/requirements.yaml +++ b/kubernetes/vfc/requirements.yaml @@ -15,4 +15,7 @@ dependencies: - name: common version: ~4.x-0 - repository: '@local' \ No newline at end of file + repository: '@local' + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index 00eae1edd2..7afa643e9f 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -18,6 +18,10 @@ global: msbPort: 80 dbServiceName: vfc-db dbPort: 3306 + dbUser: root + mariadbRootPassword: secretpassword + redisServiceName: vfc-redis + redisPort: 6379 persistence: mountPath: /dockerdata-nfs @@ -26,6 +30,25 @@ config: logstashServiceName: log-ls logstashPort: 5044 +mariadb-galera: + nameOverride: vfc-mariadb + service: + name: vfc-db + portName: vfc-db + nfsprovisionerPrefix: vfc + persistence: + mountSubPath: vfc/data + enabled: true + disableNfsProvisioner: true + +catalog: + config: + dbPodName: vfc-db + dbServiceName: vfc-db +nslcm: + config: + dbPodName: vfc-db + dbServiceName: vfc-db # sub-chart configuration vfc-workflow: service: diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 63bbef290e..e004cb4fb9 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:4.0-STAGING-latest +image: onap/vid:4.0.0 pullPolicy: Always # mariadb image for initializing @@ -112,4 +112,4 @@ resources: requests: cpu: 200m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {}