From: Sylvain Desbureaux Date: Tue, 12 Nov 2019 08:07:03 +0000 (+0000) Subject: Merge "change readiness logic for APPC docker" X-Git-Tag: 6.0.0~537 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=d56c7fdc84ae5c78ef9e7670a6952e31fd06d043;hp=cdc42667e5e7b66b152437e69795c06c7f83c17b;p=oom.git Merge "change readiness logic for APPC docker" --- diff --git a/kubernetes/aai b/kubernetes/aai index 1a2274dc0d..81954e51ef 160000 --- a/kubernetes/aai +++ b/kubernetes/aai @@ -1 +1 @@ -Subproject commit 1a2274dc0d8089b12a4b6feff328153dd9b26215 +Subproject commit 81954e51ef4c04fb08182d779f4871dfca766221 diff --git a/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config b/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config index 74fcc49155..8a417fcb1f 100644 --- a/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config +++ b/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config @@ -24,15 +24,8 @@ auth: no priv: provide_privated_key.pem pub: provide_public_key.pem -# RestServer authentication -id: sdnc -psswd: sdnc - # Mysql host: {{.Values.config.mariadbGaleraSVCName}} -user: appc -passwd: appc -db: ansible # Playbooks from_files: yes diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml index 7b0767c80f..b6bf77f3f7 100644 --- a/kubernetes/appc/charts/appc-ansible-server/values.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml @@ -87,7 +87,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: appc/ansible @@ -112,5 +112,3 @@ resources: cpu: 1 memory: 1Gi unlimited: {} - - diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties index ec2ce6bda5..c17c2f489a 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties @@ -106,6 +106,11 @@ blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 # Self Service Response Kafka Message Producer blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092 + + +# Used in Health Check +endpoints.user.name=ccsdkapps +endpoints.user.password=ccsdkapps blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index 6cfc933303..8e9b6db2af 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -71,6 +71,7 @@ spec: value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: httpGet: @@ -79,8 +80,9 @@ spec: httpHeaders: - name: Authorization value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml index cb6d191eb8..96fc70c6d5 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml @@ -62,7 +62,8 @@ dmaapEnabled: true # probe configuration parameters liveness: initialDelaySeconds: 120 - periodSeconds: 10 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -70,6 +71,7 @@ liveness: readiness: initialDelaySeconds: 120 periodSeconds: 10 + timeoutSeconds: 20 service: http: diff --git a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml index 659eddbaef..bbeeea26bb 100755 --- a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml @@ -57,12 +57,14 @@ spec: port: {{ .Values.service.grpc.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.grpc.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml index 469864629d..5bc0381da2 100755 --- a/kubernetes/cds/charts/cds-command-executor/values.yaml +++ b/kubernetes/cds/charts/cds-command-executor/values.yaml @@ -56,8 +56,9 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 20 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -65,6 +66,7 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 20 service: type: ClusterIP diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index a0dc0e8fbe..fec878960c 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -50,8 +50,9 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 20 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true diff --git a/kubernetes/clamp/charts/mariadb/values.yaml b/kubernetes/clamp/charts/mariadb/values.yaml index 5f31c79bdf..8bf6100563 100644 --- a/kubernetes/clamp/charts/mariadb/values.yaml +++ b/kubernetes/clamp/charts/mariadb/values.yaml @@ -70,7 +70,7 @@ persistence: ## GKE, AWS & OpenStack) ## # storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: clamp/mariadb/data diff --git a/kubernetes/clamp/resources/config/nginx.conf b/kubernetes/clamp/resources/config/nginx.conf index ce94eff70f..da7978ad01 100644 --- a/kubernetes/clamp/resources/config/nginx.conf +++ b/kubernetes/clamp/resources/config/nginx.conf @@ -4,8 +4,10 @@ server { ssl_protocols TLSv1.2; ssl_certificate /etc/ssl/clamp.pem; ssl_certificate_key /etc/ssl/clamp.key; + ssl_verify_client optional_no_ca; location /restservices/clds/ { proxy_pass https://clamp-backend:443; + proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; } location / { diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index a01524c42f..012a4e13ce 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -11,7 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - + +apiVersion: v1 name: etcd home: https://github.com/coreos/etcd version: 5.0.0 diff --git a/kubernetes/common/mariadb-galera/templates/pvc.yaml b/kubernetes/common/mariadb-galera/templates/pvc.yaml deleted file mode 100644 index e27c3311e9..0000000000 --- a/kubernetes/common/mariadb-galera/templates/pvc.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index ae5f7c5a81..514bccc785 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -106,7 +106,7 @@ spec: - name: {{ template "common.name" . }}-data mountPath: /var/lib/cassandra resources: -{{ toYaml .Values.resources | indent 10 }} +{{ include "common.resources" . | indent 12 }} volumes: - name: localtime hostPath: diff --git a/kubernetes/common/music/charts/music-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml index d18dc68e67..f0888c12e6 100644 --- a/kubernetes/common/music/charts/music-cassandra/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra/values.yaml @@ -110,10 +110,22 @@ persistence: storageType: local storageClass: "" +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi + small: + limits: + cpu: 500m + memory: 1.2Gi + requests: + cpu: 160m + memory: 900Mi + large: + limits: + cpu: 4 + memory: 10Gi + requests: + cpu: 2 + memory: 6Gi + unlimited: {} diff --git a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml index 2e04b15561..2a38a6aad0 100755 --- a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml @@ -40,7 +40,7 @@ spec: - /root/ready.py args: - --container-name - - zookeeper + - zookeeper env: - name: NAMESPACE valueFrom: @@ -101,7 +101,7 @@ spec: mountPath: /opt/app/music/etc/music.properties subPath: music.properties resources: -{{ toYaml .Values.resources | indent 10 }} +{{ include "common.resources" . | indent 12 }} volumes: - name: shared-data emptyDir: {} diff --git a/kubernetes/common/music/charts/music-tomcat/values.yaml b/kubernetes/common/music/charts/music-tomcat/values.yaml index 05a1b17169..b91ffbd4e4 100755 --- a/kubernetes/common/music/charts/music-tomcat/values.yaml +++ b/kubernetes/common/music/charts/music-tomcat/values.yaml @@ -81,14 +81,26 @@ service: ingress: enabled: false -#resources: {} +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 2 - memory: 1Gi + small: + limits: + cpu: 900m + memory: 460Mi + requests: + cpu: 550m + memory: 360Mi + large: + limits: + cpu: 4 + memory: 2Gi + requests: + cpu: 2 + memory: 1Gi + unlimited: {} + properties: @@ -100,4 +112,3 @@ properties: # Admin API # ONAP AAF aafAdminUrl: - diff --git a/kubernetes/common/music/charts/zookeeper/values.yaml b/kubernetes/common/music/charts/zookeeper/values.yaml index ea02e6151e..550dbf272b 100644 --- a/kubernetes/common/music/charts/zookeeper/values.yaml +++ b/kubernetes/common/music/charts/zookeeper/values.yaml @@ -54,23 +54,23 @@ ports: protocol: TCP # Protocol for zookeeper container server port. # Resource Limit flavor -By Default using small -flavor: large +flavor: small # Segregation for Different environment (Small and Large) resources: small: limits: - cpu: 1 - memory: 1Gi + cpu: 500m + memory: 900Mi requests: - cpu: 500m - memory: 500Mi + cpu: 10m + memory: 730Mi large: limits: cpu: 3 memory: 2Gi requests: - cpu: 2 - memory: 1Gi + cpu: 2 + memory: 1Gi unlimited: {} nodeSelector: {} # Node label-values required to run zookeeper pods. @@ -78,7 +78,7 @@ nodeSelector: {} # Node label-values required to run zookeeper pods. tolerations: [] # Node taint overrides for zookeeper pods. affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods. -affinity: +affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - topologyKey: "kubernetes.io/hostname" diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml index 79fe5104b2..09012ead47 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/awx/charts/awx/values.yaml b/kubernetes/contrib/charts/awx/charts/awx/values.yaml index 5974de32ff..ffacea54a0 100755 --- a/kubernetes/contrib/charts/awx/charts/awx/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx/values.yaml @@ -76,7 +76,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 5Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml index f2def04359..1db2457171 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index d1b9170e69..00a285bd3d 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -101,8 +101,8 @@ default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - holmes_rules: onap/holmes/rule-management:1.2.6 - holmes_engine: onap/holmes/engine-management:1.2.5 + holmes_rules: onap/holmes/rule-management:1.2.7 + holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index bcfefe93cf..e43182daa3 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: true +UseAAF: {{ .Values.global.aafEnabled }} # csit: stubs out some southbound APIs for csit csit: No diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index fffd4db847..f362f1c901 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -31,11 +31,8 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostAliases: - - ip: "10.12.5.145" - hostnames: - - "aaf-onap-test.osaaf.org" initContainers: +{{- if .Values.global.aafEnabled }} - command: - /root/ready.py args: @@ -50,7 +47,8 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-aaf-readiness -{{ if .Values.PG.enabled }} +{{- end }} +{{- if .Values.PG.enabled }} - command: - /root/ready.py args: @@ -73,7 +71,7 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - {{if eq .Values.liveness.enabled true }} + {{ if eq .Values.liveness.enabled true -}} livenessProbe: httpGet: port: {{ .Values.service.internalPort }} @@ -92,7 +90,6 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath - name: {{ include "common.name" . }}-config @@ -100,9 +97,8 @@ spec: - name: {{ include "common.name" . }}-aaf-config mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props subPath: org.onap.dmaap-bc.props - resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties deleted file mode 100644 index 043bb8bced..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_key_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=)OBvCd{e{aWq.^mJJdX:S:1& - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 4379dfbf1d..3a95b5a221 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -71,43 +71,19 @@ SpoolDir=/opt/app/datartr/spool # # The path to the redirection data file # -#RedirectionFile: etc/redirections.dat +RedirectionFile = etc/redirections.dat # # The type of keystore for https -# -KeyStoreType=jks -# -# The path to the keystore for https -# -KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -# -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -# -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https -# -TrustStoreType=jks -# -# The path to the truststore for https -# -TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -# -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& +TrustStoreType = jks # # The path to the file used to trigger an orderly shutdown -# -QuiesceFile=etc/SHUTDOWN +QuiesceFile = etc/SHUTDOWN # # The key used to generate passwords for node to node transfers -# -NodeAuthKey=Node123! +NodeAuthKey = Node123! # # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 @@ -121,9 +97,9 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-locate:8095 -# # AAF CADI enabled flag CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml index 016a6ea023..90a9c2c26b 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml @@ -58,4 +58,27 @@ spec: storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }} \ No newline at end of file + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }} +--- +{{- if .Values.global.aafEnabled }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-aaf-props-pv +spec: + capacity: + storage: {{ .Values.persistence.aafCredsSize }} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }} +{{ end -}} \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index a190d0d7d2..9dd5f20748 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -45,6 +45,38 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-dr-node-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props-pvc + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + {{- end }} - name: {{ include "common.name" . }}-permission-fixer image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -53,7 +85,11 @@ spec: name: {{ include "common.fullname" . }}-spool-data-pvc - mountPath: {{ .Values.persistence.eventLogsPath }} name: {{ include "common.fullname" . }}-event-logs-pvc - command: ["chown","-Rf","1000:1001", "/opt/app/datartr"] + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props-pvc + {{- end }} + command: ["chown","-Rf","1000:1001", "/opt/app/"] containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -74,6 +110,10 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props-pvc + {{- end }} - mountPath: {{ .Values.persistence.spoolPath }} name: {{ include "common.fullname" . }}-spool-data-pvc - mountPath: {{ .Values.persistence.eventLogsPath }} @@ -84,16 +124,13 @@ spec: - mountPath: /opt/app/datartr/etc/node.properties name: {{ include "common.fullname" . }}-config subPath: node.properties - - mountPath: /opt/app/datartr/etc/drNodeCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drNodeCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -101,8 +138,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -126,8 +163,6 @@ spec: items: - key: node.properties path: node.properties - - key: drNodeCadi.properties - path: drNodeCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -140,6 +175,10 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-props-pvc + emptyDir: {} + {{- end }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-spool-data-pvc @@ -167,3 +206,18 @@ spec: selector: matchLabels: name: {{ include "common.fullname" . }}-event-logs-pv +{{- if .Values.global.aafEnabled }} + - metadata: + name: {{ include "common.fullname" . }}-aaf-props-pvc + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: [ {{ .Values.persistence.accessMode }} ] + storageClassName: {{ include "common.fullname" . }}-aaf-props-stcl + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} + selector: + matchLabels: + name: {{ include "common.fullname" . }}-aaf-props-pv +{{- end }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index b5e459b6b9..01309acfe4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -17,14 +17,12 @@ ################################################################# global: loggingDirectory: /var/log/onap/datarouter - busyBoxImage: busybox:1.30 - busyBoxRepository: docker.io ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.2 +image: onap/dmaap/datarouter-node:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -58,13 +56,28 @@ persistence: mountPath: /dockerdata-nfs spoolMountSubPath: data-router/dr-node/spool-data - spoolSize: 1Gi + spoolSize: 2Gi spoolPath: /opt/app/datartr/spool eventLogsMountSubPath: data-router/dr-node/event-logs - eventLogSize: 1Gi + eventLogSize: 2Gi eventLogsPath: /opt/app/datartr/logs + aafCredsMountSubPath: data-router/dr-node/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-node + fqi: dmaap-dr-node@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties deleted file mode 100644 index 79abe22a6a..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_key_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=+mzf@J.D^;3!![*Xr.z$c#?b - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index 210fb7c75f..c7714d33a4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -27,12 +27,8 @@ org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaa org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.internalPort2}} org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc @@ -61,6 +57,3 @@ org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe -# AAF URL to connect to AAF server -org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-locate:8095 - diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 98ad9a373e..a1d148d88b 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -31,20 +31,59 @@ spec: spec: hostname: {{ .Values.global.dmaapDrProvName }} initContainers: - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.config.dmaapDrDb.mariadbContName }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.config.dmaapDrDb.mariadbContName }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-dr-prov-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + - name: {{ include "common.name" . }}-permission-fixer + image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + command: ["chown","-Rf","1000:1001", "/opt/app/"] + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -64,22 +103,23 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + {{- end }} - mountPath: /etc/localtime name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties name: {{ include "common.fullname" . }}-config subPath: provserver.properties - - mountPath: /opt/app/datartr/etc/drProvCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drProvCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -87,8 +127,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -110,8 +150,6 @@ spec: items: - key: provserver.properties path: provserver.properties - - key: drProvCadi.properties - path: drProvCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -122,5 +160,10 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-config-vol + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-aaf-props + {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index 7b71bb03a2..acf87b81a9 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -39,12 +39,10 @@ spec: {{ end }} - name: REQUESTID value: "{{.Chart.Name}}-post-install" - volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath # NOTE: the basename of the subdirectory is important - it matches the DBCL API URI diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml new file mode 100644 index 0000000000..b82e67673a --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml @@ -0,0 +1,41 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} +{{- if .Values.global.aafEnabled }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-aaf-props + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-aaf-props +spec: + capacity: + storage: {{ .Values.persistence.aafCredsSize}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }} +{{ end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml new file mode 100644 index 0000000000..6ff9e6d615 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml @@ -0,0 +1,45 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} +{{- if .Values.global.aafEnabled }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-aaf-props + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl" + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} +{{ end -}} \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 7a94fdb2cd..734ab72c03 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -38,7 +38,7 @@ metadata: spec: type: {{ .Values.config.dmaapDrProv.servicetype }} ports: - {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} + {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} {{- if .Values.global.allow_http }} - port: {{ .Values.global.dmaapDrProvExtPort }} targetPort: {{ .Values.config.dmaapDrProv.internalPort }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 195bcb47be..8c81f1ef43 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.2 +image: onap/dmaap/datarouter-prov:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -52,31 +52,17 @@ readiness: ## Persist data to a persitent volume persistence: - enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountPath: /dockerdata-nfs + + aafCredsMountSubPath: data-router/dr-prov/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local ingress: enabled: false -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - config: # dr provisioning server configuration dmaapDrProv: @@ -111,3 +97,33 @@ mariadb: size: 1Gi mountSubPath: data-router/dr-db-data disableNfsProvisioner: true + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-prov + fqi: dmaap-dr-prov@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f6d67214a6..21524ef30c 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -70,7 +70,7 @@ spec: timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: enableCadi - value: "true" + value: "{{ .Values.global.aafEnabled }}" volumeMounts: - mountPath: /etc/localtime name: localtime @@ -88,7 +88,7 @@ spec: subPath: mykey name: mykey resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 86c2fe970c..4c0d8d584e 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -25,6 +25,8 @@ global: loggingImage: beats/filebeat:5.5.0 clientImage: onap/dmaap/dbc-client:1.0.9 repository: nexus3.onap.org:10001 + busyBoxImage: busybox:1.30 + busyBoxRepository: docker.io #Global DMaaP app config allow_http: true @@ -38,6 +40,13 @@ global: dmaapDrProvExtPort2: 443 dmaapDrProvExtPort: 80 + #AAF global config overrides + aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.15 + aafAppNs: org.osaaf.aaf + aafLocatorContainer: oom + + #Component overrides message-router: diff --git a/kubernetes/log/charts/log-elasticsearch/values.yaml b/kubernetes/log/charts/log-elasticsearch/values.yaml index 9c3525aec8..11e37272df 100644 --- a/kubernetes/log/charts/log-elasticsearch/values.yaml +++ b/kubernetes/log/charts/log-elasticsearch/values.yaml @@ -75,7 +75,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: log/elasticsearch/data @@ -113,4 +113,4 @@ resources: requests: cpu: 1 memory: 4Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml index e7117d7e9f..3c7b1d3a65 100644 --- a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml @@ -26,8 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image -repository: registry.hub.docker.com -image: onap/multicloud-k8s:0.5.0 +repository: nexus3.onap.org:10001 +image: onap/multicloud/k8s:0.5.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/nbi/charts/mariadb/Chart.yaml b/kubernetes/nbi/charts/mariadb/Chart.yaml deleted file mode 100644 index 06ac100abb..0000000000 --- a/kubernetes/nbi/charts/mariadb/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP NBI MariaDB Service -name: mariadb -version: 5.0.0 diff --git a/kubernetes/nbi/charts/mariadb/requirements.yaml b/kubernetes/nbi/charts/mariadb/requirements.yaml deleted file mode 100644 index 56097c0af4..0000000000 --- a/kubernetes/nbi/charts/mariadb/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~5.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/nbi/charts/mariadb/templates/NOTES.txt b/kubernetes/nbi/charts/mariadb/templates/NOTES.txt deleted file mode 100644 index 4d3c96fcd9..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/NOTES.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada , Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/nbi/charts/mariadb/templates/deployment.yaml b/kubernetes/nbi/charts/mariadb/templates/deployment.yaml deleted file mode 100644 index b432d0e431..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/deployment.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_DATABASE - value: "{{ .Values.config.db.database }}" - - name: MYSQL_USER - value: "{{ .Values.config.db.user }}" - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/lib/mysql - name: mariadb-data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/nbi/charts/mariadb/templates/pv.yaml b/kubernetes/nbi/charts/mariadb/templates/pv.yaml deleted file mode 100644 index 4645f473a6..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/pv.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} diff --git a/kubernetes/nbi/charts/mariadb/templates/pvc.yaml b/kubernetes/nbi/charts/mariadb/templates/pvc.yaml deleted file mode 100644 index 19ea299872..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/nbi/charts/mariadb/templates/secrets.yaml b/kubernetes/nbi/charts/mariadb/templates/secrets.yaml deleted file mode 100644 index 254d86f8ee..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/secrets.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-user-password: {{ .Values.config.db.password | b64enc | quote }} - db-root-password: {{ .Values.config.db.root_password | b64enc | quote }} diff --git a/kubernetes/nbi/charts/mariadb/templates/service.yaml b/kubernetes/nbi/charts/mariadb/templates/service.yaml deleted file mode 100644 index 99a7128f3e..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/nbi/charts/mariadb/values.yaml b/kubernetes/nbi/charts/mariadb/values.yaml deleted file mode 100644 index 70fa143b9a..0000000000 --- a/kubernetes/nbi/charts/mariadb/values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: mariadb:10.3.14 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -# Example: -config: - db: - user: nbi_user - password: nbi_user - root_password: change_me - database: maria -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mariadb/data - -service: - type: ClusterIP - name: policydb - portName: policydb - internalPort: 3306 - -ingress: - enabled: false - -# Resource Limit flavor -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 20m - memory: 400Mi - unlimited: {} diff --git a/kubernetes/nbi/requirements.yaml b/kubernetes/nbi/requirements.yaml index b440b1e30f..c4d65a791d 100644 --- a/kubernetes/nbi/requirements.yaml +++ b/kubernetes/nbi/requirements.yaml @@ -23,4 +23,6 @@ dependencies: - name: mongo version: ~5.x-0 repository: '@local' - + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index 889e25e623..dc66319e7c 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -54,9 +54,9 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: SPRING_DATASOURCE_URL - value: jdbc:mariadb://{{ .Values.mariadb.service.name }}.{{ include "common.namespace" . }}:{{.Values.mariadb.service.internalPort }}/{{ .Values.mariadb.config.db.database }} + value: jdbc:mariadb://{{ index .Values "mariadb-galera" "service" "name" }}.{{ include "common.namespace" . }}:3306/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} - name: SPRING_DATASOURCE_USERNAME - value: {{ .Values.mariadb.config.db.user }} + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: @@ -77,7 +77,7 @@ spec: - name: NBI_URL value: "http://nbi.{{ include "common.namespace" . }}:8080/nbi/api/v4" - name: SDC_HOST - value: "http://sdc-be.{{ include "common.namespace" . }}:8080" + value: "https://sdc-be.{{ include "common.namespace" . }}:8443" - name: SDC_HEADER_ECOMPINSTANCEID value: {{ .Values.config.ecompInstanceId }} - name: SDC_HEADER_AUTHORIZATION diff --git a/kubernetes/nbi/templates/secrets.yaml b/kubernetes/nbi/templates/secrets.yaml index c29cb1cf0e..ea6ae8296e 100644 --- a/kubernetes/nbi/templates/secrets.yaml +++ b/kubernetes/nbi/templates/secrets.yaml @@ -24,5 +24,5 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-user-password: {{ .Values.mariadb.config.db.password | b64enc | quote }} - db-root-password: {{ .Values.mariadb.config.db.root_password | b64enc | quote }} + db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }} + db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 494cf7372d..28a5f8d17d 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -44,21 +44,20 @@ config: openStackRegion: RegionOne openStackVNFTenantId: 31047205ce114b60833b23e400d6a535 -mariadb: - nameOverride: nbi-mariadb - service: - name: nbi-mariadbhost - internalPort: 3306 +mariadb-galera: config: - db: - database: nbi - user: rene - password: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb - root_password: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs + userName: rene + userPassword: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb + mariadbRootPassword: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs + mysqlDatabase: nbi + nameOverride: nbi-galera + service: + name: nbi-galera + portName: nbi-galera + replicaCount: 1 persistence: - mountSubPath: nbi/maria/data enabled: true - disableNfsProvisioner: true + mountSubPath: nbi/maria/data mongo: nameOverride: nbi-mongo diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index 01c79be6e3..0989a02e2e 100644 --- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -63,5 +63,5 @@ BRMS_UEB_API_KEY= BRMS_UEB_API_SECRET= #Dependency.json file version -BRMS_DEPENDENCY_VERSION=1.4.2 -BRMS_MODELS_DEPENDENCY_VERSION=2.0.2 +BRMS_DEPENDENCY_VERSION=1.5.3 +BRMS_MODELS_DEPENDENCY_VERSION=2.1.4 diff --git a/kubernetes/policy/charts/drools/resources/configmaps/base.conf b/kubernetes/policy/charts/drools/resources/configmaps/base.conf index ba39b0b5ad..22c7d8da6d 100644 --- a/kubernetes/policy/charts/drools/resources/configmaps/base.conf +++ b/kubernetes/policy/charts/drools/resources/configmaps/base.conf @@ -57,6 +57,10 @@ PDPD_CONFIGURATION_PARTITION_KEY= POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP +# Symmetric Key for encoded sensitive data + +SYMM_KEY= + # PAP PAP_HOST=policy-pap @@ -90,3 +94,8 @@ VFC_URL= # SDNC SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations + +# CDS + +CDS_GRPC_HOST={{.Values.cds.grpc.svcName}} +CDS_GRPC_PORT={{.Values.cds.grpc.svcPort}} diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf index 36d3c3b376..57269c18af 100644 --- a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf +++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf @@ -54,3 +54,6 @@ SDNC_PASSWORD={{.Values.sdnc.password}} HEALTHCHECK_USER={{.Values.telemetry.user}} HEALTHCHECK_PASSWORD={{.Values.telemetry.password}} + +CDS_GRPC_USERNAME={{.Values.cds.grpc.user}} +CDS_GRPC_PASSWORD={{.Values.cds.grpc.password}} diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 7daf473db2..9a92ad9769 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -18,5 +18,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/configmaps/*{.zip,store}" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/configmaps/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/configmaps/*.{conf,sh,properties,xml,keyfile}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index fe50249205..b2e82574f3 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -127,6 +127,13 @@ dmaap: key: password: +cds: + grpc: + user: ccsdkapps + password: ccsdkapps + svcName: cds-blueprints-processor-grpc + svcPort: 9111 + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml index 937a5b4afd..3fb63718d7 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml @@ -21,5 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-api/templates/configmap.yaml b/kubernetes/policy/charts/policy-api/templates/configmap.yaml index d90b0c93dc..adf917a942 100644 --- a/kubernetes/policy/charts/policy-api/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-api/templates/configmap.yaml @@ -21,5 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: {{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml index 318ad34491..984fb18b23 100644 --- a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml @@ -21,6 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: {{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} - diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json index 3f33ed95a0..a665c07858 100644 --- a/kubernetes/policy/charts/policy-pap/resources/config/config.json +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -55,6 +55,11 @@ "topic" : "POLICY-PDP-PAP", "servers" : [ "message-router" ], "topicCommInfrastructure" : "dmaap" + }, + { + "topic" : "POLICY-NOTIFICATION", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" }] } } diff --git a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml index 19ce6a8f20..13d993dba9 100644 --- a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml @@ -21,6 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} - +{{ tpl (.Files.Glob "resources/config/*.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml index f689f4d6e8..f725c3add7 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -21,5 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,properties}").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index ec70f4b619..3929e41768 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -24,7 +24,7 @@ global: persistence: {} readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + # application image repository: nexus3.onap.org:10001 image: onap/data-router:1.3.3 @@ -88,7 +88,7 @@ persistence: ## GKE, AWS & OpenStack) ## ## storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: pomba/data-router/logs diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index 00eb921779..8201eff7b1 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -74,7 +74,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: pomba/elasticsearch/data diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 8d9cee0d4e..a0c3d360c9 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -95,11 +95,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 10Gi + cpu: 2.2 + memory: 800Mi requests: - cpu: 1 - memory: 6Gi + cpu: 30m + memory: 460Mi large: limits: cpu: 4 diff --git a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml index 2040794074..96e865d8cf 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml @@ -65,7 +65,7 @@ spec: - name: CASSPASS value: "{{ .Values.config.cassandraPassword }}" - name: JVM_OPTS - value: "{{ .Values.config.cassandraJvmOpts }}" + value: "{{ .Values.config.cassandraJvmOpts }}" - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/portal/charts/portal-cassandra/values.yaml b/kubernetes/portal/charts/portal-cassandra/values.yaml index e08f59b971..65fcdbe84a 100644 --- a/kubernetes/portal/charts/portal-cassandra/values.yaml +++ b/kubernetes/portal/charts/portal-cassandra/values.yaml @@ -98,11 +98,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 8Gi + cpu: 500m + memory: 3.75Gi requests: - cpu: 1 - memory: 4Gi + cpu: 160m + memory: 2.8Gi large: limits: cpu: 4 diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index e6896f17c1..e6aab2a2e3 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -132,11 +132,11 @@ flavor: small resources: small: limits: - cpu: 800m - memory: 1Gi + cpu: 460m + memory: 175Mi requests: - cpu: 400m - memory: 500Mi + cpu: 10m + memory: 100Mi large: limits: cpu: 2 diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 4a0124d7a5..8daa14831f 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -89,11 +89,11 @@ flavor: small resources: small: limits: - cpu: 4 - memory: 10Gi + cpu: 600m + memory: 1.6Gi requests: - cpu: 2 - memory: 5Gi + cpu: 10m + memory: 1.3Gi large: limits: cpu: 8 diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index 37f4294fb4..7a02509737 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -75,10 +75,10 @@ resources: small: limits: cpu: 1 - memory: 4Gi + memory: 430Mi requests: - cpu: 500m - memory: 2Gi + cpu: 1m + memory: 360Mi large: limits: cpu: 2 diff --git a/kubernetes/portal/charts/portal-zookeeper/values.yaml b/kubernetes/portal/charts/portal-zookeeper/values.yaml index c7c8030339..6037d246cf 100644 --- a/kubernetes/portal/charts/portal-zookeeper/values.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/values.yaml @@ -62,11 +62,11 @@ flavor: small resources: small: limits: - cpu: 500m - memory: 600Mi + cpu: 100m + memory: 200Mi requests: - cpu: 250m - memory: 300Mi + cpu: 1m + memory: 80Mi large: limits: cpu: 1 diff --git a/kubernetes/robot b/kubernetes/robot index 3d18bf3cba..5526182fa6 160000 --- a/kubernetes/robot +++ b/kubernetes/robot @@ -1 +1 @@ -Subproject commit 3d18bf3cba8b1b8d021914d4751ea44f7c3e3cd4 +Subproject commit 5526182fa60a7a61c8158c98b6be8dfc66c8330b diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 0bf1bf5d31..31ab7d5eaf 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -60,13 +60,13 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 0a250e4fce..5a67965850 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.5.1 -configInitImage: onap/workflow-init:1.5.1 +image: onap/workflow-backend:1.5.2 +configInitImage: onap/workflow-init:1.5.2 pullPolicy: Always # flag to enable debugging - application support required @@ -43,14 +43,14 @@ config: cassandraAuthenticationEnabled: true cassandraThriftClientPort: 9160 cassandraClientPort: 9042 - sdcProtocol: HTTP - sdcEndpoint: sdc-be:8080 + sdcProtocol: HTTPS + sdcEndpoint: sdc-be:8443 sdcExternalUser: workflow sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U serverSSLEnabled: false serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /etc/server-https-keystore/keystore - serverSSLKeyPassword: password + serverSSLKeyStorePath: etc/org.onap.sdc.p12 + serverSSLKeyPassword: "!ppJ.JvWn0hGh)oVF]([Kv)^" cassandraSSLEnabled: false cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore cassandraTrustStorePassword: password diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index 0be06f3985..1daee714b6 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -75,41 +75,15 @@ spec: value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: KEYSTORE_PASS - {{- if .Values.global.security.keysFromCa }} - valueFrom: - secretKeyRef: - name: mft-sdc - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.keyStorePass}} - {{- end }} + value: "{{ .Values.security.keystorePass}}" - name: TRUSTSTORE_PASS - {{- if .Values.global.security.keysFromCa }} - valueFrom: - secretKeyRef: - name: mft-catruststore - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.trustStorePass}} - {{- end }} + value: "{{ .Values.security.truststorePass}}" - name: TRUSTSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" - name: KEYSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" - - name: TRUSTSTORE_TYPE - value: {{ .Values.security.truststore.type }} - - name: KEYSTORE_TYPE - value: {{ .Values.security.keystore.type }} {{ end }} volumeMounts: - {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - - name: {{ include "common.fullname" . }}-jetty-https-truststore - mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} - subPath: {{ .Values.security.truststoreFilename }} - - name: {{ include "common.fullname" . }}-jetty-https-keystore - mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} - subPath: {{ .Values.security.keystoreFilename }} - {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -123,7 +97,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 91cdead023..54e0e9b229 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.5.1 +image: onap/workflow-frontend:1.5.2 pullPolicy: Always # flag to enable debugging - application support required @@ -41,11 +41,11 @@ config: # https relevant settings. Change in case you have other trust files then default ones. security: - isDefaultStore: true - truststoreType: "JKS" - keystoreType: "JKS" - truststoreFilename: "truststore" - keystoreFilename: "keystore" + isDefaultStore: false + truststoreFilename: "org.onap.sdc.trust.jks" + keystoreFilename: "org.onap.sdc.p12" + keystorePass: "!ppJ.JvWn0hGh)oVF]([Kv)^" + truststorePass: "].][xgtze]hBhz*wy]}m#lf*" storePath: "etc" # default number of instances diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index 397a7d25c7..e8d3743601 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -42,7 +42,7 @@ config: internalPort: 3306 # default number of instances -replicaCount: 1 +replicaCount: 0 nodeSelector: {} diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index 89b0eb4183..a7925b79e5 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.5.2 +image: onap/so/bpmn-infra:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index b643c4ae9e..2ea2cffe27 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -58,6 +58,8 @@ cloud_config: tenant_metadata: true identity_server_type: "KEYSTONE" identity_authentication_type: "RACKSPACE_APIKEY" + project_domain_name: "PROJECT_DOMAIN_NAME" + user_domain_name: "USER_DOMAIN_NAME" DEFAULT_KEYSTONE: identity_url: "{{ .Values.config.openStackKeyStoneUrl }}" mso_id: "{{ .Values.config.openStackUserName }}" @@ -67,6 +69,8 @@ cloud_config: tenant_metadata: true identity_server_type: "KEYSTONE" identity_authentication_type: "USERNAME_PASSWORD" + project_domain_name: "{{ .Values.config.openStackProjectDomainName }}" + user_domain_name: "{{ .Values.config.openStackUserDomainName }}" cloud_sites: Dallas: region_id: "DFW" diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index 57b7fe50b2..4685fd166a 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.5.2 +image: onap/so/catalog-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 @@ -81,6 +81,8 @@ config: openStackServiceTenantName: "service" openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" openStackTenantId: "d570c718cbc545029f40e50b75eb13df" + openStackProjectDomainName: "openStackProjectDomainName" + openStackUserDomainName: "openStackUserDomainName" nodeSelector: {} tolerations: [] affinity: {} diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index 7539e47af9..587dbea7bf 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.5.2 +image: onap/so/so-monitoring:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index c570f5eb45..8dc7e830d2 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.5.2 +image: onap/so/openstack-adapter:1.5.3 pullPolicy: Always repository: nexus3.onap.org:10001 diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index 028d123a31..58e6412847 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.5.2 +image: onap/so/request-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 1259435ec9..2cce8bb2dd 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.5.2 +image: onap/so/sdc-controller:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index e48c9c93e2..d1be03b541 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.5.2 +image: onap/so/sdnc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 1663fb350c..b15a67ffe8 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.5.2 +image: onap/so/vfc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index d29bff28aa..67523bc27f 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -26,7 +26,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vnfm-adapter:1.5.2 +image: onap/so/vnfm-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index ae126fa78e..b4bf248dfe 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -43,7 +43,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.5.2 +image: onap/so/api-handler-infra:1.5.3 pullPolicy: Always replicaCount: 1