From: Krzysztof Opasiak Date: Wed, 5 May 2021 15:58:10 +0000 (+0000) Subject: Merge "[MSB] Simplify cert retrieval script" X-Git-Tag: 9.0.0~291 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=f6465e1e1386cd090ab9a125683304e57f373c19;hp=02f8a81382f039b249fa083cc46030c49512ce3a;p=oom.git Merge "[MSB] Simplify cert retrieval script" --- diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index 9645b20cd2..c2e034204c 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -123,6 +123,16 @@ spec: - containerPort: {{ .Values.service.http.internalPort }} - containerPort: {{ .Values.service.grpc.internalPort }} - containerPort: {{ .Values.service.cluster.internalPort }} + startupProbe: + httpGet: + path: /api/v1/execution-service/health-check + port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + failureThreshold: {{ .Values.startup.failureThreshold }} + periodSeconds: {{ .Values.startup.periodSeconds }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 266032844d..fe60b8023c 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -51,7 +51,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-blueprintsprocessor:1.1.2 +image: onap/ccsdk-blueprintsprocessor:1.1.4 pullPolicy: Always # flag to enable debugging - application support required @@ -77,7 +77,7 @@ config: # dbRootPassExternalSecret # default number of instances -replicaCount: 3 +replicaCount: 1 nodeSelector: {} @@ -89,8 +89,13 @@ dmaapEnabled: true # probe configuration parameters +startup: + initialDelaySeconds: 10 + failureThreshold: 30 + periodSeconds: 10 + liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 0 periodSeconds: 20 timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints @@ -129,7 +134,7 @@ persistence: cluster: # Cannot have cluster enabled if the replicaCount is not at least 3 - enabled: true + enabled: false clusterName: cds-cluster diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index bed223ebcd..f867565915 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-commandexecutor:1.1.2 +image: onap/ccsdk-commandexecutor:1.1.4 pullPolicy: Always # application configuration diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index dfc7e59dda..af042c1605 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -30,7 +30,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-py-executor:1.1.2 +image: onap/ccsdk-py-executor:1.1.4 pullPolicy: Always # default number of instances diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index f6f45b7ad8..e46539fb35 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -29,7 +29,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-sdclistener:1.1.2 +image: onap/ccsdk-sdclistener:1.1.4 name: sdc-listener pullPolicy: Always diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 8120679803..697602f209 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -44,7 +44,7 @@ certInitializer: {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop # application image -image: onap/ccsdk-cds-ui-server:1.1.2 +image: onap/ccsdk-cds-ui-server:1.1.4 pullPolicy: Always # application configuration diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index e92e415414..51fcd08c4a 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -53,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.0 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.2 pullPolicy: Always # probe configuration parameters @@ -66,8 +66,8 @@ liveness: enabled: false readiness: - initialDelaySeconds: 30 - periodSeconds: 30 + initialDelaySeconds: 300 + periodSeconds: 90 path: /ccsdk-app/health scheme: HTTPS @@ -103,11 +103,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 + cpu: 0.6 memory: 1Gi + requests: + cpu: 0.4 + memory: 600Mib large: limits: cpu: 4 diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 22edcff601..aa1daf703f 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -80,9 +80,6 @@ certInitializer: uid: 101 gid: 102 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWORD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 0b2ea9f20c..da983e5b5b 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -69,9 +69,6 @@ certInitializer: uid: 100 gid: 101 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); @@ -146,4 +143,3 @@ resources: cpu: 200m memory: 2Gi unlimited: {} - diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index 50ec8fafea..ef0ea7ae4e 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -44,11 +44,10 @@ certInitializer: app_ns: org.osaaf.aaf credsPath: /opt/app/osaaf/local aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop; - grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_truststore_password=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_truststore_password.pwd; - grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_key_password=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_key_password.pwd; - grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_keystore_password=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_keystore_password.pwd; - grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_keystore_password_p12=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_keystore_password_p12.pwd; + echo "$cadi_truststore_password" > {{ .Values.credsPath }}/cadi_truststore_password.pwd; + echo "$cadi_key_password" > {{ .Values.credsPath }}/cadi_key_password.pwd; + echo "$cadi_keystore_password" > {{ .Values.credsPath }}/cadi_keystore_password.pwd; + echo "$cadi_keystore_password_p12" > {{ .Values.credsPath }}/cadi_keystore_password_p12.pwd; cd {{ .Values.credsPath }}; chmod a+rx *; diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml index c2f4d157c8..c824965955 100644 --- a/kubernetes/policy/components/policy-clamp-fe/values.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml @@ -48,8 +48,6 @@ certInitializer: app_ns: org.osaaf.aaf credsPath: /opt/app/osaaf/local aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop; - export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0); cd {{ .Values.credsPath }}; openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }}; openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }}; diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 09805bd496..6788613ceb 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -105,9 +105,6 @@ certInitializer: uid: 100 gid: 101 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 658fa65a31..4eb37c6106 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -89,9 +89,6 @@ certInitializer: uid: 100 gid: 101 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; echo "export CADI_KEYFILE='{{ .Values.credsPath }}/org.onap.policy.keyfile'" >> {{ .Values.credsPath }}/.ci; diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index ec177d82c1..18e0e3e171 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -83,9 +83,6 @@ certInitializer: uid: 100 gid: 101 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); @@ -172,4 +169,3 @@ resources: cpu: 200m memory: 2Gi unlimited: {} - diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 76b0f3a42a..64c00e9bed 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -74,9 +74,6 @@ certInitializer: uid: 100 gid: 101 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); @@ -155,4 +152,3 @@ resources: cpu: 200m memory: 2Gi unlimited: {} - diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 6f54c6b340..9e5f222f48 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -22,7 +22,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/testsuite:1.7.3 +image: onap/testsuite:1.8.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index 045136aef0..bdaea44938 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -63,9 +63,9 @@ certInitializer: truststoreFile: "org.onap.sdc.trust.jks" permission_user: 352070 permission_group: 35953 - aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass - {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop + aaf_add_config: | + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop ################################################################# # SDC Config part diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 7aad4c13cb..1e269d0552 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -39,9 +39,9 @@ certInitializer: truststoreFile: "org.onap.sdc.trust.jks" permission_user: 352070 permission_group: 35953 - aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass - {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop + aaf_add_config: | + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop ################################################################# # Application configuration defaults. diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 7e4dddd124..d2dd808d86 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -51,9 +51,9 @@ certInitializer: truststoreFile: "org.onap.sdc.trust.jks" permission_user: 352070 permission_group: 35953 - aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass - {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop + aaf_add_config: | + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop ################################################################# # Application configuration defaults. diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml index 4aebe7ab9a..dbd643806c 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml @@ -50,9 +50,9 @@ certInitializer: truststoreFile: "org.onap.sdc.trust.jks" permission_user: 352070 permission_group: 35953 - aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass - {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop + aaf_add_config: | + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop ################################################################# # Application configuration defaults. diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml index ff8aebf6b2..e001f2f5a7 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml @@ -39,9 +39,9 @@ certInitializer: truststoreFile: "org.onap.sdc.trust.jks" permission_user: 352070 permission_group: 35953 - aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass - {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop + aaf_add_config: | + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop ################################################################# # Application configuration defaults.